From Wired senior writer Andy Greenberg comes the true story of the most devastating cyberattack in history and the desperate hunt to identify and track the elite Russian agents behind it.
"Much more than a true-life techno-thriller ... a tour through a realm that is both invisible and critical to the daily lives of every person alive in the 21st century."
—Los Angeles Times
In 2014, the world witnessed the start of a mysterious series of cyberattacks. Targeting American utility companies, NATO, and electric grids in Eastern Europe, the strikes grew ever more brazen. They culminated in the summer of 2017, when the malware known as NotPetya was unleashed, penetrating, disrupting, and paralyzing some of the world's largest businesses—from drug manufacturers to software developers to shipping companies. At the attack's epicenter in Ukraine, ATMs froze. The railway and postal systems shut down. Hospitals went dark. NotPetya spread around the world, inflicting an unprecedented ten billion dollars in damage—the largest, most destructive cyberattack the world had ever seen.
The hackers behind these attacks are quickly gaining a reputation as the most dangerous team of cyberwarriors in history: a group known as Sandworm. Working in the service of Russia's military intelligence agency, they represent a persistent, highly skilled force, one whose talents are matched by their willingness to launch broad, unrestrained attacks on the most critical infrastructure of their adversaries. They target government and private sector, military and civilians alike.
A chilling, globe-spanning detective story, Sandworm considers the danger this force poses to our national security and stability. As the Kremlin's role in foreign government manipulation comes into greater focus, Sandworm exposes the realities not just of Russia's global digital offensive, but of an era where warfare ceases to be waged on the battlefield. It reveals how the lines between digital and physical conflict, between wartime and peacetime, have begun to blur—with world-shaking implications.
Technology journalist Greenberg (This Machine Kills Secrets) delivers a taut inquiry into the "most devastating and costly malware in history" and the state-sponsored Russian hacker team that developed and deployed it. Housed within the GRU, Russia's military intelligence agency, the group has been nicknamed Sandworm for the references to science fiction novel Dune found in the code it used to shut down portions of Ukraine's power grid in December 2015. In June 2017, Sandworm launched a cyberattack that spread to "countless machines around the world" and caused billions of dollars in damages. Known as NotPetya, the malware used stolen NSA hacking tools to infect entire computer networks in a matter of seconds. Greenberg traces NotPetya's ripple effects and speaks with "the lonely club of Cassandras" who have been tracking Sandworm for years. According to at least one of his sources, the group also hacked into U.S. state boards of elections in 2016 and crashed the Wi-Fi at the 2018 Winter Olympics. Though much about Sandworm remains unknown, including its exact motivations, Greenberg is an adroit investigator and gifted metaphorist. His lucid, dynamic expos is a must-read for those worried about the vulnerabilities of the digital world.
Fantastic account of the cyber threats that we all face in this interconnected and interdependent world