Jump to content

Titan Rain: Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous edit
Content deleted Content added
VisualWikitext
 
(34 intermediate revisions by 21 users not shown)
Line 1: Line 1:
{{Short description|Series of coordinated attacks on American computer systems}}
[[File:Lockheed Martin Aeronautics Discussion.jpg|thumb|Lockheed Martin Aeronautics Discussion]]
[[File:Lockheed Martin Aeronautics Discussion.jpg|thumb|Lockheed Martin Aeronautics Discussion]]


'''Titan Rain''' was the designation given by the [[federal government of the United States]] to a series of coordinated attacks on American [[computer]] systems since 2003; they were known to have been ongoing for at least three years.<ref name="Bodmer, Kilger 2012">{{cite book |last1=Bodmer |first1=Sean |last2=Kilger |first2=Max |last3=Carpenter |first3=Gregory |last4=Jones |first4=Jade |date=July 24, 2012 |title=[[Reverse Deception: Organized Cyber Threat Counter-Exploitation]] |place=New York |publisher=McGraw-Hill Osborne Media |isbn=0071772499}}, {{ISBN|978-0071772495}}</ref> The attacks were labeled as [[People's Republic of China|Chinese]] in origin, although their precise nature, e.g., state-sponsored [[espionage]], [[corporate espionage]], or random [[Hacker (computer security)|hacker]] attacks, and their real identities&nbsp;– masked by proxy, [[Zombie (computer science)|zombie]] computer, spyware/virus infected&nbsp;– remain unknown. The activity known as "Titan Rain" is believed to be associated with an [[Advanced Persistent Threat]].
'''Titan Rain''' was a series of coordinated attacks on [[computer]] systems in the [[United States]] since 2003; they were known to have been ongoing for at least three years.<ref name="Bodmer, Kilger 2012">{{cite book |last1=Bodmer |first1=Sean |last2=Kilger |first2=Max |last3=Carpenter |first3=Gregory |last4=Jones |first4=Jade |date=July 24, 2012 |title=Reverse Deception: Organized Cyber Threat Counter-Exploitation |place=New York |publisher=McGraw-Hill Osborne Media |isbn=978-0071772495|title-link=Reverse Deception: Organized Cyber Threat Counter-Exploitation }}</ref> The attacks originated in [[Guangdong]], [[China]].<ref>{{cite magazine
| last = Thornburgh | first = Nathan | magazine = Time | date = 2005-08-29
| url = http://content.time.com/time/magazine/article/0,9171,1098961,00.html
| title = The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them)
}}</ref> The activity is believed to be associated with a state-sponsored [[advanced persistent threat]]. It was given the designation ''Titan Rain'' by the [[federal government of the United States]].


Titan Rain hackers gained access to many United States [[defense contractor]] computer networks, which were targeted for their sensitive information,<ref name="Bodmer, Kilger 2012"/> including those at [[Lockheed Martin]], [[Sandia National Laboratories]], [[Redstone Arsenal]], and [[NASA]].
In early December 2005 the director of the [[SANS Institute]], a security institute in the United States, said that the attacks were "most likely the result of Chinese military hackers attempting to gather information on U.S. systems."<ref name=SANS>{{cite web |url=http://www.breitbart.com/news/2005/12/12/051212224756.jwmkvntb.html |title=Hacker attacks in US linked to Chinese military |date= December 12, 2005 |publisher=[[Agence France-Presse]] |accessdate=2008-11-06 |deadurl=yes |archiveurl=https://web.archive.org/web/20061222110758/http://www.breitbart.com/news/2005/12/12/051212224756.jwmkvntb.html |archivedate=December 22, 2006 |df= }}</ref>

Titan Rain hackers gained access to many United States [[defense contractor]] computer networks who were targeted for their sensitive information,<ref name="Bodmer, Kilger 2012"/> including those at [[Lockheed Martin]], [[Sandia National Laboratories]], [[Redstone Arsenal]], and [[NASA]].


