In January 2010, inspectors with the International Atomic Energy Agency noticed that centrifuges at a uranium enrichment plant in Iran were failing and being replaced at an unprecedented rate. The cause of their failure was a complete mystery.
Five months later, a seemingly unrelated event occurred. A computer security firm in Belarus was called in to troubleshoot some computers in Iran that were caught in a reboot loop—crashing and rebooting repeatedly. At first, technicians with the firm believed the malicious code they found on the machines was a simple, routine piece of malware. But as they and other experts around the world investigated, they discovered a virus of unparalleled complexity and mysterious provenance and intent. They had, they soon learned, stumbled upon the world’s first digital weapon.
Stuxnet, as it came to be known, was unlike any other virus or worm built before: It was the first attack that reached beyond the computers it targeted to physically destroy the equipment those computers controlled. It was an ingenious attack, jointly engineered by the United States and Israel, that worked exactly as planned, until the rebooting machines gave it all away.
And the discovery of Stuxnet was just the beginning: Once the digital weapon was uncovered and deciphered, it provided clues to other tools lurking in the wild. Soon, security experts found and exposed not one but three highly sophisticated digital spy tools that came from the same labs that created Stuxnet. The discoveries gave the world its first look at the scope and sophistication of nation-state surveillance and warfare in the digital age.
Kim Zetter, a senior reporter at Wired, has covered hackers and computer security since 1999 and is one of the top journalists in the world on this beat. She was among the first reporters to cover Stuxnet after its discovery and has authored many of the most comprehensive articles about it. In COUNTDOWN TO ZERO DAY: Stuxnet and the Launch of the World’s First Digital Weapon, Zetter expands on this work to show how the code was designed and unleashed and how its use opened a Pandora’s Box, ushering in an age of digital warfare in which any country’s infrastructure—power grids, nuclear plants, oil pipelines, dams—is vulnerable to the same kind of attack with potentially devastating results. A sophisticated digital strike on portions of the power grid, for example, could plunge half the U.S. into darkness for weeks or longer, having a domino effect on all other critical infrastructures dependent on electricity.
Pretty good for the first 2/3 of the book. Especially interesting if you work in technology. What hurt the book was the last 1/3 of it - in which the author essentially repeated a few things page after page. It was pointless. I have a flaw that makes it very difficult for me NOT to finish a book, and I paid the price on this one.
Countdown to Zero day is an investigation of the Stuxnet computer virus that was launched in 2009 and secondary versions in 2010. Stuxnet (named by Microsoft) is, to this day, one of the only attacks the world has seen using digital technology. This 'weapon' seemingly came from nowhere to attack the uranium processing plants of Iran, plants that were believed to be producing weapons-grade uranium.
The first 75% of the book investigates just what Stuxnet was and how it worked, seeking out the very computers it needed to infect while 'sighting' others and leaving them be. Let's be honest, this virus was brilliant. It affected only what it needed to, it hid for many months, it tricked Microsoft's Autorun feature to seek it out and run it without crashing the system, it shut itself down when it was done or found a machine it did not want and it had a built-in shelf life. Kim Zetter investigates just how the virus was launched and the response to it by the world's superpowers. If the virus was designed to hide, how was it eventually discovered, and have there been any other related attacks?
Stuxnet interrupted work and slowed the uranium production in Iran down considerably but it is far from the virus we are used to on our home computers and office networks. It did not seek to infect and steal information or finances, it did not shut down computers, and it did not affect production by merely slowing the computer network. Stuxnet basically told the plant workers that the plant was failing.
The last 25% of the book traces the culprits of the Stuxnet launch and looks at what this could mean for the future. Will cyber warfare take over from the physical warfare, is the world ready to handle this type of attack, what has Stuxnet shown us, and the answers to many other questions. Countdown to Zero day can become quite technical in some places but Zetter does her best to explain the tech talk as we go along. A bit of a geek read, I suppose, but absolutely fascinating.
