Links added today to the Stuxnet resources page at /2011/01/23/stuxnet-information-and-resources-3/:
- Eric Byres, Andrew Ginter, Joel Langill: How Stuxnet Spreads – A Study of Infection Paths in Best Practice Systems. I haven't read this yet, as it requires registration and approval which hasn't yet come through, but it looks likely to be worth the wait. Joel Langill also maintains a list of links at http://www.stuxnetcure.com. [Update: I've now been able to register and download the paper, which is definitely worth a read!]
- Tofino Security also has a revised document by Eric Byres and Scott Howard on "Analysis of the Siemens WinCC / PCS 7 “Stuxnet” Malware for Industrial Control System Professionals". Again, you'll need to register before you can read it: www.tofinosecurity.com/stuxnet-central.
- Lee at Security FAQs on With Worms Such As Stuxnet Are We In For A New Level Of Cyber Warfare? (Clearly written high-level summary: I don't altogether agree that the malware didn't affect computers other than those it directly targeted though.)
David Harley CITP FBCS CISSP
ESET Senior Research Fellow