[Update 23rd January 2011: volume 3 of this resource has just kicked off at Stuxnet Information and Resources (3): volume 1 is at Stuxnet Information and Resources (1).]
@imaguid microblogged today about his annoyance at "the analysts and journalists who breathlessly fawn over #stuxnet", and suggested that we call it even. I hope he won't think I'm fawning by maintaining resource lists in the ThreatBlog, but while I agree that the sheer volume of speculative material generated around it has become somewhat over-intense, it's clear that a lot of people are finding the earlier resource at Stuxnet Information and Resources (1) useful. However, it's also getting rather long and unwieldy, so I've added the present blog, which includes all the links added to that page that weren't included in version of 1.31 of our Stuxnet analysis "Stuxnet Under the Microscope" by Aleksandr Matrosov, Eugene Rodionov, David Harley, and Juraj Malcho. This includes some links added this morning (20th January 2011). Further links will be added to volume 3 of this series of resources (which doesn't exist at this moment) and there'll probably be an expanded PDF version at some point.
- Two VB presentation links appended on 5th January 2011. And one more from the Washington Times.
- http://www.virusbtn.com/pdf/conference_slides/2010/Raiu-VB2010.pdf
- http://www.virusbtn.com/pdf/conference_slides/2010/OMurchu-VB2010.pdf
- LEVINE: Malware warfare made us all safer. Stuxnet for Nobel Peace Prize: http://www.washingtontimes.com/news/2011/jan/4/malware-warfare-made-us-all-safer/
- Report of a Stuxnet-unrelated vulnerability in SCADA software, a speculative cyberwar link, and some links on Iranian post-Stuxnet "cybermilitia" recruitment appended, 12th January 2011.
- http://threatpost.com/en_us/blogs/china-sleeps-stuxnet-scada-bug-011011
- http://print.dailymirror.lk/other/mirror-education/142-education/32813.html
- http://www.itworld.com/security/133469/iran-responds-stuxnet-expanding-cyberwar-militia
- http://blogs.forbes.com/jeffreycarr/2011/01/12/irans-paramilitary-militia-is-recruiting-hackers/?boxes=financechannelforbes
- Tony Dyhouse writes in SC Magazine about the political implications for the security community of the Stuxnet and Wikileaks incidents. Link appended 14th January 2011.
- 16th January 2011: appended article "Israel Tests on Worm Called Crucial in Iran Nuclear Delay" by William J. Broad, John Markoff and David E. Sanger.
- 17th January 2011: appended several links relating to the New York Times article flagged on the 16th January – one from Heise (in English), one from The Register, plus three links from the Spanish press courtesy of Josep Albors (and Josep's own blog on the subject). The Register and SC Computing commented on a study by OECD (Organization for Economic Cooperation and Development) scientists: a link to the substantial OECD report by Peter Sommer and Ian Brown on "Reducing System Cybersecurity Risk" is also appended. And F-Secure have a "wrap-up" video up on Youtube, though I think that might be a bit premature (good blog article, though). Heise also have an article on a SCADA-related exploit, not directly related but interesting.
- http://h-online.com/-1170421
- http://www.theregister.co.uk/2011/01/17/stuxnet_israel_connection_fleshed_out/
- http://www.elmundo.es/elmundo/2011/01/16/internacional/1295180388.html
- http://www.gigle.net/stuxnet-podria-haber-sido-creado-por-eeuu-e-israel/
- http://www.elpais.com/articulo/internacional/Israel/disena/virus/informatico/boicotear/programa/nuclear/irani/elpepuint/20110116elpepuint_8/Tes
- http://blogs.protegerse.com/laboratorio/2011/01/17/stuxnet-y-las-teorias-conspiratorias-internacionales/
- http://www.theregister.co.uk/2011/01/17/cyberwar_hype_oecd_study/
- http://www.scmagazineuk.com/report-claims-that-the-use-of-cyber-weaponry-will-shortly-become-ubiqutous-as-threats-increase-but-with-no-cyber-war-on-the-horizon/article/194354/?DCMP=EMC-SCUK_Newswire
- http://www.oecd.org/dataoecd/3/42/46894657.pdf
- http://www.youtube.com/watch?v=gFzadFI7sco&feature=youtu.be
- http://www.h-online.com/security/news/item/SCADA-exploit-the-dragon-awakes-1169689.html
- http://www.f-secure.com/weblog/archives/00002083.html
- 18th January 2011: more articles following on from New York Times story, by Kim Zetter, Bret Stephens and Jeffrey Carr. And a tinfoil special from extendedsubset.com (thanks for the pointer, Aryeh!): added a couple of the links referenced in that blog.
- http://www.wired.com/threatlevel/2011/01/inl-and-stuxnet/
- http://blogs.forbes.com/jeffreycarr/2011/01/17/the-new-york-times-fails-to-deliver-stuxnets-creators/
- http://online.wsj.com/article/SB10001424052748703396604576087632882247372.html?mod=WSJ_Opinion_BelowLEFTSecond
- http://extendedsubset.com/?p=43
- http://graphics8.nytimes.com/packages/pdf/science/NSTB.pdf
- http://www.inl.gov/technicalpublications/Documents/3874574.pdf
- 19th January 2011:
- The H Online: Stuxnet not such a masterpiece after all?
- John Leyden in The Register: Lame Stuxnet worm 'full of errors', says security consultant: My teenage son could code better
- Wayne Madsen: Stuxnet: A Violation of US Computer Security Law – c/p with permission from Wayne Madsen Reports
- Byron Acohido in USA Today: Stuxnet could be Conficker's Cousin.
- 20th January 2011:
- ESET refutes the OECD report in SC Magazine: http://www.scmagazineus.com/cyberwarfare-dismissed-oecd-speaks-others-retweet/article/194543/
- Mike Masnick ponders the movie-like aspects of the Stuxnet saga: http://www.techdirt.com/articles/20110117/02205812696/stuxnet-increasingly-sounding-like-movie-plot.shtml
- Kevin Coleman comments on Iran's attempts to address the problem with a lawsuit against Israel: http://defensetech.org/2011/01/18/cyber-war-crimes/
David Harley CITP FBCS CISSP
ESET Senior Research Fellow
