Son-of-Stuxnet

Article from: InTech, November/December 2012

The past two years have been a real wake-up call for the industrial automation industry. For the first time ever, it has been the target of sophisticated cyber-attacks like Stuxnet, Night Dragon, and Duqu.

Eric Byres; "Defense in Depth: A single cyber defense is the weakest form of cyber protection", InTech, November/December 2012

Article from: Industrial Ethernet Book, February 2012

Today, operators are being asked to isolate automation systems just as ever greater interconnectedness is demanded. Adding to these pressures is the growing fear of cyber attacks such as the infamous Stuxnet.

In this article Eric Byres explains how the ‘zone and conduit’ model included in the ANSI/ISA-99 security standards provides a framework for dealing with network security concerns, including fears of the " Son-of-Stuxnet".

Article from: A&D Magazine, www.AuD24.net (originally published in German)

In this article Eric Byres discusses how SCADA and industrial control systems are vulnerable to cyber attacks, such as Stuxnet and Stuxnet's children.

This vulnerability is unavoidable due to the fact that modern industry depends on electronic information from the outside world to operate. Find out about Eric's suggestions for mitigating this risk.

Article from: Pipeline & Gas Journal, February 2012

In this article Eric Byres discusses Stuxnet the well-designed ICS worm. He discusses what motivates worm creators and hackers, why we can't keep worms such as Stuxnet out of our systems, and how we can move forward in this new era of worms.

Eric Byres; "Next Generation Cyber Attacks Target Oil And Gas SCADA", Pipeline & Gas Journal, February 2012

Presentation from: Tofino Security, October 2011

"SCADA and CIP Security in a Post-Stuxnet World" summarizes a lot of information about the Stuxnet malware and how it has affected SCADA and CIP security. The presentation also goes into detail about the possibilities of a Son-of-Stuxnet.

The presentation is ideal for anyone needing a crash course on Stuxnet, or as a tool for informing management about the implications of it.

Podcast from: ZDNet.com, May 23, 2011

In this AusCERT-related podcast, Stilgherrian, Writer for ZDNet, interviews Eric Byres as he talks about the likelihood of seeing a "Son-of-Stuxnet" worm within the next year.

Other topics of the podcast about AusCERT include the insecurities of internet routing and the drama that started with a Facebook hack and ended with a journalist being arrested.

Podcast: Stuxnet, routing hacks and a seized iPad