Andy Greenberg – Sandworm


Immensely readableA hair-raising, cautionary tale about the burgeoning, post-Stuxnet world of state-sponsored hackers. (Washington Post)

From Wired senior writer Andy Greenberg comes the true story of the most devastating cyberattack in history and the desperate hunt to identify and track the elite Russian agents behind it

In 2014, the world witnessed the start of a mysterious series of cyberattacks. Targeting American utility companies, NATO, and electric grids in Eastern Europe, the strikes grew ever more brazen. They culminated in the summer of 2017, when the malware known as NotPetya was unleashed, penetrating, disrupting, and paralyzing some of the world’s largest businesses – from drug manufacturers to software developers to shipping companies. At the attack’s epicenter in Ukraine, ATMs froze. The railway and postal systems shut down. Hospitals went dark. NotPetya spread around the world, inflicting an unprecedented 10 billion dollars in damage – the largest, most devastating cyberattack the world had ever seen.

The hackers behind these attacks are quickly gaining a reputation as the most dangerous team of cyberwarriors in history: a group known as Sandworm. Working in the service of Russia’s military intelligence agency, they represent a persistent, highly skilled force, one whose talents are matched by their willingness to launch broad, unrestrained attacks on the most critical infrastructure of their adversaries. They target government and private sector, military, and civilians alike.

A chilling, globe-spanning detective story, Sandworm considers the danger this force poses to our national security and stability. As the Kremlin’s role in foreign government manipulation comes into greater focus, Sandworm exposes the realities not just of Russia’s global digital offensive, but of an era where warfare ceases to be waged on the battlefield. It reveals how the lines between digital and physical conflict, between wartime and peacetime, have begun to blur – with world-shaking implications.

Author: Andy Greenberg
Narrator: Mark Bramhall
Duration: 12 hours 2 minutes
Released: 19 May 2011
Publisher: Random House Audio
Language: English

User Review:

furlough flaming

I’ve always enjoyed Wired’s in-depth reporting on major cyber attacks, so when Andy Greenberg put out a book last week I grabbed it. While many recent books have been about stolen personal data and influence campaigns by China and North Korea, this books has a clear focus: weapons of cyber destruction by Russia.

Chronogically, the book starts with the first attack on the Ukrainian power grid in 2015. This attack use the Dark Energy malware, which included the first of many references to Frank Herbert’s Dune, hence Sandworm. If you have read other books on cyber war, you can probably skip the first two sections.

It gets interesting in Section 3 with the second hack on the Ukrainian power grid, in which experts note that the attackers held back from doing their worst possible damage. The group was also responsible for NotPetya, the most damaging cyber attack till date that ravaged the Ukraine and also several MNCs, who had links to Ukraine.

Greenberg also links the group to the hacking of various elections and concludes that all these attacks – whether noisy influence campaigns or stealthy destruction of infrastructure – are all by Russia’s GRU and all have the primary goal of influence.

What makes the book very readable is seeing the story of each attach unfold through the viewpoints of key players in each incident. So while I may have revealed some of the takeaway, I am definitely not spoiling the enjoyment of anyone who wants to read it.

For some samples of Greenberg’s writing (you can skip these sections in the book later):
https://www.wired.com/2016/03/inside-cunning-unprecedented-hack-ukraines-power-grid/
https://www.wired.com/story/crash-override-malware/
https://www.wired.com/story/untold-story-2018-olympics-destroyer-cyberattack/