Andy Greenberg is back with a deep dive into state-sponsored cyberwarfare, focusing on the Russian hacking group known as Sandworm. This group, linked to Russia’s military intelligence agency (GRU), has been responsible for some of the most destructive cyberattacks in history.
The book first examines the 2015 cyberattack on Ukraine’s power grid, marking the first time hackers caused a blackout. This event signaled a new era where cyberattacks could have tangible, real-world consequences. Subsequent attacks, including the 2016 Industroyer malware and the 2017 NotPetya attack, demonstrated the escalating capabilities and ambitions of state-sponsored hackers.
The narrative follows cybersecurity experts and intelligence agencies as they trace these attacks back to Sandworm. Greenberg details how investigators uncovered the group’s methods, including the use of malware with references to Frank Herbert’s Dune, leading to the group’s nickname. The book delves into the challenges of attributing cyberattacks and their geopolitical implications.
While Ukraine served as the initial testing ground, Sandworm’s activities had global repercussions. The NotPetya attack, for instance, caused an estimated $10 billion in damages worldwide, affecting companies like Maersk and FedEx. Greenberg emphasizes the vulnerability of critical infrastructure and the lack of international norms to address such threats.