The Book in 3 Sentences
- Sandworm is likely a Russia-based threat group working under the command of the Russian Government.
- They have been carrying out well funded cyber-attacks across the globe and notably, Ukraine, on multiple occasions.
- The group is still active, but a number of suspects have been indicted by the US Government.
Andy Greenberg’s Sandworm is the story of a Russian Military Intelligence hacking group. They’re the group behind NotPetya, a malware attack against Ukraine in 2017 which caused roughly £10 billion worth of damage around the world. Sadly, as I write this review, Russia continues to wage its kinetic war against Ukraine only a few years later.
However, attacks against Ukraine started a few years before NotPetya. The Sandworm group carried out attacks against the country’s power grid in 2015 and 2016. Millions of people plunged into darkness within Ukraine.
NotPetya was the headline stealer. The malware spread across the world and caused hundreds of millions of pounds worth of damage to companies like Maersk, FedEx and Merck. Patients couldn’t get their medicine. Hundreds of ships couldn’t move around the world. It was chaos.
In this book, Andy will take you behind the scenes and share the experiences he had with the researchers on the front lines who hunted down the Sandworm group.
Who Should Read It?
There’s really no limit to who should read Sandworm. We’re all users of the Internet and what Andy talks about in Sandworm proves that we all need to be aware of the impacts cyber can have on our lives. That being said, you’ll really enjoy this book if:
- You want to know more about how global cyber-attacks impact the lives of normal people
- You want to learn about the actions that Nation States play in the cyber-security landscape
- You want to gain insight into cyber-security operations
- You want to learn more about Russia and their efforts to take over Ukraine
How the Book Made Me Think
- Will the world ever truly be secure? With countries all at different stages of development and the organisations and people within those countries at various stages, I think it's unlikely.
- How will cyber weapons play a part in future wars?
- What could I do to prevent Sandworm from compromising ME? Will my 2FA and good patching routines save the day? Hard to say!