Links to two Stuxnet-related stories have been added to the resources page at /2011/01/23/stuxnet-information-and-resources-3/. Kim Zetter, in Wired's "Threat Level" column Report: Stuxnet Hit 5 Gateway Targets on Its Way to Iranian Plant, summarizes the latest update to Symantec's Threat Dossier. Symantec researchers now believe that Stuxnet targeted five organizations in Iran as staging posts
...the conclusion does support what does appear to be the official Iranian line that this was an attack against Iranian nuclear operations, but that it wasn't successful...
Added to the Stuxnet (3) resources page at http://blog.eset.com/2011/01/23/stuxnet-information-and-resources-3.
…an article by William Gibson (yes, that William Gibson) draws a connection between Brain (a 25-year-old PC virus) and Stuxnet. 25 Years of Digital Vandalism. He doesn't seem to think much of Stuxnet, drawing a much-to-the-point riposte from Bob McMillan: http://twitter.com/#!/bobmcmillan/status/30533396702699520. Links added to Stuxnet Information and Resources (3). David Harley CITP FBCS CISSP ESET
This is the 3rd volume of an ongoing Stuxnet resources blog article, supplementing our paper "Stuxnet Under the Microscope".
@imaguid microblogged today about his annoyance at "the analysts and journalists who breathlessly fawn over #stuxnet", and suggested that we call it even.
Added to the Stuxnet resources article 19th January 2011...
Added to the Stuxnet resources page today ... something of a second wave of commentary that's a little more cautious about accepting the NYT's conclusions.
While most of the recent media interest in Stuxnet has centred on the New York Times story, there's been some thoughtful research published that considers it as just one aspect of larger issues: cyberwarfare, cyberespionage, cybersabotage and so on.
...The NYT article strikes me as being well-researched, well-written, and well worth reading, and the involvement of Dimona is more plausible than much of the speculation I've seen, but it's still hard to distinguish hard fact from sheer guesswork...
...today's New York Times article "Israel Tests on Worm Called Crucial in Iran Nuclear Delay" ... is a notable addition to the information and commentary on this aspect of the Stuxnet phenomenon...
Tony Dyhouse writes in SC Magazine about the political implications for the security community of the Stuxnet and Wikileaks incidents. The link has also been added to the Stuxnet resources post at /2011/01/03/stuxnet-information-and-resources/5731 on 14th January 2011.. David Harley CITP FBCS CISSP
Added to the resources blog at http://blog.eset.com/2011/01/03/stuxnet-information-and-resources: Report of a Stuxnet-unrelated vulnerability in SCADA software A speculative cyberwar link Some links on Iranian post-Stuxnet "cybermilitia" recruitment. http://www.itworld.com/security/133469/iran-responds-stuxnet-expanding-cyberwar-militia http://blogs.forbes.com/jeffreycarr/2011/01/12/irans-paramilitary-militia-is-recruiting-hackers/?boxes=financechannelforbes David Harley CITP FBCS CISSP
...version 1.31 of "Stuxnet Under the Microscope" is now available on the white papers page ... Until now Rooting about in TDSS was only available to VB subscribers, but it too is now available on the ESET white papers page.
The Stuxnet analysis "Stuxnet Under the Microscope" ... has, unlike most ESET white papers, been subject to a number of revisions as we've come to know more about the malware itself, and as the purposes of its perpetrators have become clearer. However, since all the known vulnerabilities exploited by Stuxnet have now been patched, version 1.3x of the document is likely to be the last substantial revision.
...given the amount of detailed analysis that's already available (and I mean substantial blocks of reverse-engineered code, not high-level analysis and code snippets and descriptions), I'm not sure that anyone with malicious intent and a smidgen of technical skill would need the original code...