== Attackers ==
== Attackers ==
{{Further|Cyberwarfare by China}}
The series of attacks are believed by some to be the actions of the [[People’s Liberation Army]] (PLA), rather than some freelance Chinese hackers. These hackers attacked both the American (''[[Defense Intelligence Agency]]'' – DOD) and British Government Departments ([[Ministry of Defence (United Kingdom)|Ministry of Defence]] – MOD). The British government had an incident in 2006 where a part of the House of Commons computer system was shut down by - initially thought to be an individual – an “organised Chinese hacking group.<ref>{{cite news |last=Norton-Taylor |first=Richard |date=September 5, 2007 |url=https://www.theguardian.com/technology/2007/sep/04/news.internet |title=Titan Rain - how Chinese hackers targeted Whitehall |newspaper=The Guardian |access-date=2018-05-10}}</ref>
The attacks are reported to be the result of actions by [[People's Liberation Army]] [[PLA Unit 61398|Unit 61398]].<ref>{{Cite web | url=https://www.cfr.org/interactive/cyber-operations/titan-rain |title = Connect the Dots on State-Sponsored Cyber Incidents - Titan Rain}}</ref> These hackers attacked both the US government ([[Defense Intelligence Agency]]) and the UK government ([[Ministry of Defence (United Kingdom)|Ministry of Defence]]). In 2006, an "organised Chinese hacking group" shut down a part of the UK House of Commons computer system.<ref>{{cite news |last=Norton-Taylor |first=Richard |author-link=Richard Norton-Taylor|date=September 5, 2007 |url=https://www.theguardian.com/technology/2007/sep/04/news.internet |title=Titan Rain - how Chinese hackers targeted Whitehall |newspaper=The Guardian |access-date=2018-05-10}}</ref> The Chinese government has denied responsibility.
Although most of the evidence has pointed to the Chinese government as the attackers, the Chinese government has claimed that it was not them who attacked the United States, leading to another possibility that it was hackers using Chinese computers.


== Consequences ==
== Consequences ==


‘Titan Rain’ has caused friction between the U.S. and Chinese governments, and the U.S. government has blamed the Chinese government for the attacks of 2004 on the unclassified, although potentially fatal information. Adam Paller, SANS Institute research director, stated that the attacks came from individuals with “intense discipline,” and that, “no other organisation could do this if they were not a military”. Such sophistication and evidence has pointed toward the Chinese military (People’s Liberation Army) as the attackers.
The U.S. government has blamed the Chinese government for the 2004 attacks. [[Alan Paller]], [[SANS Institute]] research director, stated that the attacks came from individuals with "intense discipline" and that "no other organization could do this if they were not a military". Such sophistication has pointed toward the People's Liberation Army as the attackers.<ref>{{cite news |newspaper=Homeland Security News Wire |date=December 14, 2005 |url=http://www.homelandsecuritynewswire.com/lesson-titan-rain-articulate-dangers-cyber-attack-upper-management |title=The lesson of Titan Rain: Articulate the dangers of cyber attack to upper management |access-date=2018-05-10}}</ref>
<ref>{{cite news |newspaper=Homeland Security News Wire |date=December 14, 2005 |url=http://www.homelandsecuritynewswire.com/lesson-titan-rain-articulate-dangers-cyber-attack-upper-management |title=The lesson of Titan Rain: Articulate the dangers of cyber attack to upper management |access-date=2018-05-10}}</ref>


