Sandworm

Starred review from September 1, 2019

In the summer of 2017, the worst digital attack in history paralyzed companies around the world. Financial institutions, shipping companies, and even drug manufacturers were impacted. The malware was named NotPetya and the group responsible was called Sandworm. Greenberg (senior writer, Wired; This Machine Kills Secrets) tells the engrossing tale of the hunt for those responsible. Three years earlier, the small net security firm iSight Partners found the precursor to the NotPetya malware. They immediately began to look for similar global attacks and realized the hackers all referred to Frank Herbert's epic "Dune" series, hence the Sandworm. The purpose of the 2017 attack was to cripple Urkraine's infrastructure. When it later became known that the hackers were being helped by Russian intelligence, the stakes became even higher. Throughout, Greenberg covers major hacking events in recent history that led to this incident. VERDICT Told with the fast-paced style of a thriller, this book is highly recommended for all fans of international intrigue and cyberwarfare. An exceptional account that will inform and possibly frighten--and a necessary purchase for all libraries.--Jason L. Steagall, Arapahoe Libs., COPolitical Science

Copyright 2019 Library Journal, LLC Used with permission.

September 30, 2019
Technology journalist Greenberg (This Machine Kills Secrets) delivers a taut inquiry into the “most devastating and costly malware in history” and the state-sponsored Russian hacker team that developed and deployed it. Housed within the GRU, Russia’s military intelligence agency, the group has been nicknamed Sandworm for the references to science fiction novel Dune found in the code it used to shut down portions of Ukraine’s power grid in December 2015. In June 2017, Sandworm launched a cyberattack that spread to “countless machines around the world” and caused billions of dollars in damages. Known as NotPetya, the malware used stolen NSA hacking tools to infect entire computer networks in a matter of seconds. Greenberg traces NotPetya’s ripple effects and speaks with “the lonely club of Cassandras” who have been tracking Sandworm for years. According to at least one of his sources, the group also hacked into U.S. state boards of elections in 2016 and crashed the Wi-Fi at the 2018 Winter Olympics. Though much about Sandworm remains unknown, including its exact motivations, Greenberg is an adroit investigator and gifted metaphorist. His lucid, dynamic exposé is a must-read for those worried about the vulnerabilities of the digital world.

October 1, 2019
Cyberwar Armageddon hasn't happened yet, but it's coming, according to this disturbing but convincing journalistic chronicle. Wired senior writer Greenberg (This Machine Kills Secrets: How WikiLeakers, Cypherpunks, and Hacktivists Aim To Free the World's Information, 2012) begins in 2014, when an analyst at a small, private intelligence firm learned of a security flaw in Microsoft Office, "one of the world's most ubiquitous pieces of software," and Russian malware designed to take advantage of it. Reverse engineering soon revealed that this malicious software, Sandworm, was not the usual effort to spread disinformation or steal data but was instead meant to cause physical damage. The analyst, Greenberg writes, considered this a whole new ball game: "Like many others in the cybersecurity industry, and particularly those with a military background, he'd been expecting cyberwar's arrival: a new era that would finally apply hackers' digital abilities to the older, more familiar worlds of war and terrorism." In 42 short chapters, the author chronicles his travels around the world, with an emphasis on Ukraine, to describe the consequences of Sandworm and the efforts of software experts to analyze, ward off, and (ultimately) repair the damage. Ukraine, a test bed for cyberwarfare, remains in the crosshairs of Russian leader Vladimir Putin, who ordered the invasion of Crimea in 2014, supports a nasty insurgency in border areas, and opposes closer Ukrainian ties with Western Europe and NATO. Since the invasion, Russian hackers have been honing their skills on Ukraine's infrastructure, shutting down electric grids, internet, railroads, hospitals, and even ATMs. Confident that America's systems are less vulnerable and hobbled by Donald Trump's clear admiration of Putin, U.S. leaders have downplayed the risk, although Russia and a host of other hackers are already flexing their muscles and wreaking havoc across the world. Throughout, Greenberg writes in the fast-paced style that characterized his first book, and while the narrative is occasionally scattershot, he effectively captures the disturbing nature of this new global threat. A credible, breathless account of the discovery and defeat (perhaps) of major Russian computer cyberattacks.

COPYRIGHT(2019) Kirkus Reviews, ALL RIGHTS RESERVED.

October 15, 2019
Wired journalist Greenberg recounts recent cyberattacks and tracks private investigators who have sought their source. The care that intruders take to cover their digital fingerprints makes this a challenge even for experts, and readers will revel in the details Greenberg provides. To obviate suspense, the culprit they unveiled is the Russian military's intelligence agency, the GRU. This assertion stems from the forensic examinations of malware by Greenberg's interviewees, several of whom are former employees of the National Security Agency who like to use monikers for cybercriminals. "Sandworm," for example, refers to perpetrators of attacks on Ukraine's government, industry, infrastructure, and media concurrent with the country's territorial losses to Russia, hackers who apparently admire the classic sf novel Dune (1965). Noting other targets of Russian cyberwarfare, including Estonia, NATO, various corporations, elections in the U.S. and France, and the 2018 Winter Olympics, Greenberg elaborates a particularly damaging worldwide offensive, dubbed "NotPetya," that Russia conducted in 2017. Loaded with original reportage, Greenberg's urgent and clarifying book will inform and worry everyone concerned about national and cyber security.(Reprinted with permission of Booklist, copyright 2019, American Library Association.)