The Geopolitics of Information and the Dystopian Futures of Cyber-Espionage: A Study of This Is How They Tell Me the World Ends

After completing Sandworm, which had thoroughly enthralled me as a reader, I knew I needed to find another cyberwarfare novel. 

Therefore, after a few hours of thoroughly reviewing Goodreads and library catalogs, I decided to engage in Nicole Perlroth's This Is How They Tell Me the World Ends. In the following twenty-four hours, you could find me embarking on my next literary journey in the center of my local library, comfortably perched on one of the beige chairs, engulfed in the mid-morning sunlight. 

Early Encounters with Perlroth’s Novel

Delving into the prologue, I recognized that its contents relatively covered much of the contents of Sandworm, as Perlroth initially educates with numerous details regarding the Kremlin's—a commonly used metonym for the Russian government—infamous cybersecurity endeavors and geopolitical developments of the 2010s, interference with the American, Ukrainian, and French elections, development of NotPetya, initiation of the 2015 Ukrainian power-grid blackouts, and Perlroth even refers to the 2007 Estonian DDoS attacks—a personal interest of mine due to its illustration of Russian relations with the post-Soviet nations. 

In the introductory pages of her debut novel, Perlroth remains keen on emphasizing Russia’s participation in cyberwarfare primarily targeting Eastern Europe, but on the contrary, she includes a prominent caveat referring to a greater frequency of future attacks targeting American populations and beyond.

With growing weaponry and greater accessibility through globalization, Perlroth strongly describes the possibility of a future that results from the exponentially growing usage of cyber weaponry by stating that “This Is How They Tell Me The World Ends” (Perlroth xxvii). 

As I continued to proceed, I caught a striking, unfiltered narrative bound to educate even those least aware of the industry, and one into which I was about to dive headfirst. 

As of 2025, Perlroth can be accredited as being an expert in her field, given her tremendous success in espionage and sabotage reporting, but she takes time to address her calling to the field in which she was recruited by the New York Times, who had identified her talent while she was writing about venture capitalism. 

Once she has completed an appropriate summary of her history in the field, she refers to the start of her journey in investigating the market and underground business for cyber weaponry. As a student, I was particularly interested in gaining a perspective on this domain, as it was one that I did not hear consistently about through my previous classes and personal research. Thus, I followed Perlroth's commentary with an unfamiliar ear but felt entirely capable of following along well with the novel’s contents. 

She first introduces the relevance of the cyberweapons—or more specifically, the zero-day market—by setting the scene in Chantilly, Virginia, in the third chapter, illustrating Texan John P. Watters's purchase of iDefense in 2002. Thus, she emphasizes its transition from being a threat alert platform—under threat by historically popular posting platforms such as BugTraq—to establishing a refined, resurrectional business model in which iDefense would pay hackers to scour for zero-day vulnerabilities that would be profitable to their clients through a Vulnerability Contributor Program—otherwise known as a VCP. 

Furthermore, Perlroth’s description of the upcoming business model sets the literary stage for the following chapters in the novel, demonstrating the progression of a developed, underground Vulnerability Contributor Program that doesn’t merely have the clientele of the Five Eyes alliance—consisting of some of the United States’s closest allies, such as Australia, Canada, New Zealand, and the United Kingdom—but all those willing to pay what would soon become hundreds of thousands of dollars for critical digital exploitations. 

With a narrative established, Perlroth then reveals the truths of the industry, running wild across the countless pages and chapters. I found myself utterly intrigued in understanding the absolute scale of these immense relationships consisting of intelligence agencies, private security firms, and worldwide technophiles. 

True to her journalistic nature, and in order to fabricate compelling arguments, Perlroth utilizes rich interviews and expert insights to allow insight into the undisclosed industry. Whether it's concerning the truths of a sixteen-year-old Israeli boy contributing a zero-day to U.S. intelligence or insights on the development of the No More Free Bugs campaign, I learned more about the instances that emphasized the market’s turbulent power dynamics and diverse relationships.

Moreover, my growing interpretation of this underground market was that it—similar to any business platform—had ambiguous ethics. In a field where labels, such as "White Hat" and "Black Hat," define the field contributors' intention, I had a compelling experience interpreting how these components would affect the industry. 

Concerning the field’s ethical complexity, the second chapter secured my interest. In its passages, Perlroth closely examines the stories and backgrounds of two individuals, Sinan Eren and David Evenden. Eren, described foremost, grew up in Istanbul, Turkey, as part of the Kurdish population, meaning that he spent much of his youth surrounded by anti-Kurdish resistance and aggression.

