CEO DailyCFO DailyBroadsheetData SheetTerm Sheet

Russia’s ‘Sandworm’ hackers will slither into the sunset

October 20, 2020, 2:35 PM UTC

This is the web version of Data Sheet, a daily newsletter on the business of tech. Sign up to get it delivered free to your inbox. 

In the sci-fi universe of Dune, sandworms are colossal, apex-predatory monsters that burrow underground on the planet Arrakis. Real-life sandworms are slightly less terrifying, but equally good at evading capture.

No, these aren’t actual worms. “Sandworm” is the codename that cybersecurity researchers bestowed on a particularly brazen Russian military intelligence unit known for egregious digital aggression. (This story’s feature image is selected with apologies to Andy Greenberg, the hacking unit’s unofficial biographer.)

A codename is needed no longer. On Monday, the U.S. Justice Department indicted six people it alleges to be members of the marauding crew. You can read the full document—which John Hultquist, a threat-tracker in the Mandiant unit of the cybersecurity firm FireEye, calls “a laundry list of many of the most important cyberattack incidents we have ever witnessed”—here.

Sandworm is, indeed, behind a slew of big, bad hacks. You may remember 2017’s destructive NotPetya cyberattack, the repeated shutdowns of portions of the Ukrainian power grid, or the web server-crippling assault on the 2018 Winter Olympics in Pyeongchang. Or perhaps you’ll recall Sandworm interfered in the 2016 U.S. election and in the 2017 French elections.

It’s an open question as to what surprises Sandworm might have been—or, indeed, might still be—planning for the 2020 U.S. presidential election. If nothing else, British officials said Monday the hackers were plotting hijinks for the 2021 Tokyo Olympics.

But the U.S.’s indictment, well-meaning though it is, is unlikely to bring anyone to justice. Since these hackers operate in a jurisdiction outside of Uncle Sam’s reach—specifically, the tower at 22 Kirova Street in the Moscow suburb of Khimki—they will be able to continue their cyberwarmongering unimpeded.

Some people fear the official accusation could even inspire more flagrant bellicosity. “These indictments might prove to embolden them rather than curb their behavior,” warns Chester Wisniewski, principal research scientist at the British cybersecurity firm Sophos.

Other experts, like Sam Curry, chief security officer at the cybersecurity firm Cybereason, are more hopeful. “It’s hard to believe that this behavior will lead to meaningful changes in Russian foreign policy,” he says. “But the goal isn’t just bringing the perpetrators to justice. The goal is to lay the building blocks for future work and a more peaceful, democratic, collaborative physical and cyber world one day.”

It’s an admirable, if quixotic goal; in the meantime, the world ought to prepare for the worst. “We’re no safer than we were yesterday,” Wisniewski says. Were the Sandworm hackers “to be arrested, their replacements are already in training, and the relentless thirst of nation-states to compromise and interfere with their adversaries goes undeterred.”

A Dunish sandworm will survive even if cut apart. With this indictment, Russia’s Sandworm is barely knicked.

Robert Hackett

Twitter: @rhhackett


Down comes the hammer. The Justice Department has been busy. Federal prosecutors are unloading an antitrust lawsuit on Google this morning. (See Aaron's early tweet-reporting.) The government is accusing the search giant of abusing its market power to quash competition and harm consumers, charges that harken back to ones Microsoft faced in the '90s. Google, unsurprisingly, says the suit is "deeply flawed." Further investigations concerning Amazon, Apple, and Facebook are ongoing.

Sorry to pop your bubble. Political polarization in this country is getting worse. (Shocker!) One solution frequently proposed by pundits—exposing people to countervailing perspectives—doesn't appear to help the situation. Recent research suggests that injecting opposing viewpoints into people's social media-curated "filter bubbles" merely exacerbates divisions, warns Wall Street Journal columnist Christopher Mims. 

Once you pop the fun don't stop. Speaking of bubbles, the Journal also observes the tech sector's influence over the stock market has reached a record high—beating the previous dot-com bubble peak. Conditions are ripe for initial public offerings, especially in the U.S. and China. Some companies are ready to take advantage: Billtrust, a U.S. payments processor, is planning to go public via a $1.3 billion SPAC merger. Alibaba's Ant Group is inching its way toward a supernova IPO, as Chinese regulators grant approvals. And ride-hailer Didi Chuxing is eyeing a 2021 IPO in Hong Kong that could value the company at more than $60 billion

Founder-friendly with benefits. Investors love tech, but they love founder-led tech even more. Companies like Amazon and Netflix are outperforming peers steered by hired managers. Profits at the former-type firms grew 30% over the past five years compared to a meager 6.7% uptick at the latter over the same period, Reuters found. The founder set's share price also doubled this year, easily besting the S&P 500's 7.8% gain. IBM, whose revenues declined 2.6% to $17.6 billion in the most recent quarter, isn't helping the hired-hands' numbers.

Let's forget this ever happened. Chipmaker-on-the-outs Intel is selling its flash-memory manufacturing business to SK Hynix, a South Korean chipmaker, for $9 billion. Bob Swan, Intel's CEO, is tightening the focus of the organization by shedding the Nand data storage unit, saying "this transaction will allow us to further prioritize our investments in differentiated technology," such as A.I. and 5G. The deal follows Intel's sale of its smartphone modem business to Apple last year. 

The ultimate guide to keeping it in your pants.


Remember three years ago when iPhone-assembler Foxconn agreed to build a $10 billion manufacturing hub in the state of Wisconsin? The development has been an abject disaster, to say the least. In this cautionary tale of corporate political favor-seeking, the Verge details the complete deterioration of the ill-conceived project.

Foxconn would spend the next two years jumping from idea to idea—fish farms, exporting ice cream, storing boats—in an increasingly surreal search for some way to generate money from a doomed project. Frequent leadership changes, a reluctance to spend money, and a domineering corporate culture would create an atmosphere employees described as toxic. Many of the employees The Verge spoke with have since left the company, and all of them requested anonymity out of fear of retaliation.


This A.I. CEO says if governments don’t regulate technology, we will live in a ‘very scary place’ by McKenna Moore

Everything to know about the political food fight over Section 230 by Danielle Abril

This is the fastest 5G mobile network right now by Aaron Pressman

Are you entitled to time off work to vote? Depends where you live by Geoff Colvin

NASA plans first cellular network on the moon by Kati Pohjanpalo

Has CFIUS become a tool for crony capitalism? By Lucinda Shen

(Some of these stories require a subscription to access.Thank you for supporting our journalism.)


Halloween is drawing near. If you're like me, you've been gearing up for the spooky season by streaming the occasional horror flick. (Most recently, I watched Steven Spielberg's Poltergeist and Tim Burton's Sleepy Hollow—both very fun.) What's the scariest movie of them all? The data demons at Broadband Choices, an Internet research firm, put 50 of the genre's finest films to the test by outfitting audiences with heart rate monitors and recording their response to viewings.

The reviews are in: 2012's Sinister is the ultimate blood-pumper. Which fright-romp is your favorite?