In a talk at the Black Hat DC conference here Tuesday, Tom Parker, a security consultant, presented a compelling case that Stuxnet may be the product of a collaboration between two disparate groups, perhaps a talented group of programmers that produced most of the code and exploits and a less sophisticated group that may have adapted the tool for its eventual use. Parker analyzed the code in Stuxnet and looked at both the quality of the code itself as well as how well it did what it was designed to do, and found several indications that the code itself is not very well done, but was still highly effective on some levels.
The mistakes weren't limited to the operational aspects of Stuxnet, either. Nate Lawson, a cryptographer and expert on the security of embedded systems, said in a blog post Monday that the Stuxnet authors were very naive in the methods they used to cloak the payload and target of the malware. Lawson said that the Stuxnet authors ignored a number of well-known techniques that could have been much more effective at hiding the worm's intentions.