Titan Rain
Titan Rain was the designation given by the federal government of the United States to a series of coordinated attacks on American computer systems since 2003; they were known to have been ongoing for at least three years.[1] The attacks were labeled as Chinese in origin, although their precise nature, e.g., state-sponsored espionage, corporate espionage, or random hacker attacks, and their real identities – masked by proxy, zombie computer, spyware/virus infected – remain unknown. The activity known as "Titan Rain" is believed to be associated with an Advanced Persistent Threat.
In early December 2005 the director of the SANS Institute, a security institute in the United States, said that the attacks were "most likely the result of Chinese military hackers attempting to gather information on U.S. systems."[2]
Titan Rain hackers gained access to many United States defense contractor computer networks who were targeted for their sensitive information,[1] including those at Lockheed Martin, Sandia National Laboratories, Redstone Arsenal, and NASA.
Attackers
The series of attacks are believed by some to be the actions of the People’s Liberation Army (PLA), rather than some freelance Chinese hackers. These hackers attacked both the American (Defense Intelligence Agency – DOD) and British Government Departments (Ministry of Defence – MOD). The British government had an incident in 2006 where a part of the House of Commons computer system was shut down by - initially thought to be an individual – an “organised Chinese hacking group.”[3] Although most of the evidence has pointed to the Chinese government as the attackers, China have claimed that it was not them who attacked the United States, leading to another possibility that it was hackers using Chinese computers. See Alternative Cases
Consequences
‘Titan Rain’ has caused friction between the U.S. and Chinese governments as, although with little evidence, the U.S. government has blamed the Chinese government for the attacks of 2004 on the unclassified, although potentially fatal information. Adam Paller, SANS Institute research director, stated that the attacks came from individuals with “intense discipline,” and that, “no other organisation could do this if they were not a military”. Such sophistication and evidence has pointed toward the Chinese military (People’s Liberation Army) as the attackers. [4]
‘Titan Rain’ reportedly attacked multiple high-end political systems, such as NASA and the FBI. Although no sensitive and classified information was reported stolen, the hackers were however able to steal unclassified information (e.g. information from a home computer). The fact that the information was classified or not was somewhat irrelevant; when it all comes together it could reveal the strengths and weaknesses of the U.S., making such an attack very damaging.[5]
‘Titan Rain’ has caused distrust between other countries (such as the United Kingdom and Russia – other superpowers) and China. Such distrust has occurred because these countries were likely attacked, but either did not detect an attack or have not released statements that they were attacked. The United Kingdom have stated officially that their governmental offices were attacked by hackers of a Chinese source. The events of ‘Titan Rain’ have caused the rest of the world to be more cautious of attacks; not just from China, but from other countries as well, thereby causing, however small, a slight distrust between other countries. This distrust between them may affect future agreements and dealings and as such further affect their relationship with China.
Alternative cases
One of the alternative to the People’s Liberation Army carrying out the attacks is: hackers using Chinese computers and websites to carry out the attack. It has been long known that many Chinese computers and websites are very insecure. Hackers use the website/system to attack a targeted system. This makes it look as if it was a Chinese system attacking the target, and not the hacker. This method allows a hacker to attack a system without his/her location being revealed. People’s Republic of China (PRC) have argued that this method had been used to attack the U.S. and other locations targeted by ‘Titan Rain’. This has, however, sparked controversy as to who actually cause the events of ‘Titan Rain’ – the Chinese or a bored hacker?[6]
In addition, to support Adam Paller’s idea of the attackers having to be a large, organised body with “intense discipline,” it is possible such an organisation could have exploited these insecure computers, servers and websites to attempt to steal sensitive information from the United States and other targets. A rogue state and/or a large, sophisticated collection of hackers could have used these insecurities in China’s computers to attack the targets, rather than China themselves being the attacker. Using this method of using China’s computers means that this organisation can hide themselves while making an effective attack, all with relative ease. Such a plot protects the hackers but put the Chinese government in a predicament where they cannot prove that they did not do the attack, causing tensions between the United States and China.
See also
- Shawn Carpenter
- Moonlight Maze
- Operation Aurora
- Cyberwarfare
- Advanced Persistent Threat
- Computer network operations
- Stakkato
References
- 1 2 Bodmer, Kilger, Carpenter, & Jones. (2012). Reverse Deception: Organized Cyber Threat Counter-Exploitation. New York: McGraw-Hill Osborne Media. ISBN 0071772499, ISBN 978-0071772495
- ↑ "Hacker attacks in US linked to Chinese military" at the Wayback Machine (archived December 22, 2006)
- ↑ Richard Norton-Taylor (2007) Titan Rain - how Chinese hackers targeted Whitehall The Guardian
- ↑ Homeland Security News Wire (2005) The lesson of Titan Rain
- ↑ Dvice (2010) The 7 worst cyberattacks in history (that we know about) Archived November 12, 2014, at the Wayback Machine.
- ↑ Nathan Thornburgh (2005) The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them) Time
External links
- Graham, Bradley (2005-08-25). "Hackers Attack Via Chinese Web Sites". Washington Post.
- Espiner, Tom (2005-11-23). "Security experts lift lid on Chinese hack attacks". ZDNet News. Archived from the original on 2006-12-11.
- Thornburgh, Nathan (2005-08-25). "Inside the Chinese Hack Attack". Time.com.
- Thornburgh, Nathan (2005-08-29). "The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them)". Time.
- Brenner, Bill (2005-08-31). "Myfip's Titan Rain connection". SearchSecurity.com.
- Onley, Dawn S.; Wait, Patience (2007-08-21). "Red Storm Rising". Government Computing News.
- Norton-Taylor, Richard (2007-09-05). "Titan Rain - how Chinese hackers targeted Whitehall". theguardian.com.
- Winkler, Ian (2005-10-20). "Guard against Titan Rain hackers". computerworld.com.