Stuxnet analysis by Langner
Once that rumors emerged that Stuxnet could be targeting industrial control systems, our team downloaded a copy of the malware and started an analysis that ultimately spanned three whole years. During the course of this analysis, we:
– identified that Stuxnet was a targeted cyber-physical attack, aimed at one specific, unique target
– identified that this target was the Iranian nuclear program (something that nobody wanted to believe — for months)
– analyzed the exact details of how this attack, or more accurately: these two attacks, were intended to work.
Videos
The Stuxnet Story
Documents
To kill a centrifuge
A summary of three years of forensic analysis, with a special focus on how the two versions of Stuxnet are dramatically different, and what that means for understanding the campaign.
Stuxnet’s secret Twin
Abbreviated version of “To kill a centrifuge” for Foreign Policy