Honestly, if I were rating the book strictly on its own merits it would only be 3 stars, because it feels like a magazine length article stretched to book form. But 4 stars is lifetime achievement award, because Zetter has been the best mainstream reporter working on this story (and the security beat in general) for a while now. She really gets the details right, and I'm glad a reporter of her caliber tackled this story. I STILL years later am thinking about Stuxnet. It was, and is, an absolutely mind-blowing turn of affairs.
If you're like me and you already know everything about Flame, Duqu, Stuxnet because you're obsessed with the topic, you can probably give Countdown to Zero Day a miss. But if you don't know what any of those things are, buy this book immediately!
I began reading Countdown to Zero Day thinking it would be a more detailed exploration of the Stuxnet attack against the Iranian uranium enrichment program. That program is a key part of Iran’s nuclear weapons program as it enables Iran to produce bomb grade uranium. Stuxnet was(is) a worm that sought out target computers controlling the Iranian centrifuges and then assumed control of the centrifuges, interfering with the production of uranium hexafluoride gas and causing the destruction of the centrifuges themselves.
While the book does not provide a detailed description of the malware itself it provides so much more that I had been unaware of; the Iranian nuclear program, nukes and uranium processing, watchdog agencies including IAEA and the CIA. It also covers zero day software exploits, the companies that develop them and the consumers of zero day exploits. It also provides insight into the market for malware and exploits and the security industry that tries to stay ahead of malware.
All in all an interesting story and there were plenty of references that allowed me to find much more detailed information about Stuxnet on the web.
I was surprised that it was pretty much accepted that Stuxnet was the work of the US and Israel with the US providing much of the initial technology for weaponized worms. But after reading the book I can’t imagine the attack being produced by anyone else with the possible exception of the Chinese who are without motive.
I was much more surprised… staggered with the descriptions of stolen signing certificates, and attacks on certificate authorities to obtain certificates that allowed Stuxnet to install kernel mode rootkits. Additionally the attackers obtained Microsoft certs by employing sophisticated exploits that utilized MD5 collisions and predicting the time of certificate issuance. Also attacking Microsoft Update! Crazy stuff that attacks the underpinnings of the internet and how users would go about patching Windows.
This book definitely exceeded my expectations and I think everyone interested in the Internet, the use of digital weapons, nuclear weapons and their control and acquisition will find something of interest in it
NSA Agent Num 1: So you remember that really bad idea for a weapon that nearly destroyed the planet that we came up with in the 1940s? NSA Agent Num 2: Yeah, what about it? NSA Agent Num 1: I have an idea just as bad as that one. NSA Agent Num 2: Wow, what is it, we better get everyone we can on something that wonderful. NSA Agent Num 1: We should create a virus that will take control of systems in a facility in another country and destroy them, not only will this show hackers all around the world how to do this, but it will spark off a cyber arms race that any country in the world can join in, not just the rich ones, like those with nuclear bombs. And it will be much harder to track down who has these capabilities than Nuclear Bombs. NSA Agent Num 2: That's incredible, let's talk to president Bush, I hear he's a real smart guy, I know he will approve it instantly.
And thus we have history and the subject of this book.
I remember it like yesterday: watching the news as the mysterious events surrounding Stuxnet unfolded, only to add to the mystery in some aspects. But that was more than 10 years ago!
Then I remember watching "Zero Days", a jaw dropping documentary.
Finally, I had the opportunity to read this excellent book. Top-notch technical journalism! The author managed to pull of a difficult feat: it's not easy at all to write about such a complex technical subject, in addition to describing the socio-political and historical context surrounding it, and still be able to produce a page-turner.
I'm neither a lay person, nor a cybersecurity expert. But I had my share of software & network security incidents and witnessed first-hand how challenging it can be secure digital systems against countless number of know, and more worryingly, unknown, type of digital attacks.
If you are curious about how far the nation states with almost unlimited financial and human resources can go in order to develop complex software to silently penetrate network and software systems, this book is the perfect starting point.