‘Titan Rain’ reportedly attacked multiple high-end political systems, such as NASA and the FBI. Although no sensitive and classified information was reported stolen, the hackers were however able to steal unclassified information (e.g. information from a home computer). The fact that the information was classified or not was somewhat irrelevant; when it all comes together it could reveal the strengths and weaknesses of the U.S., making such an attack very damaging.<ref>{{cite web |website=Dvice |date=September 22, 2010 |url=http://www.dvice.com/archives/2010/09/7_of_the_most_d.php |title=The 7 worst cyberattacks in history (that we know about)|archive-url=https://web.archive.org/web/20141112155600/http://www.dvice.com/archives/2010/09/7_of_the_most_d.php |archive-date=November 12, 2014}}</ref>
Titan Rain reportedly attacked multiple organizations, such as NASA and the [[FBI]]. Although no classified information was reported stolen, the hackers were able to steal unclassified information (e.g., information from a home computer) that could reveal strengths and weaknesses of the United States.<ref>{{cite web |website=Dvice |date=September 22, 2010 |url=http://www.dvice.com/archives/2010/09/7_of_the_most_d.php |title=The 7 worst cyberattacks in history (that we know about)|archive-url=https://web.archive.org/web/20141112155600/http://www.dvice.com/archives/2010/09/7_of_the_most_d.php |archive-date=November 12, 2014}}</ref>
[[File:The US Treasury Department.jpg|thumb|The U.S. Department of the Treasury, Washington, D.C.]]
[[File:The US Treasury Department.jpg|thumb|The U.S. Department of the Treasury, Washington, D.C.]]


‘Titan Rain’ has caused distrust between other countries (such as the United Kingdom and Russia – other superpowers) and China. Such distrust has occurred because these countries were likely attacked, but either did not detect an attack or have not released statements that they were attacked. The United Kingdom have stated officially that their governmental offices were attacked by hackers of a Chinese source. The events of ‘Titan Rain’ have caused the rest of the world to be more cautious of attacks; not just from China, but from other countries as well, thereby causing, however small, a slight distrust between other countries. This distrust between them may affect future agreements and dealings and as such further affect their relationship with China.
Titan Rain has also caused distrust between other countries (such as the United Kingdom and [[Russia]]) and China. The United Kingdom has stated officially that Chinese hackers attacked its governmental offices. Titan Rain has caused the rest of the world to be more cautious of attacks not just from China but from other countries as well.

== Alternative cases ==
One alternative to the People’s Liberation Army carrying out the attacks is hackers using Chinese computers and websites to carry out the attack. It has been long known that many Chinese computers and websites are very insecure. Hackers use the website/system to attack a targeted system. This makes it look as if it was a Chinese system attacking the target, and not the hacker. This method allows a hacker to attack a system without his/her location being revealed. [[People’s Republic of China]] (PRC) have argued that this method had been used to attack the U.S. and other locations targeted by ‘Titan Rain’. This has, however, sparked controversy as to who actually caused the events of ‘Titan Rain’ – the Chinese or a bored hacker?<ref>{{cite news |last=Thornburgh |first=Nathan |date=September 5, 2005 |url=http://courses.cs.washington.edu/courses/csep590/05au/readings/titan.rain.htm |title=The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them) |newspaper=[[Time (magazine)|Time]] |access-date=2018-05-10}}</ref>

In addition, to support Adam Paller’s idea of the attackers having to be a large, organised body with “intense discipline,” it is possible such an organisation could have exploited these insecure computers, servers and websites to attempt to steal sensitive information from the United States and other targets.
A rogue state and/or a large, sophisticated collection of hackers could have used these insecurities in China’s computers to attack the targets, rather than China themselves being the attacker. Using this method of using China’s computers means that this organisation can hide themselves while making an effective attack, all with relative ease. Such a plot protects the hackers but put the Chinese government in a predicament where they cannot prove that they did not do the attack, causing tensions between the United States and China.


