// Comparison
Permanent Record vs Sandworm: Which Should You Read?
Two cybersecurity books on Narrative, compared honestly: who each is for, what each does best, and which to read first.
Edward Snowden's first-person memoir: the technical work that led him into the NSA's mass-surveillance programs, his reasoning for disclosure, and the Hong Kong handoff to the journalists who broke the story.
A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers
Andy Greenberg
Long-form journalism on the GRU's hacking operations, the best non-technical book on what state-level cyber actually looks like.
Read this if
Skip this if
Key takeaways
- The technical case for the disclosures is sharper than the political coverage ever made it: Snowden walks through the specific architectures and capabilities that violated his oath.
- The personal-cost chapters are the underrated half of the book; whistleblowing is structurally discouraged because the pipeline is set up to make life miserable for the person who goes through it.
- Operational privacy is illustrated, not preached — the book is itself an artifact of careful OPSEC, and that lesson is worth more than any single chapter.
- NotPetya was not a ransomware accident; it was a wartime weapon that overshot.
- Attribution is slow, contested, and political, but it is also possible and increasingly precise.
- The line between cybercrime and statecraft is thinner than the threat-intel literature suggests.
How they compare
We rate Sandworm higher (5/5 against 4/5 for Permanent Record). For most readers, that means Sandworm is the primary pick and Permanent Record is a useful follow-up.
Both books target beginner-level readers, so the choice is about topic, not difficulty.
Permanent Record and Sandworm both cover Narrative, so reading them in sequence reinforces the same material from different angles.