At some time in every developing technology, a new outcome will mark an important step and will be remembered as the opening of a new “era”. For instance, in aviation this occurred when the reaction engine was built and quickly replaced the propeller engine. In biology, it occurred with the discovery of DNA (Watson and Crick, 1953). In malware technology, this has happened with the development and use of Stuxnet.
Although the initial basic operation of Stuxnet reflects the classical malware actions (network vulnerability exploitation, rootkit installation, data exfiltration, Internet self-upgrade, etc.), Stuxnet differs from any other precedent worm because of its complexity, flexibility, potentiality, combination of features, multi-role performance and goal. It is as if, in the wild and dangerous environment of malware, a new breed of worm has evolved by learning all the most successful, state-of-the-art attack and survival strategies, and is now using them to hit very specific targets. Stuxnet is definitely the founder of this new breed of superworms. This report provides a technical and strategic analysis of it.