Sandworm, a brief book review

Recently, I have managed to find some free time to get back into the habit of reading. One book that I have been neglecting to read for a while is Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers by Andy Greenberg.

I must admit, I am not a geopolitical expert or a history buff by any means. I needed a resource that I could look into to become, at least, a bit more aware of the topic, especially considering the Russian invasion of Ukraine earlier this year.

The book contains accounts of several people who witnessed and as a consequence contributed to uncovering the cyber activities of Sandworm, the threat group attributed to the Russian military intelligence agency, GRU, that targeted Ukrainian critical infrastructure in 2015 and believed to be responsible for the NotPetya havoc in 2017. The book also tells several “tales from the trenches” which give a rather accurate insight of what it means to work in the field of cyber threat intelligence.

Personally, what I liked about the book is that it is peppered with historical contexts and in-depth narratives (At least from an American perspective) that fused my disparate understanding of the events associated with Sandworm’s activity. Furthermore, the book piqued my curiosity in regards to ICS/SCADA systems security; even more so when one portion of the book posited that having the capability to successfully attack critical infrastructure such as water plants and power station is akin to having nuclear weaponry. I found myself agreeing with this grim sentiment and outlook.

Overall, I enjoyed reading the book in its entirety. It gives a wide array of perspectives, told in an engaging and thought-provoking manner.

Further reading and references

Written on June 26, 2022