Part 1.
State of emergency

Chapter 1.
Zero Day
Chapter 2.
Black Energy
Chapter 3.
Arrakis
Chapter 4.
Power multiplier
Chapter 5.
Starlight Media
Chapter 6.
From the Holodomor to Chernobyl
Chapter 7.
From Maidan Square to Donbas
Chapter 8.
blackout
Chapter 9.
investigation team

Part 2.
prelude

Chapter 10.
Flashback: Aurora
Chapter 11.
Flashback: Moonlight Maze
Chapter 12.
Flashback: Estonia
Chapter 13.
Flashback: Georgia
Chapter 14.
Flashback: Stuxnet

Part 3.
evolution

Chapter 15.
warning
Chapter 16.
Fancy Bear
Chapter 17.
F Society
Chapter 18.
polygon
Chapter 19.
Industrial/Crash Override

Part 4.
zenith

Chapter 20.
Musk
Chapter 21.
secret broker
Chapter 22.
Eternal Blue
Chapter 23.
Mimikatz
Chapter 24.
Notpetya
Chapter 25.
national emergency
Chapter 26.
breakdown
Chapter 27.
cost
Chapter 28.
aftereffects
Chapter 29.
distance

Part 5.
identity

Chapter 30. GRU
Chapter 31.
turncoat
Chapter 32.
Information battle
Chapter 33.
punishment
Chapter 34.
Bad Rabbit and the Olympic Destroyer
Chapter 35.
camouflage tactics
Chapter 36.
74455
Chapter 37.
Tower
Chapter 38.
russia
Chapter 39.
Elephants and Rebels

Part 6.
lesson

Chapter 40.
Geneva
Chapter 41.
Black Start
Chapter 42.
resilience
__Epilogue
__supplement.
Sandworm and the French Election Hacking

In 2014, the world witnessed the beginning of an unidentified cyberattack.
Attacks on American power companies, NATO, and Eastern European power grids are becoming more serious by the day.
Attacks reached their peak in the summer of 2017 with the emergence of a malware called NotPetya.
Businesses around the world have been hit, from pharmaceutical companies to transportation companies to software developers.
In Ukraine, at the height of the attack, even ATMs stopped working.
Rail and postal services were shut down, and unprecedented damage, estimated at $10 billion, occurred worldwide.

The hackers behind the attacks have earned a reputation as some of the most dangerous cyberwarriors in history.
These are sandworms.
Working for the Russian military's intelligence agency, they demonstrated sophisticated hacking skills and carried out widespread and unchecked attacks on the enemy's most critical infrastructure.
Governments, private industry, the military, and civilians were all attacked indiscriminately.

In a chilling story told around the world, Sandworm threatens our national security and stability with cutting-edge cyberweapons.
With the Kremlin's foreign espionage activities a major issue, this book delves into the reality of Russia's digital global assault and the invisible battlefield.
It informs readers about how the boundaries separating digital and physical conflict, war and peace, have been broken down, revealing the shocking consequences.

Author's Note

Internet security experts have been warning for decades that attacks that seemed out of the realm of movies are becoming a reality.
Hackers will move beyond simple crime or government-directed espionage to attacking the critical digital infrastructure of modern society.
When a Russian hacker group attacked Estonia in 2007, almost all of the country's websites were damaged.
And two years later, Stuxnet, a malware developed by the U.S. National Security Agency (NSA), destroyed Iran's uranium enrichment centrifuges.
All of these incidents foreshadowed the future of cyberattacks.
Cyber ​​attacks will now extend beyond the cyber world and penetrate into important parts of real society.

A more pronounced and direct sign emerged in 2014 when Russia intervened militarily in Ukraine.
Since the following year, 2015, cyberattacks have been steadily occurring against the Ukrainian government, media, and transport infrastructure.
As a result, an unprecedented power outage caused by hackers occurred, affecting hundreds of thousands of citizens.
Security experts have also expressed concern that Russia may be experimenting with cyber warfare in Ukraine.
He also warned that this new form of attack could target the United States and NATO, as well as those ill-prepared for cyberattacks.
Finally, it was analyzed that Sandworm, a hacker group supported by the Russian Presidential Palace, the Kremlin, was behind all these attacks.

Over the next two years, Sandworm prepared for its attacks, reportedly redefining the meaning of cyberwarfare by calling itself the world's greatest hacker group.
And finally, in late June 2017, it is believed to have spread malware known as NotPetya.
NotPetya is considered one of the most vicious codes in history.
Sandworm is a prime example of what a state-sponsored hacker group armed with cutting-edge technology can do.
They shook the foundations of society from thousands of kilometers away, attacking complexly intertwined systems and causing unexpected and devastating damage.

Looking back at Sandworm's attacks, we can glimpse how future cyber warfare might unfold.
If cyber warfare accelerates, government-led hacking wars are bound to become more extreme.
The weeks-long power outage seen in Ukraine will likely be much longer, and the damage will be even greater than the power outages, casualties, and economic impact of Hurricane Maria in Puerto Rico.
Hackers could cause chaos by physically destroying industrial facilities, or they could paralyze enemy infrastructure by rendering hundreds of thousands of computers inoperable, as happened with NotPetya.

This book tells the story of Sandworm, which vividly illustrates the devastating consequences of cyberwar.
Based on research that has tracked the sandworm's tracks for years, we aim to raise awareness of a potentially preventable situation.
This book is not simply about a group of hackers, nor is it intended to condemn the reckless hackers of Russia.
This book is about the ongoing power struggle between great powers.
Not only did the US and the West lose this power struggle, they also rushed to develop tools that could be used for digital attacks.
As a result, it created the potential for greater confusion.

Translator's Note

It's important to acknowledge that we are all vulnerable to cyberattacks.
In modern society, we are all connected and live lives dependent on the Internet.
And this connection continues to strengthen.
The higher the dependence, the more vulnerable you are to attacks.
You're okay with not using computers or smart devices? Even if you don't use them, the infrastructure is already connected.
Bus and subway operations, broadcast transmissions, power supplies, postal delivery systems, financial networks, government administrative systems, and military networks are all subject to attack.
First of all, we must thoroughly build a defense barrier to ensure that this infrastructure can withstand attacks.
We must constantly improve the reliability of our infrastructure to prepare for attacks.


But more importantly, we need to recognize that any infrastructure can be attacked.
Every system has numerous vulnerabilities.
Although system security experts identify and defend against vulnerabilities every day, it is impossible to discover and defend against all vulnerabilities in a system that evolves rapidly.
A hacker can penetrate a system by successfully exploiting just one vulnerability.
We must acknowledge this fact and prepare for the eventuality that our infrastructure will be damaged by attack.
We must put significant effort into ongoing training and manual updates to minimize damage from attacks and ensure rapid recovery.


This book is a documentary that delves into incidents that clearly demonstrate how cybersecurity can impact the real world.
This book delves into the unprecedented scale of Internet hacking with the tenacity of a journalist, detailing the origins of the incident, the perpetrators and culprits behind the attack, the groups involved, and the potential risks.
This book examines from various angles the numerous hacking incidents suspected to be Russian, starting with the blackout in Ukraine.
Many people claim that Russia interfered in the US presidential election. Aren't you curious about the evidence behind these claims? Aren't you curious about when and how this interference began, and what official or unofficial responses the US took? The WannaCry ransomware incident, widely believed to be the work of North Korea, is also included in this book.
It also covers the hacking incident targeting the 2018 Pyeongchang Winter Olympics.
We hope you enjoy this novel-like story, told through the author's extensive research and extensive collection of evidence.