“Como as melhores escritas do gênero true crime (itálico), a narrativa de Greenberg é perversamente divertida e aterrorizante.” ― The New York Review of Books Este livro conta a história do Sandworm, o exemplo mais claro, até então, de agentes desonestos avançando na distopia da ciberguerra. A obra acompanha o trabalho de anos de detetives rastreando esses hackers ― enquanto as impressões digitais do Sandworm apareciam em um cenário de desastre digital atrás do outro ― para identificá-los e localizá-los, além de chamar a atenção para o perigo que o grupo representava, na expectativa desesperada de impedi-los. Mas Sandworm não é apenas sobre um único grupo hacker, ou mesmo sobre a ampla ameaça da vontade irresponsável da Rússia de promover essa nova forma de ciberguerra ao redor do mundo. É a história de uma grande corrida armamentista global que continua até hoje. A história real do ciberataque mais devastador da história “A obra explica, em detalhes arrepiantes, como as guerras futuras serão travadas no ciberespaço e defende o argumento de que fizemos pouco, até agora, para preveni-las.” ― The Washington Post (itálico) Em 2014, o mundo testemunhou o início de uma misteriosa série de ciberataques. Mirando empresas de utilidades públicas norte-americanas, a OTAN e as redes elétricas no Leste Europeu, os ataques ficavam cada vez mais ousados. Eles culminaram no verão de 2017, quando o malware conhecido como NotPetya foi liberado, penetrando, rompendo e paralisando algumas das maiores empresas do mundo ― desde fabricantes de medicamentos e desenvolvedores de software até empresas de transporte de remessas. O NotPetya se espalhou pelo mundo, causando US$10 bilhões em prejuízo ― o ciberataque mais amplo e destrutivo que o mundo já tinha visto. Os hackers por trás desses ataques estão ganhando a reputação de equipe mais perigosa de ciberguerreiros da história: um grupo conhecido como Sandworm. Eles representam uma força persistente e de alta qualificação, cujos talentos só não superam a disposição em lançar grandes e irrestritos ataques à infraestrutura mais crítica de seus adversários. Eles miram setores privados e do governo, tanto militares quanto civis. Este livro revela como os limites entre o conflito digital e físico, e entre tempo de guerra e tempo de paz, começaram a ficar mais obscuros ― com consequências que reverberam no mundo inteiro.

The author is an investigative journalist for Wired and this is a frightening history of recent hacking attacks on civilian infrastructure, mostly in Ukraine but also worldwide in at least one case, and mostly coming from the GRU in Russia. The absence of any substantive response from our government and marginal interest in the media have left a knowledge gap that the author deftly fills for us. The story builds like a mystery novel as the author interviews experts all over the world and even travels to Moscow to look at the building where the Sandworm hackers work. We might consider having some cash on hand for when the ATMs go down, and think about putting some important things on paper for when your back-up in the cloud is encrypted and there is no key. The hospital where I worked computerized their laboratory in the 1980s, and they discarded any manual backup system a few years later. ( )

Well presented; a bit disappointed in the "they hacked the election" drum beating in the background. The books takes a stretch and tries to equate industrial sabotage (which can cost human lives and billions of dollars) with political propaganda tools and schemes. The two acts are not nearly equivalent. Otherwise this would have been a very good book. ( )

Really well told. Lots of complicated parts to this story that were well told. Cyberwar is where the world is going. Expect these attacks to get ever more sophisticated. And if so, I want to read about them. odds are that this isnt going to end well and people are going to get hurt. ( )

Andy Greenberg's book "Sandworm" describes how easy it can be for cyberhackers to cripple another nation. He documents how Russia has already caused havoc in their neighboring states such as Estonia, Georgia, and especially Ukraine, not only by interfering in their national elections, but more importantly, by crippling their electrical grids, essentially shutting the Country down.

