... albeit more slowly than previously. Added to the resources page at https://www.welivesecurity.com/2011/01/23/stuxnet-information-and-resources-3 today:
A nice article by Mark Russinovich on Analyzing a Stuxnet Infection with the Sysinternals Tools, Part 1. Though I don't think Stuxnet is universally acknowledged as the most sophisticated malware ever. See, for instance, http://gcn.com/articles/2011/01/18/black-hat-stuxnet-not-superworm.aspx. (Hat tip to Security Garden for the pointer.)
Eugene Kaspersky suggests that it's easy for blackhats to repurpose Stuxnet's code to attack other systems, and brings in some tenuously related earlier problems (power failures on the US East Coast in 2003, the Spanish air-crash in 2008). I'm not convinced... The payload is not so easy to analyse, let alone to port it to a different environment, while the 0-days are no longer 0-days or anything like it. http://computerworld.co.nz/news.nsf/news/cut-price-stuxnet-successors-possible-kaspersky (Hat tip to Steve Gold for the pointer.)
Ralph Langner's TED talk on "Cracking Stuxnet" is online: http://on.ted.com/Stuxnet
(ISC)2 Government Advisory Board Executive Writers Bureau, not altogether accurately on some of the technical points, on How Stuxnet changed the security game. Interesting read, though.
David Harley CITP FBCS CISSP
ESET Senior Research Fellow