Oh, by the way, some parts reminded me of Cryptonomicon, and this should be considered high praise ;)
Best non fiction book of 2014. The entire story of this digital weapon and the aftermath of if it, including the new questions raised going forward was a really compelling tell. By making it read like a really intense mystery narrative it transcended the typically dry fact based story that some books about digital technology find themselves in. One part of me while reading wished that the outcome hadnt already been known and that the US could have been successful in keeping Stuxnet underwraps while continuing to thwart the efforts of rouge states nuclear efforts running haywire. The book was great and all of the footnotes informative and even provocative. Definitely a must read of 2014.
I loved the first 4/5's of the book - in which the real story of Stuxnet is told. The last 1/5 is a somewhat tedious timeline of events without much narrative to support it; while interesting, it wasn't nearly as good as the rest of the book. Still, I can easily recommend this if you are interested at all in Cyber-warfare, computer viruses, or the curious relationship between the US and Iran in the first decade of the 21st century.
not a great achievement in research or writing or insight or anything, but a pretty competent assembly of timelines and people. feels like it could have been a much more compelling 35-page michael lewis vanity fair article.
Executive Summary: A bit longer than I'd have liked, going deeper into history on some things than I was interested in, but the tech stuff was pretty fascinating. 3.5 stars.
Audiobook: For fiction I always want a memorable narrator, but for nonfiction someone forgettable is best. I want the story to speak for itself. I thought Joe Ochman fit the bill nicely for me.
Full Review I'm always fascinated by computer history, and the story behind Stuxnet is both fascinating and terrifying. Here we are many years later and it doesn't seem like computer security has improved all that much.
It's easy to think that Iran just isn't as advanced as the US, and that's how they were susceptible, but the reality is more about the amount of money spent and probably the fear of retaliation. We may never know the full details of Stuxnet, but this book seems to do a pretty good job of not only attempting to put all the pieces together but fill in the history of the events that led to the attack.
As I read this for technical side, I found my attention drifting at times when she would focus more on the history of Iran and its nuclear program. Overall I'd have liked for it to be a bit shorter, maybe summarizing some of the historical elements more, but still a pretty enjoyable read.
We were in a cyber war with Iran. Kim Zetter unravels the story of Stuxnet, the US computer attack on Iran's nuclear program in Countdown to Zero Day.
A few months ago, I read A Time to Attack: The Looming Iranian Nuclear Threat urging a US military attack on Iran. That book highlighted how Iran had been building a nuclear program for several years. That included several years of centrifuges spinning to extract enriched uranium.
It has taken so long to extract uranium because, according to Zetter, the United States has been running a sophisticated attack on the computer systems that run those centrifuges. The United States and Israel planted sophisticated tools on those computers designed to alter the speeds of the centrifuges and the flow of gas into and out of them.
We have entered an age where warfare can been broken into digital attacks and kinetic attacks. Computer geeks and fighter jocks can both engage with the enemy. Stuxnet was a replacement for dropping bombs on the enrichment facilities.
Zero day refers to an attack using a previously unknown computer security vulnerability. One attack detailed in Countdown to Zero Day used a "god-mode exploit" that was even more potent. For anyone involved in cybersecurity, the book may make you want to curl up in a ball and hide in the corner.
The book is well-written and well-researched. It's always great to grab a book like this that is enjoyable to read and able to explain complicated situations.
The publisher kindly sent me an advance reader copy of the book in hopes of me writing a review. Countdown to Zero Day goes on sale on November 11.
Here we have a thrilling plot and a very good storyteller. Zetter goes beyond stuxnet with a vivid narrative of historical, technical and political contexts. The whole thing is entertaining (should also be alarming) because of how the events were knitted together. You may also feel motivated to become an expert in malware analysis. Hoping for peace between Iran and Israel though.
(3.5) Started off well (could've been 4 or 4.5), following the researchers uncovering stuxnet's secrets, then covered a lot of side topics and eventually sort of retold the whole story chronologically with repetition and speculation
Lots of research went into this (resulting in some excellent footnotes--to the point that many of them should've just been included in the main text). I enjoyed the investigative aspect, following VirusBlokAda, Symantec, Kaspersky as they teased apart how the worm spread, how it found and attacked its targets, how it deployed its attack and avoided collateral damage, how it evolved as the attackers got both more sophisticated and more aggressive.
