Computing Reviews

Sandworm: a new era of cyberwar and the hunt for the Kremlin’s most dangerous hackers
Greenberg A., Doubleday,New York, NY,2019. 368 pp.Type:Book
Date Reviewed: 05/26/21

“Digital security” has been a buzzword of the past decades. The vulnerabilities grow as fast as the digital networks and systems, or rather faster--all new technologies add to the long list of possible means and/or targets for hackers. A personal laptop or other electronic device becoming a target of a virus or worm may seem a nightmare, leading so far as to a (perceived) personal disaster. Yet there are systems that, if attacked, will simply become a disaster and not just for a single person. The non-exhaustive list ranges from distribution networks, power grids, and banking systems, including automated teller machines (ATMs), to plants of all kinds, logistical systems, postal services, and last but not least, hospitals and other linked (even not strictly medical) services. Slightly aside, there are other already known targets that somehow may attack in fact the roots of valued democracy--voting systems and data and processes within elections (including all digital aspects of campaigns that are currently used).

Sandworm is the result of the author’s two years of intense investigations into the history of Sandworm and related issues. Sandworm as a group of Russian state-sponsored hackers caught the author’s attention, and he went back (in a way, he performed a reverse-engineering of sorts) to get to the roots of the hacking attacks targeted against a nation, civilians, and critical infrastructures, in place of (or side by side) a physical war. Hence, the book starts and finishes at a quite unexpected place: Ukraine. The author tries to explain the history of the nation (and occasionally a sovereign independent state) with such an imperialistic neighbor, that is, Russia. Why such an excursion to history and politics? Because Ukraine was the very first major target of the Sandworm hacking. The first power grid blackouts, and ATM network and payment system collapses, all this happened in Ukraine on a large scale. And from there the cyberwar evolved.

The author also explores where the cyberwar has its roots. As expected, it was cyberespionage and cybersabotage. Surprisingly, the oldest events do not have links to Russia, where Sandworm arose. As the author explains, the US-Israeli known cybersabotage of decades ago was led against the Iranian nuclear program and aimed at the destruction of a number of centrifuges (Stuxnet malware).

The possibility to create physical damage through digital lines is really horrific, yet most systems using command-and-control, from common ones to very specialized ones, may become targets for such elaborate hacking. Step by step, the author explains various known malware created by very distinct groups of hackers, such as Bad Rabbit, BlackEnergy, DoublePulsar, EthernalBlue, Industroyer/CrashOverride, NotPetya, WannaCry (listed purely in alphabetical order), supported possibly also by some typical ransomware. The author shows the variations of the targets--from plants, logistical corporations, banks, pharmaceutical companies, Olympic Games organizations, elections, and so on--and the history of going from a limited cyberattack to true cyberwar.

Overall, Sandworm is not a technical book: no prerequisite knowledge of computer science, communication networks, hacking tools, or history and politics is needed. The author does his best to explain only the necessary facts and details related to the topic, that is, Sandworm and cyberwar. It may occasionally read as a book on politics since most proven and/or suspected state-sponsored hacker groups have operated in Russia (and definitely not only against its current neighbors, Ukraine or Georgia). Yet Russia is only at the top of the growing number of states (administrations) that dare use cyberweapons against others. The US is not left out, yet still hopefully not purely on the offending side.

The book is divided in six parts, comprising 42 chapters and (a quite sad) epilogue. It does not run chronologically or strictly geographically, as it is full of flashbacks combined with interviews with responsible or concerned sources. Source notes (online sources) and a short bibliography are included.

The book is definitely useful for any reader who wants to understand the dangers of digitalization and who the enemies are, what hackers can do (especially if under government control and paid by state administrations), and how the world will end--oops, I mean evolve.

More reviews about this item: Amazon

Reviewer:  Rita Puzmanova Review #: CR147273 (2109-0234)

Reproduction in whole or in part without permission is prohibited.   Copyright 2024 ComputingReviews.com™
Terms of Use
| Privacy Policy