Browse 547 attributed reviews, viewable separately for our classroom and online training
Review of a book on the Stuxnet worm
The Stuxnet worm was one of the most sophisticated bits of software ever written. Find out exactly how the US and Israel used it to target Iranian uranium centrifuges, and see the implications this has for us all.

Posted by Andy Brown on 31 August 2021

You need a minimum screen resolution of about 700 pixels width to see our blogs. This is because they contain diagrams and tables which would not be viewable easily on a mobile phone or small laptop. Please use a larger tablet, notebook or desktop computer, or change your screen resolution settings.

Review of a book on the Stuxnet worm

The Stuxnet worm was developed (as this book goes to extraordinary lengths to detail) by the Israeli and US governments to target centrifuges enriching uranium in Iran.

Countdown to zero day

"Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon" by Kim Zetter.

 

I found the book a bit hard-going in places: it was strong on detail, but occasionally light on suspense (I felt the author's skills were more tilted towards the investigative in investigative journalism, and less towards the journalism).

Any layperson can read this book, but you'll probably get more out of it if you have a programming background, as Kim Zetter goes into a lot of detail on exactly how the Stuxnet worm worked.

However, the flabbergasting nature of what's revealed makes up for having to wade through the odd page.  Here are some things that should worry all of us:

Consideration Implications
Stolen certificates To bypass anti-virus software Stuxnet hacked into certification agencies and stole digital certificates, making a mockery of the security process on which the Internet depends.
Zero-day vulnerabilities The Stuxnet authors found a host of vulnerabilities in Windows which had never been publicised.  While these have now all been solved, one wonders how many other malicious actors are even now writing hacks for new, unknown vulnerabilities?
Who hacks whom? The Stuxnet worm was a brilliant, targeted virus: if you weren't enriching uranium in specific locations in Iran, you were safe (even if, as is likely, your computer was infected with the virus).  However now that Stuxnet has shown what can be done, we all ought to be praying that its successor is written in the decadent, capitalist West, rather than by a hostile individual or state.

Recommended reading for anyone who feels there isn't enough to worry about in the world today! 

This blog has 0 threads Add post