How Investigators Deciphered Stuxnet

suraj.sun tips a story at Wired that takes an in-depth look into how security researchers tracked down and worked to understand the infamous Stuxnet worm. The article begins: "It was January 2010, and investigators with the International Atomic Energy Agency had just completed an inspection at the uranium enrichment plant outside Natanz in central Iran, when they realized that something was off within the cascade rooms where thousands of centrifuges were enriching uranium. But when the IAEA later reviewed footage from surveillance cameras installed outside the cascade rooms to monitor Iran's enrichment program, they were stunned as they counted the numbers. The workers had been replacing the units at an incredible rate — later estimates would indicate between 1,000 and 2,000 centrifuges were swapped out over a few months. The question was, why?"

Another really good article

[bigredradio]

There was another good article in Vanity Fair

Re:Possibly the coolest cyberwar article I've read

[EvanED]

If you had RTFA (or perhaps with a more critical eye) you'd know that they had no clue about that at that time. When they first went public with it, all they knew was that it was a quite sophisticated attack that went after Step7 controllers. And given that, I definitely agree with them that it was in everyone's best interest to release that information.