I posted this reply elsewhere but figured I’d share it here too.

Stuxnet was not only a complex attack but the whole operation was clandestine and intentionally vague in its origins. Nobody officially admitted to its creation even though it was produced by the United States and Israel. Russia is not unwise to these sort of attacks on its industrial control systems and unlike Iran is unlikely to fall victim to the same tactics due to the nature of the country being the source of such attacks themselves.

I would not rule out the possibility of a Ukraine or someone aligned with Ukraine attacking Russian industrial control systems, but Stuxnet was such a huge investment of time and money and it would be easy to tip one’s hand very fast were the tactic to be used today. You’re more likely to see someone on Twitter brag about finding some random water flow system for a distillery or some sort of traffic light system via Shodan than something like the 2015 Ukrainian power outage.

Basically, Stuxnet was a slow boil and is now too obvious to anyone familiar with this stuff. Would not rule it out, but I am not going to bet on it.

This is my line of work and thus y’all get a rare opinion about geopolitics from me.