// Comparison

Sandworm vs This Is How They Tell Me the World Ends: Which Should You Read?

Two cybersecurity books on Narrative, compared honestly: who each is for, what each does best, and which to read first.

Beginner

5/52019

A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers

Andy Greenberg

Long-form journalism on the GRU's hacking operations, the best non-technical book on what state-level cyber actually looks like.

Beginner

4/52021

This Is How They Tell Me the World Ends

The Cyberweapons Arms Race

Nicole Perlroth

Nicole Perlroth's reporting on the global zero-day market: how exploits get bought, by whom, and how the gray-then-black market shapes which vulnerabilities get fixed and which get hoarded.

Read this if

Anyone who wants to understand the strategic context their day job sits inside, defenders, policy people, students choosing a path.

Anyone who needs to argue about responsible disclosure, vulnerability equity, or the ethics of offensive cyber work, with stakes the policy debate usually keeps abstract. Strong prerequisite for security leadership conversations with policy and legal teams.

Skip this if

Readers wanting deep technical detail. The forensic granularity exists, but the book lives at the operational and political levels.

Practitioners who already work in vulnerability research; the book covers terrain they live in and may find some passages overstated. The framing is journalistic and uncomfortable rather than measured, by design.

Key takeaways

NotPetya was not a ransomware accident; it was a wartime weapon that overshot.
Attribution is slow, contested, and political, but it is also possible and increasingly precise.
The line between cybercrime and statecraft is thinner than the threat-intel literature suggests.

The zero-day market is a mature, multi-billion-dollar industry with brokers, escrow, exclusivity terms, and after-sales support; it stopped being underground a decade ago.
The vulnerability-equity question (disclose vs. retain) is a policy decision that crosses every government's NSC; the book makes the tradeoffs legible to non-specialists.
Most public attribution of "sophisticated" attacks has the same handful of vendor/broker fingerprints in the supply chain; the market is smaller than it looks.

How they compare

We rate Sandworm higher (5/5 against 4/5 for This Is How They Tell Me the World Ends). For most readers, that means Sandworm is the primary pick and This Is How They Tell Me the World Ends is a useful follow-up.

Both books target beginner-level readers, so the choice is about topic, not difficulty.

Sandworm and This Is How They Tell Me the World Ends both cover Narrative, Geopolitics, so reading them in sequence reinforces the same material from different angles.

Keep reading

Sandworm

→ Alternatives to Sandworm → What to read after Sandworm