Analysis of Stuxnet malware (and implication of Cyber Warfare)

This malware uses four 0day vulnerabilities, stolen device driver certs, and specifically targets industrial control systems. I'll be very interested to see who it turns out was the target of this attack.<p>Some more info here: <a href="http://www.symantec.com/connect/blogs/stuxnet-introduces-first-known-rootkit-scada-devices" rel="nofollow">http://www.symantec.com/connect/blogs/stuxnet-introduces-fir...</a>

Wow this is some next-generation William Gibson-esq shit right here.<p>As far as who its attacking if the PLC payloads could be unencrypted it might reveal that they attack a certain kind of device, or perhaps in a certain installation or configuration. Finding out exactly what those payloads doing will be the most interesting, and revealing of all. The Symantec article says that the payloads have changed over time, as well.

It's impossible to identify any one target as being "the one" that Stuxnet was after like the author tries to do in this article. There were tens of thousands of Stuxnet infections spread throughout the Middle East and Europe at the time it was discovered. Stuxnet is a piece of malware, it's reusable, and it was clearly a component of many successful intrusions into control system networks rather than part of a single attack.