UQCS talk: The Backstory on Stuxnet

Stuxnet was a computer worm which notably damaged the Iranian nuclear facility known as Natanz. This talk for the UQ Computing Society (UQCS) covers the scientific and engineering background of the system that the worm disrupted.

I see a lot of infosec talks which dive into the bits and bytes of a specific attack, and they’re great for sharpening your skills, but I think there’s a really under-served market for context and history. That’s what this talk is for: it was inspired by a conversation on the UQ shuttle with my manager, when we were talking about Stuxnet, and I said “what is a centrifuge, anyway?”. Neither of us really knew, so I did a quick dive into the science, engineering and supply chains, and then a couple of days later, Mandy asked for a talk for the AISA end of year event :)

This is a talk which I first gave for the Australian Information Security Association in December 2019, but wasn’t recorded. I gave an extended version for UQCS with less assumed knowledge in March 2020, and here’s the recording.

The talk itself starts at 10:50 and goes into question time around 44:45. Question time was pretty awkward with the delay, so maybe skip it this time around.

As usual in these times, it was originally planned as an in-person talk and then hastily amended to an online format!