An old post but given the current context of “Flame”, the new malware running around in the Middle East, still of relevance.
Stuxnet, like today Flame, was probably created by a Nation State (Israel or the US, or both) to target specific information from specific countries (Iran and Middle East regimes). Both, -with maybe Stuxnet more than Flame, but it’s early to say- exploit the fundamental key to all unauthorised accesses: badly designed softwares released too early, without proper or adequate testing, that have flaws so big that the expose their users to big damage. The December 2010 report to the OECD by Peter Sommers and Ian Brown recommands delayed releases of softwares to allow for further testing etc… Just like Citroen had released their XM estate three months ahead and equipped all their engineers with it so that they could drive it over thousands of miles to detect big and minor faults. What we can do for cars, why can’t we for softwares?
same issue for mobile phones. “Smartphone security below par, says EU agency”, 13 September 2011, Euractiv. To see the ENISA report on this, http://www.enisa.europa.eu/media/press-releases/app-store-security2013-the-five-lines-of-defence-new-report-by-eu-cyber-security-agency-enisa
And obvioulsy that is without talking about the most basic security measures. Not long ago, I took the tube and what did I see? a person with her mobile phone looking at her barclays account (yes I could see that well!). Had the person any clue about the amount of bank details I could read?