There was some good background on other cyberwarfare, on the Iran nuclear program, on nuclear proliferation in general. A lot of this was of some interest, but definitely off topic of stuxnet and in some cases kind of redundant. I'll take the background stuff though as it was informative. Would've loved even more depth on the inner workings of stuxnet and techniques to uncover them, however.
But about 2/3 in, she starts trying to re-tell the whole thing chronologically. It could've been cool as a chronological narrative from the attackers' point of view, even if she had to do a fair amount of speculation at times where there are hazy dates, hazy actors and other unknowns. But instead, there was kind of a dry coverage of what likely happened, with lots of repetition (kept having deja vu with very specific side notes and even nearly duplicate footnotes). Hard to tell the same story twice in one book without running into problems like this. Probably could've left it at the 2/3 point.
Then there's a section looking at the implications of the deployment and detection of stuxnet and what the future of (cyber)warfare will be. It's interesting (she says 'ironic') to note that as the US government started warning itself and its people of our vulnerability to digital attacks, it was engaging in high stakes digital attacks of its own. Probably related, and we seem to be fortunate that we've had several years' time to make headway protecting critical infrastructure. Not sure we've really capitalized on it however, as it's hard to protect against everything everywhere in the face of high costs for unknown cost avoidance.
Still, on the whole, I learned quite a bit, and have a lot of good Kindle Notes & Highlights to show for it. ;)
Great read on Stuxnet and digital weapons/cyber war. The author did a great job writing a book that is appealing and understandable to non-technical readers while still giving enough details to be of value to someone with in-depth knowledge of cybersecurity. If you want to learn more about these topics this book is a great starting point.
Top grade cyber thriller made all the more fascinating by being real. I'm not a techie at all but Zetter has a real gift of turning often complicated and detailed machine/code babble, into something easy and palatable for a reader like myself.
It really is a great story and we get to see the full scope from its beginnings, inception, it's destructive phase and the aftermath. One of the things that was so awesome was the fact that this computer virus actually caused things to physically destroy themselves. It is also Scarey as hell when you consider the implications and how vulnerable we all actually are. In the wake of recent cyber attacks, it hits home even more so. Go get a copy.
I was given a copy of this book by BloggingforBooks in exchange for an honest review.
The first shot on the bow of any international conflict will probably be some kind of sophisticated cyber attack. This book presents an egaging account of the goings on in the dark web and the dedication of tireless 'security researchers' who spend hundreds of hours making sense of these attacks.
A thoroughly-researched book that examines the both Stuxnet virus and cyberwarfare policy individually, as well as their crossroads as it relates to the modern era.
Zetter's descriptions and explanations of all things technical is phenomenal. From the uranium-enriching centrifuges to zero-day computer exploits to SCADA, they are simplified enough for the layperson to understand without sacrificing information. Little to no technical background is required to understand the technology discussed, although it certainly doesn't hurt.
The book details the investigation (and obsession) of Stuxnet by a select number of security researchers and firms spread across the world. Zetter describes the researchers' process into dissecting the incredibly complex Stuxnet code (I suggest reading through this link, as Symantec was one of those "select number of security researchers and firms") and how they were finally able to understand its final payload.
U.S. cybersecurity and cyberwarfare policy, general cyber "philosophy" (for lack of a better term), and the legality of cyber operations are also discussed. Should zero-day exploits be able to be sold to the highest bidder, whether that be a nation-state or terror group? Do zero-day researchers have an obligation to disclose said exploit to the respective software? How should we respond to zero-day offensives aimed at the U.S? (Hint: depending on the severity of the attack, it may be considered an act of war, and you don't want to be on the wrong side of America when that happens.) Zetter describes what the U.S.' current policy is towards these questions and what discussions are taking place, albeit behind closed doors.
