Stuxnet Malware Research – Recommended Papers

The Stuxnet worm has captured the headlines of many technical and mass-market publications. The world’s fascination with this malware specimen is due, in part, to it targeting of specific Industrial Control Systems and, in part, because of the sophistication of its infection capabilities.

Much has been written about Stuxnet. Here are my favorite 5 papers and articles about this worm:

Stuxnet makes for a fascinating case study of both the motivation and capabilities of attackers and also the approaches for resisting and responding to infections of this nature in an enterprise environment.

Update 1: Symantec released an excellent paper exploring Stuxnet capabilities that were not yet known to the community (PDF by Nicolas Falliere, Liam Murchu and Eric Chie).

Update 2: Andrew Ruef published an insightful note that questions the conclusions drawn from the analysis of Stuxnet malware.

Lenny Zeltser

Updated

About the Author

Lenny Zeltser develops products and programs that use security to achieve business results. He is the CISO at Axonius and Faculty Fellow at SANS Institute. Lenny has been leading efforts to establish resilient security practices and solve hard security problems for over two decades. A respected author and practitioner, he has been advancing tradecraft and contributing to the community. His insights build upon real-world experience, a Computer Science degree from the University of Pennsylvania, and an MBA degree from MIT Sloan.

Learn more