Seven upvotes for PaulVD 13:47?
There really are a lot of people around who need to read TheOtherSteve's posts here till they get with the program, and ideally attempt also to read and understand the definitive sources elsewhere.
You don't want to treat MS-dependent PC anti-virus companies as definitive. Although some of them may be experts on PC virus propagation, they are clueless about industrial automation (SCADA etc).
You do want to treat as definitive stuff from someone who understands both PC security *and* industrial automation.
Best Stuxnet-specific source to date:
Yes I know he's got an interest to declare. But read his analysis anyway. There's a little bit of OTT in there, but really not very much at all, in the circumstances. And I say this as someone with a couple of decades of experience of the interface between computers and the shop floor, in sites from power stations to factories to water companies, you name it, I've seen it all. Till Stuxnet (which, in hindsight, should have been expected).
Today's open letter from Herr Langner to Symantec in response to Symantec's ridiculously PC-centric analysis and non-existent "solutions" seems particularly appropriate.
The next incarnation of Stuxnet will not have the advantage of total surprise in the same way that Stuxnet had.
That being said, so long as we allow critical systems to rely on Windows, Stuxnet 2 will still be able to use zero-day (unpublicised, unpatched, unchecked-for) vulnerabilities to bypass malware scanners. Whether it uses LANs or USB sticks to propagate is irrelevant.
Stuxnet 2 will still be able to use rootkits to hide its presence on the infected systems. Stuxnet 2 will still be able to interrupt whatever the infected PC systems are supposed to be doing. More troublingly, Stuxnet 2 will still be able to disrupt whatever those infected PCs are controlling.
E.g. purely random example, would have been implausible 3 months ago, not looking so implausible now: anybody know what's in the next generation of SCADA for the Thames Flood Barrier (£400k contract, awarded recently to Adsyst in Reading). If it's got Windows in it, the City boys better get on the blower.
This is not a drill. This is a warning. Pay attention now, or get burned (or flooded) later.