Even if you don't care about the Stuxnet virus or its impact, the cyber aspect of the book is extremely important to understand in this day and age. Our lives are becoming evermore electronically interconnected (phones connect to computers to cars to refrigerators (wait, what?) to watches), and with it comes vulnerabilities. While those are small-scale connections, compromising large-scale systems has the potential to kill individuals and ravage society: economic markets, power grids, transportation networks, healthcare systems, and computing centers. While there is little ordinary citizens can do to help prevent this, it helps to be informed on issues like this.
This is the story of the first and so far only digital weapon to be used. Stuxnet played havoc with centrifuges used by Iran to refine uranium for its nuclear program, a program many feared was intended to produce nuclear weapons. The story is far more complex and convoluted than you may have read in the news, and it raises profound questions about government policy and the future of warfare. Kim Zetter, Wired's award-winning journalism, takes us down the rabbit hole to explore what is known--and what is not--about the development, use, and future of cyberweaponry.
I'm tempted to give this book five stars, but some parts of it may be too heavy for some readers. I don't fault Zetter for this. It's the subject matter. She does a great job of explaining without dumbing down the material, but for all that my wife wasn't able to get past the first couple chapters. So be forewarned, some of it may overtax you. But if you can persist through to the end, you'll be astonished by the revelations and receive a great deal to think about.
A thoroughly - and I mean thoroughly - researched and detailed account into the elusive and ever-evolving world of cyber espionage. The highlight is, of course, the devastatingly efficient job Stuxnet did on the Iranian centrifuges a decade ago in an effort to kneecap its nuclear weapon infatuation.
The final few chapters, however, feel as though we're treading familiar waters, with the reader feeling like it's the last session at a two day conference/ junket/ piss up and reaching for his keys already.
To be serious though, the book chillingly foreshadows how wars will be fought in the future. Our dependency on technology, not to mention our economy, is increasingly at risk. Gone are the days of the bank robber who scarpers with a few thousand. Today's thief can fit entire national economic frameworks in the car trunk, or at least threaten to cripple them.
Thankfully I have found a little non-fiction gem in this book. Recently I have been trying to revitalise my interest for non-fiction books which started out quite badly with another book I dnf'ed. This book, however, read like a crime novel, based on journalistic expertise. At times, I struggled with the abbreviations the author used (one of which is "ISIS" standing for Institute for Science and International Safety, a quite unfortunate choice of abbreviation in hindsight). However, as a whole, the book and its elaborations on the connections between cybercriminiality and warfare is thrilling and immensely relevant.
Never has the realm of cyber security as covered in this book more relevant than it is today. The recent news of the the Solar Winds hack of US networks for intelligence gathering is just one the latest cyber operation that has been publicized. This book is a chilling account into the world of cybersecurity which spans the years around 2010 when the realm of digital warfare starting rearing its head. It follows the account of the Stuxnet virus, the world’s first affirmed digital weapon designed and used by a nation state for the malicious intent of enemy sabotage and surveillance. Zero day exploits are holes and vulnerabilities unknown to the software maker, that have no anti virus signatures or patches created yet, which can become exploited by hackers for malicious means, giving “zero days" until the exploit is discovered. For context, about 12 million virus and other malicious files are captured on the web each year.
The book details the mysterious and complex worm surreptitiously found on the web, and the global community of anti virus companies that race to decipher the malicious payload to protect internet users. With the collaboration of code engineers around the world, over the course of months and years, digital programmers from Symantec to Kaspersky, work tireless to find the the target of the virus’s payload and why it was created. As the code is unwrapped and decoded, piece by by piece, a world of grey hat hackers, government defense officials and geopolitics start to unfold in their involvement the Stuxnet worm.
The engineers describe Stuxnet as one of the most uniquely and brilliantly designed virus for its time. In addition to being able to attack an industrial system, the virus had self intelligent machine learning; a sunset date, provided intelligence reconnaissance with logging reports, released updates to itself, and searched for previously installed versions of it self on the machines it infected.
