The Reading Room

Recom­mendations

A working shelf for anyone trying to understand the ransomware protection economy: the money, the metal, and the roof over both. Books, primary-source reports, and the feeds we check daily. Suggestions and additions are welcome, the list is meant to grow.

01Books · The Long Read

Narrative nonfiction that builds the mental model: how Russian and CIS crews operate, how the cash-out works, and why takedowns so often fail to stick.

/ 01
Sandworm
Andy Greenberg · 2019
The definitive account of Russia's GRU-linked hacking unit and the NotPetya attack, the most destructive cyberattack in history. The clearest illustration of state-directed offensive operations and the impunity that follows them.
The Krysha
View →
/ 02
The Ransomware Hunting Team
Renee Dudley & Daniel Golden · 2022
A band of volunteer researchers who break ransomware and help victims recover without paying. Grounds the abstract ecosystem in the people fighting it and the technical realities of the malware itself.
Threat Actors
View →
/ 03
Tracers in the Dark
Andy Greenberg · 2022
How investigators learned to follow cryptocurrency that was assumed to be untraceable, straight to the people behind it. Essential for understanding the Money layer: where the cash-out breaks and how it gets exposed.
The Money
View →
/ 04
Spam Nation
Brian Krebs · 2014
Older but foundational: the inside story of Russian organized cybercrime and the pharma-spam empires that built the playbook. The cast of characters and the protection dynamics map directly onto today's ransomware economy.
The Krysha
View →
/ 05
Fancy Bear Goes Phishing
Scott J. Shapiro · 2023
A historian-of-ideas approach to five landmark hacks, including the GRU breach of the DNC. Strong on why systems stay insecure and how attacker incentives, not just code, shape outcomes.
Foundations
View →
/ 06
This Is How They Tell Me the World Ends
Nicole Perlroth · 2021
The global market for software exploits, the raw material that fuels intrusions. Context for the supply side of the ecosystem and how vulnerabilities become weapons.
Foundations
View →
/ 07
Countdown to Zero Day
Kim Zetter · 2014
The Stuxnet story, told with rigor. A useful baseline for how nation-state cyber operations are planned, deployed, and attributed, which informs how to read the protection layer.
Foundations
View →
02Reports & Primary Sources

The tracking numbers and policy frameworks behind the analysis. Treat these as the data layer: cite them, do not invent figures.

03Ongoing Reading · Feeds & Reporting

Where the news actually breaks. Daily and weekly sources worth a standing tab.

04Contact

Have a recommendation, a tip, or a correction?

Suggestions for the shelf are welcome, and so are leads, data, and pushback on the analysis. Confidentiality respected. Use the address on the right.

Reach the project ransomwareedp@gmail.com