The subtitle is “Stuxnet and the Launch of the World’s First Digital Weapon”. I was cautious about this book, fearing that it would induce eye-rolls at oversimplifications of the technology involved. To the contrary, I was pleasantly surprised at the level of technical acumen that the author shows. Readers will come away with a thorough understanding of how Stuxnet was created, deployed, and eventually discovered.
One way to read this book is as the post-mortem for the delivery of a very successful piece of software. “Real artists ship,” and the authors of Stuxnet were undeniably clever. Tracing the iterative development and ingenious distribution mechanisms is a great lesson for anyone interested in shipping software (legitimate or otherwise).
Another way to view the book is as a detailed case study in incident response. The researchers who systematically uncovered the clues in Stuxnet’s source code combined art and science to compile a compelling case for its origins in the U.S. and Israeli intelligence communities. In this vein, the book can be seen as a companion to Apollo 13: required reading for anyone who holds the responsibility of maintaining and defending software systems.