The Story of Sandworm, the Kremlin's Most Dangerous Hackers - 2019-11-05
Over the last half decade, the world has witnessed a disturbing escalation in disruptive cyberattacks. In 2015 and 2016, hackers snuffed out the lights for hundreds of thousands of civilians in the first power outages ever triggered by digital sabotage. Then came the most expensive cyberattack in history, NotPetya, which inflicted more than $10 billion in global damage in 2017. Finally, the 2018 Olympics became the target of the most deceptive cyberattack ever seen, masked in layers of false flags.
In fact, those unprecedented events aren't merely the recent history of cyberwarfare's arms race. They're all linked back to a single, highly dangerous group of hackers: Sandworm.
Since late 2016, I've been tracing the fingerprints of these Russian operatives from the US to Ukraine to Copenhagen to Korea to Moscow. The result is the book Sandworm, available Tuesday from Doubleday. But parts of that reporting have also been captured in a series of WIRED magazine features, which have charted the arc of Sandworm's rise and catalogued some of its most brazen attacks. Here, together, are those three stories, from the first shots fired in Sandworm's cyberwar against Ukraine, to the ballooning international toll of NotPetya, to the mysterious attack on the Pyeongchang Olympics, whose fingerprints ultimately led back to a tower looming over the Moscow canal.