My review of Sandworm: an essential guide to the new, reckless world of "cyberwarfare"

For years, I've followed Andy Greenberg's excellent reporting on "Sandworm," a set of infrastructure-targeted cyberattacks against Ukraine widely presumed to be of Russian origin, some of which escaped their targeted zone and damaged systems around the world.

Greenberg has turned that work into a book-length cyber-whodunit, Sandworm, that comes out today. I reviewed it for the LA Times, where I described it as: "a tour through a realm that is both invisible and critical to the daily lives of every person alive in the 21st century."

One of the weirdest conversations I ever had was about this matter. It was a decade ago, and I was on a holiday in the Caribbean and the only other guests at the hotel were a family of State Department people. Dad had been with USAID when the Soviet tanks rolled in Hungary, his sons worked for undisclosed agencies within State. Hereditary spooks.One day, one of these second-gen spooks and I were by the pool and we got to talking about cyberwar, which he was very bullish on. I spent about an hour trying to explain to him that cyberwar and cyberweapon were imperfect analogies, so imperfect as to be terribly misleading. It was clear that he thought a cyberweapon was like a digital bomb: a tool that somehow projected force over an adversarys digital infrastructure.

But a cyberweapon isnt that at all. A cyberweapon, is, at root, a secret. Specifically, its a secret about a defect in a piece of software, preferably software that is in wide usage.