I was going through a cyber security course on Udemy one day, when the instructor recommended this book. I’ve always liked the topic of computer viruses, but this book also brushed upon my newly formed love for thriller books and documentaries. I immediately ordered it off of Amazon, and two weeks later the book was in my hands.

It was a bit of a slow read, I won’t lie. That’s because the book is a bit technical and it takes some time to process the words and terms. Also, the book is full of weird and longs names of people and organizations, which I find a bit frustrating, slowing me down even more. Never the less, I loved the book! Let me tell you why.

“Countdown to Zero day” is an investigation book about the Stuxnet computer virus that was launched in 2009. And even 15 years later, Stuxnet continues to be one of the very few attacks the world has seen using digital technology. The purpose of the virus was to attack the uranium processing plants of Iran, plants that were believed to be producing weapons-grade enriched uranium. This turns Stuxnet into the first cyber weapon ever used by a country against another country, in the human history.

The first half of the book investigates just what Stuxnet was and how it worked, the different components in the payload of the main file, the ways it used to infect computers and the zero-day exploits it used to penetrate the plant’s network of machines. I found this so interesting, I couldn’t put the book down! As a person that has a bachelor’s degree in Computer Science, a programmer at heart and an IT security enthusiast, I found so many things in the book eye-opening and enriching. I never knew about the zero-day exploits market for millions of dollars, for example. I also didn’t know about the different parts of a computer virus and the way they work together. Fascinating! The book is full of such details and I believe you need to have at least a bit of a tech background to understand it and find it interesting as a read.

The Stuxnet virus was brilliant! It affected only the machines it needed to, it hid for many months, it tricked Microsoft’s Autorun feature to seek it out and run it without crashing the system, it shut itself down when it was done or found a machine it did not want and it had a built-in shelf life. Again, just fascinating to know!

In the book, Kim Zetter investigates how the virus was launched, why it was created, and the response to it by the world’s “superpower” countries and the global cyber security community.

Stuxnet sabotaged the work and slowed the uranium production in Iran’s Natanz nuclear plant down considerably, but it is far from the virus we are used to on our home computers and office networks. It did not seek to infect and steal information or finances, it did not shut down computers. Stuxnet basically told the plant workers that everything was going ok, but in the background – slowly but surely destroying the physical components (the centrifuges) that were enriching the uranium. And it went on for years before it was found! Wow!

The last parts of the book trace the culprits of the Stuxnet launch (supposedly the US and Israel) and looks at what this could mean for the future of cyber security. Will cyber warfare take over from the physical warfare, is the world ready to handle this type of attack, what has Stuxnet shown us, and the answers to many other questions. “Countdown to Zero day” can become quite technical in some places, as I mentioned, but Kim Zetter does her best to explain the tech talk as we go along. A bit of a geek read, I suppose, but absolutely fascinating.

I loved the book and I would recommend it to anyone, not just tech enthusiasts and geeks. I believe the book is eye-opening and could benefit a Technology teacher’s perspective on the world of cyber security and cyber warfare. Also, the topic could be very interesting to the students, so why not read the book and then tell the story in the last 10 minutes of a lesson? 🙂