Sunday, March 13, 2011

Stuxnet article in April Vanity Fair

This month's issue of Vanity Fair magazine (yes, Vanity Fair!) has a long retrospective surveying what we know, and don't know, about the mysterious Stuxnet worm.

Although it's been 8 months since the worm became widely known, and although it has been extensively studied since that time, there is still a large amount of uncertainty about the source of the worm, the forces behind the worm, and what this all means for the future of malware.

In its breathless fashion, Vanity Fair tries to make the case. The opening paragraph claims that

Stuxnet is the new face of 21st-century warfare: invisible, anonymous, and devastating

and the article concludes by painting a bleak picture of war-by-computer:

The wars would often be secret, waged by members of anonymous, elite brain trusts, none of whom would ever have to look an enemy in the eye. For people whose lives are connected to the targets, the results could be as catastrophic as a bombing raid, but would be even more disorienting. People would suffer, but would never be certain about whom to blame.


Unfortunately, after all this time, Stuxnet is still better described by what we don't know, than by what we do. I can't fault the author of the Vanity Fair article, Michael Gross, for lack of effort in trying to understand what's behind the worm. Gross travels to Moscow to meet with Eugene Kaspersky, travels to Hamburg to meet with Ralph Langer, travels to Berlin to meet with Frank Rieger, and gets stone-walled by all sorts of other people: "Mossad could not be reached ... C.I.A. spokesman declined to comment ... National Security Agents representative wrote 'I don't have any information' ... U.S. Cyber Command has nothing further." Gross's strongest quasi-government source is Richard Clarke, who has been out of government for almost a decade.

As Gross observes, there are still two crucial aspects to this story:

  1. Who developed this worm?

  2. Did the worm actually work as intended by its authors?



And there are other, less vital, but still fascinating aspects to the story, such as whether and how the worm was actually uncovered:

From the beginning, many have found it odd that, of all the security companies in the world, an obscure Belarusian firm should be the one to find this threat -- and odder still that the serial rebooting that gave Stuxnet away has been reported nowhere else, as far as most of the worm's top analysts have heard.


All in all, the Stuxnet story continues to be quite intriguing, and the Vanity Fair article does a good job of keeping us up to date with the overall progress of the story.

No comments:

Post a Comment