Softpedia: Earlier this year, Stuxnet, a highly complex piece of malware designed for industrial espionage and sabotage, took the security industry by storm. A lot of people believe the amount of work put into it suggest that it was created by a nation state.

Do you think Stuxnet was a milestone in the evolution of malware and we will increasingly see threats targeting industrial systems and critical infrastructure in the upcoming years? Do you think application whitelisting would be a good solution to combat them?

Graham Cluley: I haven't seen any reason to believe Stuxnet was written by a "nation", and am not sure what such evidence would look like, but it's certainly the case that it was written by people with specialised knowledge in fields which are not usually of interest to conventional malware authors.

I think there's been a lot of unwarranted panic and speculation about Stuxnet which has probably done nothing other than feed news headlines. Yes, it's an interesting piece of malware - but we see some 60,000 new pieces of malware every single day at SophosLabs.

Much better to be interested in the new attacks which may be putting your company at risk right now, than worry about a single piece of malware that every anti-virus on the planet already detects.