Book Review: "Countdown to Zero Day"

"Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon" by Kim Zetter is a phenomenal book documenting the use of Stuxnet and other cyber weapons developed by the United States and Israel. The book contains no code, which makes the entire thing accessible to any reader. At times it dives into advanced rootkit concepts and even explains exploits in detail, satisfying even the most technical readers. I give the book 9 / 10 stars, for being accurate, entertaining, accessible, and yet highly detailed. I recommend the book for anyone into computer security, technical or otherwise, the book is fun and digestible for all levels and professions. Further, the references at the bottom of every page allow the reader to follow any thread they like, to find more details through the original source, something I would love to see in more computer science journalism books. Using these references, the book builds its core points around detailed reverse engineering write-ups, intelligence reports, and geopolitical news briefs, providing sources for every argument it makes. At 450 pages / 13hr audio, and a price from $10 - $25 on amazon, the book offers tremendous value as it is both very current (most of the story having taken place from 2005-2012) but undoubtedly a remarkable tale in computer history. You can read excerpts from the book, reprinted on Wired, where Kim is senior staff. The following is the chapters of the book and while it seems to dance around topics in the beginning, it ties them all up nicely and makes well formed points at the end.

Prologue: The Case of the Centrifuges
Chapter 1: Early Warning
Chapter 2: 500 Kilobytes of Mystery
Chapter 3: Natanz
Chapter 4: Stuxnet Deconstructed
Chapter 5: Springtime for Ahmadinejad
Chapter 6: Digging for Zero Days
Chapter 7: Zero-Day Paydays
Chapter 8: The Payload
Chapter 9: Industrial Controls Out of Controls
Chapter 10: Precision Weapon
Chapter 11: A Digital Plot is Hatched
Chapter 12: A New Fighting Domain
Chapter 13: Digital Warheads
Chapter 14: Son of Stuxnet
Chapter 15: Flame
Chapter 16: Olympic Games
Chapter 17: The Mystery of the Centrifuges
Chapter 18: Qualified Success
Chapter 19: Digital Pandora
Acknowledgements
Index

It shows deep motivation and numerous pieces of evidence that tie Stuxnet directly to The United States and Isreal's cyber offensive operations. Further, the book shows direct ties between the code in Stuxnet and other families of malware, including Duqu, Flame, and Gauss, showing the reader the similarities and differences in the code bases, as well as their evolution over time. I found it shocking how Stuxnet could be such a dangerous cyber weapon and still designed to spread to mass targets in a worm fashion, however this made sense when one learns of the numerous steps Stuxnet takes to verify it has a viable target before deciding to drop its payload or just continue worming. It was also interesting to see the sheer number of 0-days packed into Stuxnet, as well as their strategic placement, each giving the worm a different capability. Similarly, it was cool seeing how the worm would apply root kit like techniques to a SCADA type system, showing the operator normal conditions while maliciously and secretively sending destructive controls to the power plant's centrifuges. Zetter ties tons of peices of evidence together to hypothesize that Stuxnet was created to directly target Iran's nuclear program. At the end of the book, Zetter even suggest the ultimate 'war games' scenario may have finally occurred, with the philosophical 'Pandora's box' of hackers hitting critical infrastructure and having real world impact has been unleashed, and you can't put the cat back in the bag at this point. The following is a detailed breakdown of Stuxnet by Ralph Lagner, who is interviewed in the book, and did much analysis on the payload of Stuxnet. I've decided to include his talk on Stuxnet because I think if you find the worm itself interesting than you will find the book about the worm and surrounding controversy that much more fascinating.