Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers Hardcover – November 5, 2019

I had been reading Andy Greenberg’s articles in Wired Magazine and eagerly awaited this book. I was NOT disappointed. He accomplishes what few writers can – telling a compelling story that includes an engrossing plotline and interesting characters, while providing a satisfying amount of technical detail for knowledgeable readers. I worked in a manufacturing company that had lots of industrial control systems to monitor and run chemical processes, so I can verify his description of that systems technology is accurate. He avoids a lot of unnecessary jargon that would mystify nontechnical readers without dumbing down the details. Whether you have a technical background or not, this book is engaging.

The book reads like a detective novel, though it's nonfiction, and edifying. It'll get you up to speed on cyber-snooping and cyberwarfare. Make no mistake; we are engaged in a cyber jousting with other state-sponsored hackers. This book covers mainly Russian cyber-spies and cyber-warriors, but China hacks our data, though China isn't engaging in cyberwarfare to the extent Russia is. Even North Korea hacks data in the U. S., as evidenced by its stealing and publicizing Sony's unreleased movies and personal information on its employees.In 2007 Russia launched a cyberattack on Estonia, essentially putting that country off-line.Two years later our own NSA used Stuxnet to overspeed Iran's nuclear-enrichment centrifuges, destroying many of them.Russia, in 2008, cyberattacked its neighbor Georgia, with which it had a dispute. Georgia's government and media were "pummeled.."Thus did tbe cyberwars start to play out. It crescendoed in 2017 when Russia set NotPetra on the world, the most devastating and costly malware in history. Parmaceutical giant Merck couldn't make certain vaccines, among other temporary lost abilities to get drugs to market. Shipping powerhouse Maersk had its cargo ships rendered inactive as tens of thousands of semis loaded with hundreds of thousands of tons of cargo for export couldn't get these eighteen-wheelers unloaded. Maersk lost tens of millions of dollars in revenues.Cyberattacks on Ukraine disrupted mass transit, crippled some airports, hospitals, the postal service. Blackouts were part of the attack. This all was attributed to Kremlin-backed hackers who were collectively given the name Sandworm .I like the way the author discusses the people he met and interviewed, giving us insight into who they are and how the dealt with the cyberwarfare in the countries. He had to use interpreters at times for Russian, Ukrainian and Korean. He did lots of research, and not just at his computer desk.The cyberattacks can just involve snooping. Or data theft, whether personal or technical , whether for political or commercial or military use. It could be simply a denial-of-service attack, which is mainly just inconvenient. Or it could involve a kinetic attack, that could physically destroy power plants, for instance. Very serious stuff.

This is the story of the hackers behind the NotPetya attack of 2017, who also turned off the power to Ukraine not once but twice and while it reads like a spy novel the stories are 100% true. It’s a deep and at times uncomfortable view at modern life, how dependent we’ve become on technology and how fragile the infrastructure which supports it truly is.I was impressed by how comprehensive Andy’s research is; I too work in cyber security and I learned a lot from his work. His writing style is addictive; I couldn’t put this book down, and I highly recommend it to both industry professionals and newcomers alike. Or, for some of us, we’ll be giving this out at Christmas so our family members finally understand why we work the jobs we do and the real world danger the Internet has brought to our lives. This is the best book I’ve read since Countdown to Zeroday, hands down.The capabilities Andy describes in this book should be a wake up call to anyone working in information security, infrastructure, transportation or any field where computer systems perform mission critical tasks. Stuxnet was the first cyber weapon, but BlackEnergy brought the danger to our doorsteps. Technology has leveled some aspects of warfare and capabilities once only the domain of superpowers can now be brought to bear by little more than a computer & Internet connection.

A must read for anyone following cyberwar and the cyber arms race. Although there is much "desk work", the bulk of the research is original, and based on a number of interviews, many in Ukraine. It attributes many cyber attacks to Russia's military intelligence, but notes there is no proof, except circumstantial. (The "attribution problem") Some of the political commentary is boorish in a few places and for some may detract from the brilliant research behind the work. The author brings up crucial questions regarding the cyber arms race, proliferation, and the emergence of international norms of behavior for nation states in cyberspace. If you want to know what happened after Stuxnet, this is the book to read.

An interesting read, but very biased and anti-Russian. I would prefer a more neutral tone - there is cleary a lot that Russia is doing and it shouldn't.I learned about just how far cyber attacks can go and have gone. The hystorical overview is very questionable though,which makes me doubt the rest of the book. For instance, "Russians oppressing Ukrainians for hundreds of years" is a very strange interpretation of history. Outrage at the Russian meddliing in US elections is also very odd. This is not something they should do, but the US and Europe have been doing that for decades. Similarly, attacks on civil infrastructure are to be condemned, but that happens in war. The author actually mentions bombing of Serbian power infrastructure in 1999, but then hypocritically states that those power plants supplied the army, when in reality those were supplying power to the civilians as well. These are just some of the examples.A more objective book on the topic would have been much more enjoyable.

It pains me to write this bad review because I had big hopes for this book.The writing style itself is good and even engaging however it feels like it was written for a very specific audience in mind. Greenberg is very biased and obvious which US political party he leans to.The story that is being pushed in the book is very simple: Russia is in a "modern dark age" and is viciously unleashing its sinister cyber weapons on the West.Cyber crime attribution is a very difficult and should be objective and with plenty of evidence. This book is telling us who did what and who is guilty without much evidence. Lots of speculation and not much evidence.Buy this book if: - You just want to reaffirm your political biasesSkip this book if: - Looking for an objective treatment of the subject without a political baggageAlso the ending (when he goes to Moscow) is a bit ridiculous and made Greenberg quite childish and naive.

As a non-technically savvy reader, but very interested in the subject I found it quite easy to follow. The first half of the book which goes over several notorious hacks is used to build up to the main issue of the book, which is of course Russian hacking groups. As a Darknet Diaries podcast listener I came by this book when the author was interviewed and found it to be a great addition to some other episodes regarding the same cyber attacks.The last part of the book slightly lost my interest as it became a lot more 'novelistic' and landed in some common places so it became a bit less interesting, thus the 4 stars.Even so, a great read and a solid starting point for anyone interested in cyber sec and also current world issues.

This book is just fantastic. So well written and explained. You don't have to be a cyber professional to understand it as Andy Greenberg explains the term that are not that familiar. 100% recommend it and if you want to understand better the political reasoning for certain attacks, it's a must

I was drawn to the book by a colleague who forwarded an extract from an article referencing Sandworm.The detail is excellent and does not lose the unskilled Non-IT person.Will make you want to ask questions in work but also made me sit up and take notice when my Prime Minister recently mentioned additional funds for cyber defence.