From Wired Magazine, this excellent portrait of DuQu. Bottom line: it’s doing active reconnaissance on cyber systems and it’s as sophisticated as Stuxnet. The implication of the article seems to be the DuQu is setting up for a future cyber attack, learning about specific systems architectures and transmitting that information…somewhere.
The link from Schneier’s Security Blog is here. I think the implications are important. Essentially we have programmable components of systems that can attack the larger system under conditions where the factory code is hacked.
For my computer science colleagues, Kim Zetter’s excellent long piece in Wired is here. Fascinating story of reverse engineering code to figure out the target.