For the past week or so I’ve been reading/watching everything I can on the subject of Stuxnet, it’s been a bit of an obsession. For my own benefit and perhaps for others, I thought I’d catalogue some of the best resources I’ve found that explain both the technology behind Stuxnet, and commentary on the implications of it.

Of course the first place to start would be the wikipedia article on Stuxnet, which does a great job of covering all areas of the discussion. It has an awesome list of references. It would probably be worth checking out the wikipedia articles on the following subjects too, as they will crop up frequently in the following discussions.

• zero-day attacks
• rootkit
• Programmable logic controller (PLC)

The best commentary I’ve found on the subject comes (bizarrely) from the US magazine, Vanity Fair. It’s not so odd when you consider that it’s published by Condé Nast who also publish Wired, and probably share staff writers and content. The article is called “A Declaration of Cyber-War” and if you read nothing else, then this will give you the big picture (although it’s a little bit sensationalist at times).

That is not to say that Wired doesn’t have it’s own coverage of Stuxnet. As you would expect it’s covered in great detail in many of the magazines online channels. The Wired DangerRoom Blog (on US national Security) has an excellent article here on Stuxnet (With Stuxnet, Did The U.S. And Israel Create a New Cyberwar Era?) and the ThreatLevel Blog (Online Security) has ongoing coverage under the Stuxnet Tag (including this particular post (Surveillance Footage and Code Clues Indicate Stuxnet Hit Iran) that discusses the origins and target(s)).

There are many interesting resources on youtube, mainly from the big anti-virus corporations discussing the exploits used by Stuxnet and it’s code structure. the only one I’ll embed here is the talk by Microsoft Engineer, Bruce Dang who (apparently) led the research into the worm’s attack on windows. It’s taken from 27C3 (27th Chaos Communication Congress) and weighs in at nearly an hour long, but is worth every minute.

Some of the other youtube videos worth looking at are:

• Stuxnet: How It Infects PLCs by Symantec
• Stuxnet/Windows shortcut zero-day explained by SophosLabs
• Interview with Ryan Singel from Wired on Attack of the Show
• Al Jazeera report on Stuxnet

There are plenty more videos on youtube on the subject of Stuxnet.

The BBC also has some good coverage, and recently reported (4th March 2011) on claims that the US and Israel were behind Stuxnet. They also earlier (15th Feb 2011) provided commentary on the Symantic report on the spread of the worm and it’s different waves of infection. (Check out the list of related stores at the bottom of the BBC articles for more of their coverage).

In all, there is enough content out there to keep me in reading and research for years to come. I think it’s only really when you get the story from lots of different angles that the you start to see the common truths emerging. To paraphrase the closing statement of the Vanity Fair article on Stuxnet, I think it really will be viewed as a Hiroshma-scale event, marking the start of a global cyber-war arms race that moves beyond simply stealing millions of hotmail passwords, to an era of targeted deployment of sophisticated digital weapons against physical infrastructure.