DuQu versus Stuxnet
DuQu and Stuxnet shouldn't necessarily be considered part of the same family; Stuxnet was a very specialized worm with multiple exploits for propagation and an incredibly clever rootkit that attacked a very, very specific model of PLC.
Duqu, on the other hand, is a very well designed trojan with a generic payload that consists of gathering information about the system it is sitting in, however, no one knows how it gets there, so it might be part of a worm-like dropper.
The reason they are related is because Stuxnet and DuQu share certain code; consider it a "core module", if you will. It handles (and consists of) plenty of functions such as decryption of keys, injection, etc.
Duqu is that, very slightly modified, and Stuxnet was that with SCADA modules (quite possibly designed by a different dev team) attached to it.
As for DuQu's attack on industrial controller manufacturers being ridiculous, it's worth pointing out that the US army, in particular a base that was used to pilot Predator drones, was recently hit by a mafiawars-oriented credential stealing trojan. Had that been a worm like stuxnet, except attacking CsLEOS or modifying the software used to control the drones, things would have been problematic.
Airgaps and all the procedures armchair experts are mentioning are great, brilliant in fact, but in theory it is very hard and expensive to set up a so-called secure system, and additionally, it is still going to be vulnerable to certain attacks, anyway.