The early development of the virus in 2006 coincides with Iran’s nuclear development program, and the country’s subsequent installation and uranium enrichment program in 2007. Eventually, through the book we learn through the anti virus programmers eyes, that the purpose and intent of the Stuxnet virus was a well planned hack with the singular intent to sabotage Iranian nuclear facilities and equipment. Pressure from within the US and Israeli administrations to halt Iran’s nuclear program in 2009 led to covert cyber operation to develop and unleash the virus.
The virus did successfully attack the Iranian nuclear facility causing disruption in the power supply and damaging the centrifuges. Stuxnet was part of defense department’s classified program that used “bytes over bombs”, an attack that avoided conventional military engagement. The book discusses the launch of the digital attack and the creation of US CyberCommand spanning the Bush and Obama Presidency and reveals the future of covert warfare. Ms. Zetter widely references numerous news articles in the book, especially the work of David Sanger of the New York Times who covered the US administration and foreign policy during the time of Stuxnet’s development and release. Zetter also shares her interviews with various US government defense officials about the nations’s cyber policies.
In the light the of Solar Winds digital attack that was just discovered in December 2020, a decade after the release of Stuxnet in the web, we are in a definitive moment where militaries and governments are embracing cyber weapons over the deployment of conventional weapons. In fact, the signatures of the Solar Winds hack in 2020 has many of the same elements of the original prototype of the Stuxnet zero day weapon, called “Flame” which is also detailed in the book.
If Stuxnet shows us what is possible for government sponsored cyber attacks and espionage programs, it should make us take a look at our own domestic infrastructure liabilities prone to be exposed to the same attacks. “The nations most at risk of a destructive digital attack are the ones with with greatest connectivity” says Zetter.
Digital weapons naturally create ongoing criticism and scrutiny about the new rules of international engagement. There is a still a lack of broad public discussion and understanding about the legal repercussions of current US government’s cyber operations which are heavily classified. This story begs the issue : are cyber operations an act of war in the same way conventional military operations engage with hostile nations ? In 2013 international legal experts representing NATO, convened to address the such legalities. The conference resulted in a 300 page document called the Tallinn Manual which draws its framework from the UN’s Charter of “Law of Armed Conflict”.
This book is a primer of the current age of cyber war. It provides clear explanation for technical terms accessible to everyone. As more businesses and organizations come online with digital presences, the more vulnerable they may become in the cyber realm to hackers and state sponsored espionage. And as more nations rely on a digital infrastructure for its power grid, banking, transportation and health systems, the more vulnerable it becomes to a cyber attack. At this time, we can be assured that almost every nation has already started their own arsenal of cyber weapon capabilities in this new age of digital warfare.Countdown to Zero Day, shares what the future may hold for national security and for the public landscape of web.
A truly excellent and terrifying book on a murky and confusing subject. Indeed, the revelations here are near damning in the same way that Snowden's documents are. The journalism and referencing is very good, maybe even excellent. The explanations of coding and logic were good, but could have been more in depth (but I'm biased...I'm a coder). The reasoning for the 4 star rating is that the overall organization of the book could have used another revision. While I do like the looping almost cyclical nature of the style, streamlining it could have made some of the sections more impactful. Still, excellent book and highly recommended!
Stuxnet had a lot if hype and hysteria in the press. Ms. Zetter did a great job in researching and telling a very complex story. It's been 11 years since the release and I hold this book to be the gold standard of a deeply researched look at cyber warfare.
Details matter. Since the first time I read the book and learned more about Stuxnet over time the details hold up well. It reads more like a novel than a technical analysis and several different viewpoints are offered.
It was mind-blowing to learn of the malware ecosystems spanning governments and private industry. This book does an excellent job of explaining the discovery and workings of STUXNET and related government digital weapons. It also thoroughly explains the political circumstances and reasons governments give for using the weapons. The author is extremely careful with the nuances of truth and divides the information into chapter content and lengthy footnotes. I struggled to pay attention through the last fourth of the book, up until the last chapter, because the author is mainly rehashing the story presented previously, but this time with all the pieces in logical order, instead of order of discovery (which makes for a better story). But if you're looking to thoroughly understand STUXNET and the birth of government-sponsored digital weapons, this book likely has all the details.