Cyber Shelf

// Comparison

Dark Territory vs Sandworm: Which Should You Read?

Two cybersecurity books on Geopolitics, compared honestly: who each is for, what each does best, and which to read first.

Beginner
4/52016
Dark Territory

The Secret History of Cyber War

Fred Kaplan

Fred Kaplan's policy-side history of US cyber capability, from Reagan-era panic about WarGames to the institutional buildup of NSA's offensive arm and the political fights over its use.

Beginner
5/52019
Sandworm

A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers

Andy Greenberg

Long-form journalism on the GRU's hacking operations, the best non-technical book on what state-level cyber actually looks like.

Read this if

Anyone who needs the political backstory of US cyber capability: how doctrine, contracting, and inter-agency turf wars shaped what NSA, CYBERCOM, and FBI Cyber actually do. The institutional history that operational books skip.
Anyone who wants to understand the strategic context their day job sits inside, defenders, policy people, students choosing a path.

Skip this if

Practitioners wanting technical detail on specific operations. Kaplan is a Pulitzer-winning policy reporter; the depth is in the inter-agency politics, not the implementation.
Readers wanting deep technical detail. The forensic granularity exists, but the book lives at the operational and political levels.

Key takeaways

  • US cyber capability grew in fits, not strategy: each major investment was driven by a specific embarrassment (Solar Sunrise, Moonlight Maze, Buckshot Yankee, OPM) rather than coherent doctrine.
  • The civilian/military divide and the NSA-vs-FBI turf wars predict more about policy outcomes than any classified document the author had access to.
  • Stuxnet was the apex of an institutional learning curve that started with Reagan watching WarGames; the book makes the line continuous.
  • NotPetya was not a ransomware accident; it was a wartime weapon that overshot.
  • Attribution is slow, contested, and political, but it is also possible and increasingly precise.
  • The line between cybercrime and statecraft is thinner than the threat-intel literature suggests.

How they compare

We rate Sandworm higher (5/5 against 4/5 for Dark Territory). For most readers, that means Sandworm is the primary pick and Dark Territory is a useful follow-up.

Both books target beginner-level readers, so the choice is about topic, not difficulty.

Dark Territory and Sandworm both cover Geopolitics, Narrative, so reading them in sequence reinforces the same material from different angles.

Keep reading

Dark Territory

Alternatives to Dark TerritoryWhat to read after Dark Territory

Sandworm

Alternatives to SandwormWhat to read after Sandworm

Related topics

GeopoliticsNarrative