Once developing technical skills and being employed by American company Aitel, he finds himself in none other than a nightmare scenario, being recruited by his own former government to provide cyberweapons that could potentially damage the livelihood of his own people, illustrating how geopolitical tensions infiltrate a seemingly apathetic, technical environment. 

Additionally, the latter, Evenden, is described by Perlroth to have faced a variety of challenges while working for the VPC industry abroad in Abu Dhabi, where he originally was allocated tasks to hack into foreign networks—all cleared by the NSA—but over time, with a greater connection to his employer, grew skeptical of his assignments, which eventually led him to hack into logistical operations of Michelle Obama’s visit to Qatar. Engaged in the astonishing story, I was unnerved by facing the reality of supervision errors in intelligence, and I continued my ventures into the following chapters.

A Marine Motif

Concerning what is considered an ethically gray industry, Perlroth utilizes one repetitive phrase throughout the novel in the instances in which her interviewees or accompaniments refused to acknowledge their involvement in the distribution of exploits to immoral hands: ‘the f__king salmon.’ 

The term, phrased by her coworker in response to an Italian hacker—refusing to speak of his line of work arming national states or criminal groups with cyberweapons—at a Miami security conference, is later employed by Perlroth as a tool to emphasize the secrecy and moral ambiguity of the market, further supporting the need for her work to continue, as she sought to draw closer attention to the lack of transparency among many governments, hackers, and companies alike.

But the faulty sense of detachment aligned with contributors in the zero-day market would eventually cease—reminding those engaged with the crafts of exploitation of their critical impact—through a series of escapades described by Perlroth in the final chapters, building up to a final, eerie caveat. 

Once informing on an inside look at the development and trade of zero-day vulnerabilities, I was met with a familiar briefing on the critical events that I had been learning about throughout the prior weeks, all of which undeniably showcased the immense effects that the industry would bring upon not just adversary intelligence agencies but also millions of civilians who relied on the same public infrastructure that was now inevitably bound by the IoT for the sake of efficiency and performative status.

These events ranged from the initial discoveries of BlackEnergy in iSight Partners—which was founded by John Watters following the acquisition of iDefense—and the company’s findings on the Sandworm group, who soon would contribute with fellow Russian groups such as Cozy Bear, Fancy Bear, and the Shadow Brokers, in addition to the North Korean Lazarus Group, to utilize exploits such as WannaCry and NotPetya to alter civilian safety with the growing amount of hospital ransomware attacks, and, as Perlroth specifically characterizes, American political ideologies and unrest in the 21st century.

In the final chapter, an objectively long finale in comparison to the pacing used for the bulk of the novel, much of the content hones in on specifically Russian relations towards the United States throughout the Trump administration following his 2016 inauguration and explicitly details what could appear to be hundreds of attacks—ranging from fake social media accounts deploying disinformation campaigns to the release of confidential campaign information online—and builds up to a secondary climax where many federal officials questioned if the 2020 elections would face even greater digital interference. 

Although it is evident that the novel was finally addressing how the secretive nature of the zero-day market, in addition to the efforts of globalization and digitalization, was now taking its toll. I felt a bit bombarded with a narrative that primarily centralizes on American vulnerability for roughly forty pages. 

However, I shouldn’t have been surprised. Perlroth’s novel’s primary objective appeared to be how the United States’ success in offensive cyber strategies would match its inferior defense strategies and exposed vulnerability.

TIHTTMETWE…. In Review! 

My final thoughts on the novel were fairly pleasant. While I was appreciative of the novel’s efforts in depicting such in-depth research, which included providing countless perspectives and individual events collected from seven years of research, I felt occasionally overwhelmed with the frequent introductions of new settings and subplots meant to build on the novel's greater themes.

Even while writing this post, memories of reading insightful comments and narratives regarding topics such as the growing technical community in Argentina and Apple’s privacy-related disruptions to U.S. intelligence following the San Bernardino terrorist attacks still linger in my mind, questioning my instincts on how to incorporate various aspects of the novel into a collective report.

Likewise, in light of the few common critiques I’ve seen of the novel, such as its American and European ethnocentrism, I would admit that they are fairly accurate from my perspective. 

Nevertheless, Perlroth indicated from the start that the purpose of the novel was to highlight how the industry would eventually harm the United States. My best regards to the lessons I’ve learned from this novel, and on to the next.

Bibliography

Perlroth, Nicole. This Is How They Tell Me the World Ends : the Cyberweapons

     Arms Race. Bloomsbury Publishing, Bloomsbury Publishing, 2023.