STUXNET

60 Minutes' ran a story on Stuxnet several months ago and the smile from the former CIA guy they interviewed confirmed it for me. Forget exactly who it was, but he was on the Richard Clarke level of insiderness.

http://www.wired.com/threatlevel/2012/06/flame-microsoft-certificate/

It’s a scenario security researchers have long worried about, a man-in-the-middle attack that allows someone to impersonate Microsoft Update to deliver malware — disguised as legitimate Microsoft code — to unsuspecting users.

And that’s exactly what turns out to have occurred with the recent Flame cyberespionage tool that has been infecting machines primarily in the Middle East and is believed to have been crafted by a nation-state.

According to Microsoft, which has been analyzing Flame, along with numerous antivirus researchers since it was publicly exposed last Monday, researchers there discovered that a component of Flame was designed to spread from one infected computer to other machines on the same network. When uninfected computers update themselves, Flame intercepts the request to Microsoft Update server and instead delivers a malicious executable to the machine that is signed with a rogue, but technically valid, Microsoft certificate.

anyone else seen the gibney doc?

Watched Zero Days last night - thought it was well done, although on the long side. I've personally had my fill of "diving into cyberspace" graphic visualizations so most of my nitpicking is just that. Bias from someone who watches all the hacker documentaries.

Would wholeheartedly recommend it to anyone who hasn't followed the story closely.

apparently all the whizzy code visualisations were at least actually the real stuxnet code

(I liked it too!)

https://www.wired.com/story/crash-override-malware