COUNTDOWN TO ZERO DAY

Kim Zetter, Crown, 433 pages, $25

When the two atomic bombs, Little Boy and Fat Man, dropped over Japan in August 1945, it launched the world into a devastating era of warfare. Nearly 70 years later, humanity is still trying to contain the fallout. But in its zeal to check nuclear proliferation, America — along with Israel — opened up yet another theater of war: cyberspace.

In 2007, a computer worm called Stuxnet was detected for the first time by virus-scanning software. At least three more versions followed, seeking to wreak havoc upon Iran's uranium-enrichment facility at Natanz. Stuxnet turned valves on and off and meddled with the centrifuges, wasting uranium and damaging equipment. It succeeded in slowing Iran's uranium enrichment, and by extension its purported nuclear-weapons program, making Stuxnet the first documented case of cyberwarfare intended to cause physical damage.

Where Stuxnet fell short was in remaining hidden, thanks to a series of "flubs that should never have occurred," writes Kim Zetter in "Countdown to Zero Day," an authoritative account of Stuxnet's spread and discovery.

The book delivers a sobering message about the vulnerability of the systems — train lines, electricity grids — that make modern life possible. These industrial control systems are increasingly hooked to the Internet, allowing remote access. Passwords are seldom changed from the systems' defaults. Security updates are rare. Little surprise, then, that researchers have been able to simulate shutting down energy grids, infiltrating water plants and destroying generators.

The world has yet to see a sequel to Stuxnet. But "given the varied and extensive possibilities for conducting such attacks," Zetter writes, "it is only a matter of time until the lure of the digital assault becomes too irresistible for someone to pass up."

Containing this new proliferation will be even harder. It takes money, raw materials and large facilities to develop nuclear weapons. A cyberwarrior needs only a computer and an Internet connection to wreak havoc.

THE ECONOMIST