Stuxnet Malware Research – Recommended Papers

The Stuxnet worm has captured the headlines of many technical and mass-market publications. The world’s fascination with this malware specimen is due, in part, to it targeting of specific Industrial Control Systems and, in part, because of the sophistication of its infection capabilities.

Much has been written about Stuxnet. Here are my favorite 5 papers and articles about this worm:

Stuxnet makes for a fascinating case study of both the motivation and capabilities of attackers and also the approaches for resisting and responding to infections of this nature in an enterprise environment.

Update 1: Symantec released an excellent paper exploring Stuxnet capabilities that were not yet known to the community (PDF by Nicolas Falliere, Liam Murchu and Eric Chie).

Update 2: Andrew Ruef published an insightful note that questions the conclusions drawn from the analysis of Stuxnet malware.

Lenny Zeltser

Updated

About the Author

I design practical security solutions and shepherd them to a sustainable state. I used to be hands-on in many areas of cybersecurity and IT. Now I focus on strategy and leadership, treating security as an enabler that helps people and companies achieve their goals. As the CISO of Axonius, I lead the security program to earn customers' trust and fuel the company's growth. Earlier, I built security products and services. I'm also a Faculty Fellow at SANS Institute, where I help professionals develop malware analysis skills.

Learn more