NotPetya cost the global economy ten billion dollars in a single afternoon. Ten. Billion. I was debugging a particularly nasty race condition at 11 PM when I started this audiobook, and by the time Greenberg got to the part where Maersk—the shipping giant that moves like 20% of global trade—had their entire IT infrastructure reduced to digital rubble, I'd completely forgotten about my own production issues. Perspective, I guess.
This is basically a true crime thriller but for state-sponsored cyberattacks. And honestly? It's more terrifying than any horror novel I've listened to this year. The investigative depth here reminded me of The Short and Tragic Life of Robert Peace—both authors build these layered narratives from exhaustive research, making you care deeply about outcomes you already know.
When Your Threat Model Is a Nation-State
Greenberg does something really smart here. He doesn't just dump technical details on you and expect you to care. He traces Sandworm—this elite Russian GRU hacking unit—through their escalating attacks like a detective following breadcrumbs. The 2015 Ukrainian power grid attack. The 2016 sequel. The Olympic Destroyer malware during Pyeongchang. Each chapter builds on the last, and you start to see the pattern: these aren't random acts of digital vandalism. This is a testing ground.
The NotPetya section is where things get genuinely chilling. Greenberg walks you through how a piece of malware disguised as ransomware—but actually designed purely for destruction—spread from a Ukrainian accounting software update to basically every major corporation with Ukrainian operations. Merck. FedEx. Mondelez. The malware exploited EternalBlue (yes, that NSA exploit that leaked) and just... ate everything. Hospitals in Pennsylvania couldn't access patient records. Maersk employees were literally running to Ghana to retrieve the one domain controller that survived because it happened to be offline during a blackout.
As someone who's been paged at 2 AM for incidents that affected maybe a few thousand users, the scale here is almost incomprehensible. And Greenberg makes you feel it.
Mark Bramhall Keeps You Locked In
I'll be honest—twelve hours of cybersecurity journalism could easily turn into a slog. But Bramhall's narration hits this sweet spot between journalist gravitas and thriller pacing. He doesn't try to do voices or anything dramatic. He just... delivers. Clear, steady, professional. Which is exactly what this material needs.
I listened at 1.5x during my commutes and never felt lost, even during the more technical sections about malware analysis and attribution methods. That's the real test for nonfiction audiobooks—can you follow the thread while some guy's backpack is in your face and the Caltrain is doing that thing where it randomly stops for ten minutes outside Redwood City? Bramhall passes.
No fancy sound effects or production tricks here. Just clean audio and solid narration. For this kind of investigative journalism, that's exactly right.
The Part That'll Keep You Up at Night
Here's what got me: Greenberg doesn't just document what happened. He makes you understand why it matters going forward. The lines between cyberwar and regular war are basically gone now. NotPetya wasn't targeted at specific military assets—it hit hospitals, shipping companies, pharmaceutical manufacturers. Civilians. And because it spread automatically, even Russian companies got hit. The attackers either didn't care or didn't think that far ahead.
There's this moment where Greenberg talks to security researchers who've been tracking Sandworm for years, and you can hear the frustration. They know who's doing this. They can trace the attacks. But attribution doesn't equal accountability when the attackers are backed by a nuclear power.
The book came out in 2019, which means it predates... well, everything that's happened since. Reading it now feels almost prophetic. The groundwork for modern cyber conflict was being laid while most people were worried about whether their smart fridge was spying on them.
Who Gets Root Access (And Who Should Ctrl+Z)
If you work in tech—especially anything touching security or infrastructure—this is required listening. Period. The ROI on understanding how nation-state attacks actually work, how they spread, and why attribution is so hard? Enormous.
But honestly, you don't need a technical background. Greenberg explains the concepts clearly enough that my boyfriend Kevin (marketing, bless him) followed along when I made him listen to a few chapters. If you can understand that computers talk to each other and sometimes bad people make them do bad things, you're equipped.
Skip this if you want escapism. This is the opposite of escapism. This is "oh god, everything is connected and vulnerable and there are state-sponsored hackers testing our infrastructure constantly" fuel. You've been warned.
git push --force recommendation
Three commutes. That's how long this took me, and I was genuinely annoyed each time I had to stop. Greenberg turned what could've been a dry policy paper into something that reads—listens?—like a thriller. The fact that it's all true makes it worse. Or better. Depending on how you feel about existential dread.
If you care about cybersecurity, geopolitics, or just want to understand why your company's IT department is so paranoid about that phishing training, this is worth your credit. And maybe keep a backup of your important files offline. Just saying.








![Steve Jobs [unabridged audiobook] audiobook cover](/_next/image?url=https%3A%2F%2Fcovers.audiobooks.com%2Fimages%2Fcovers%2Ffull%2F9788499923406.jpg&w=1920&q=75)