Attacks like that go beyond the simple inconvenience people may face from time to time with brief electrical losses. Taking out the entire grid for a substantial period of time means that nothing works. Computers, phones, banking, ATM's, transportation, lights, refrigeration, manufacturing, etc. --- all gone. If done during a period of military conflict, even military capabilities would be disrupted. It's also very dangerous, even if done in the absence of military conflict, since the physical, financial, and communications damage could be severe enough to compel a nation to respond against the attacker militarily.

Greenberg's focus for cyberwar logically is on Russia. It's was identified in the October, 2020 Homeland Security Threat Assessment issued by the U.S. Department of Homeland Security as possessing some of the most sophisticated cyber capabilities in the world— capabilities which can disrupt or damage U.S. critical infrastructure networks via cyber-attacks. In addition to having the cyber capabilities to compromise or disrupt critical infrastructure in the U.S., the report goes on to state that cyber threats to the Homeland from other nation-states and non-state actors will remain acute – and will likely grow as well.

So the book "Sandworm" is a real eye-opener as to what has already occurred, and what may well occur in the future. It certainly makes me think of how future conflicts between nations may be like nothing experienced in past conflicts. Military planners tend to prepare to fight future wars based in a large part on how past wars were fought. After the First World War, battleships were thought to be the be-all and end-all, but aircraft carriers proved more effective in the WW II; trench warfare was the norm in WWI, and the French built the Maginot Line to be the be-all and end-all to defend against Germany prior to WWII. But the Germans blitzkrieg quickly went around that defensive line in WW II, and occupied Paris within a month, etc. And in the Second World War, or the War in Vietnam, many a raid was made by brave soldiers, fliers or Navy Seals to sabotage key infrastructure like power plants, railroads, or dams. But as Greenberg points out in this book, air attacks or special forces are no longer the only way to destroy key infrastructure of enemies - they now can easily be destroyed by hackers in a cyberwar, and he explains exactly how easily that can (and has) been done.

Greenberg's warnings are serious and well respected. He has recently won the Gerald Loeb Award for International Report journalism for his story "The Untold Story of NotPetya, the Most Devastating Cyberattack in History", in Wired Magazine. In it, he describes how a single piece of computer code crashed systems across the globe, leading to crippled seaports, paralyzed corporations, frozen government agencies, etc. This book, "Sandworm" provides those details and more. It focuses on the most dangerous hackers in Russia, who have demonstrated their abilities several times to interfere in elections in Estonia, Georgia, and Ukraine, and to disrupt the electrical grids there, causing massive power failures throughout those Countries. Additionally, Greenberg points out that Russian hackers have already been identified as interfering in the U.S. elections of 2016, and Russian hackers already have been identified as having hacked into the U.S. electrical grid. Luckily, they haven't flipped any switches at this point in time, but they've clearly demonstrated having the ability to do so.

Warnings of the capabilities of cyber attacks won't come as a surprise to too many readers of this book, as most will probably remember the 2014 North Korean hack into Sony Pictures, stealing movies, scripts, personal information, and causing millions of dollars of losses. Most should also remember the Stuxnet computer worm which infected Iranian controls for high-speed centrifuges used to enrich uranium for use nuclear weapons.

So "Sandworm" is pretty scary, reading about how cyberattacks can impact us all. Imagine having no water, oil and gas, no refrigeration, no access to money, traffic lights not working, air traffic stalled, etc. Looking at the ability of foreign nations to conduct cyberwar is gripping, captivating, and engrossing. It should be must-reading for IT security staff at all U.S. electrical, oil, gas, communication, and water utilities.

One bit of possibble good news I noted while reading this book is that the U.S. House of Representatives unanimously passed four bills at the end of September, 2020 aimed at securing the power grid and other energy infrastructure against cyberattacks. These bills (HR 5760, the Grid Security Research and Development Act; HR 359, Enhancing Grid Security through Public-Private Partnerships Act; HR 360, the Cyber Sense Act of 2019; and HR 362, the Energy Emergency Leadership Act) make a lot of sence and are welcomed by the electric utilities, so I imagine that means that the Senate will delay in taking them up and they'll never get enaced until something terrible occurs.
( )