==See also==
==See also==
*[[Shawn Carpenter]]
*[[Cyberwarfare by China]]
*[[Red Apollo]]
*[[Moonlight Maze]]
*[[Moonlight Maze]]
*[[Operation Aurora]]
*[[Operation Aurora]]
*[[Cyberwarfare]]
*[[Shawn Carpenter]]
*[[Advanced Persistent Threat]]
*[[Computer network operations]]
*[[Stakkato]]
*[[Stakkato]]


==References==
==References==
{{Reflist}}
{{Reflist}}{{Hacking in the 2000s}}

==External links==
* {{cite web
| last = Graham | first = Bradley | work = Washington Post | date = 2005-08-25
| url = https://www.washingtonpost.com/wp-dyn/content/article/2005/08/24/AR2005082402318.html
| title = Hackers Attack Via Chinese Web Sites
}}
* {{cite web
| last = Espiner | first = Tom | work = ZDNet News
| title = Security experts lift lid on Chinese hack attacks
| url = http://news.zdnet.com/2100-1009_22-5969516.html | date = 2005-11-23
| archiveurl = https://web.archive.org/web/20061211145201/http://news.zdnet.com/2100-1009_22-5969516.html
| archivedate = 2006-12-11
}}
* {{cite web
| last = Thornburgh | first = Nathan | work = Time.com | date = 2005-08-25
| url = http://www.time.com/time/nation/article/0,8599,1098371,00.html
| title = Inside the Chinese Hack Attack
}}
* {{cite web
| last = Thornburgh | first = Nathan | work = Time | date = 2005-08-29
| url = http://www.time.com/time/magazine/article/0,9171,1098961-1,00.html
| title = The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them)
}}
*{{ cite web
| last = Brenner | first = Bill | work = SearchSecurity.com | date = 2005-08-31
| url = http://searchsecurity.techtarget.com/news/1120855/Myfips-Titan-Rain-connection
| title = Myfip's Titan Rain connection
}}
* {{cite web
| last1 = Onley | first1 = Dawn S. | last2 = Wait | first2 = Patience
| url = http://gcn.com/articles/2006/08/17/red-storm-rising.aspx
| title = Red Storm Rising | work = Government Computing News | date = 2007-08-21
}}
*{{ cite web
| last = Norton-Taylor | first = Richard | work = theguardian.com| date = 2007-09-05
| url = https://www.theguardian.com/technology/2007/sep/04/news.internet
| title = Titan Rain - how Chinese hackers targeted Whitehall
}}
*{{ cite web
| last = Winkler | first = Ian | work = computerworld.com| date = 2005-10-20
| url = http://www.computerworld.com/article/2559195/security0/guard-against-titan-rain-hackers.html
| title = Guard against Titan Rain hackers
}}


[[Category:Hacker groups]]
[[Category:Hacker groups]]
Line 88: Line 39:
[[Category:National security]]
[[Category:National security]]
[[Category:Information sensitivity]]
[[Category:Information sensitivity]]
[[Category:Computer security]]
[[Category:Data security]]
[[Category:Data security]]
[[Category:Information operations and warfare]]
[[Category:21st-century conflicts]]
[[Category:21st-century conflicts]]
[[Category:Electronic warfare]]
[[Category:Electronic warfare]]
[[Category:Cyberattacks]]
[[Category:Cyberattacks]]
[[Category:Advanced persistent threat]]
[[Category:Cyberwarfare by China]]
[[Category:Cyberwarfare in China]]
[[Category:Hacking in the 2000s]]
[[Category:Hacking in the 2000s]]
[[Category:Chinese advanced persistent threat groups]]
[[Category:Chinese information operations and information warfare]]

Latest revision as of 13:35, 2 November 2023

Lockheed Martin Aeronautics Discussion

Titan Rain was a series of coordinated attacks on computer systems in the United States since 2003; they were known to have been ongoing for at least three years.[1] The attacks originated in Guangdong, China.[2] The activity is believed to be associated with a state-sponsored advanced persistent threat. It was given the designation Titan Rain by the federal government of the United States.

Titan Rain hackers gained access to many United States defense contractor computer networks, which were targeted for their sensitive information,[1] including those at Lockheed Martin, Sandia National Laboratories, Redstone Arsenal, and NASA.

Attackers

[edit]
Further information: Cyberwarfare by China

The attacks are reported to be the result of actions by People's Liberation Army Unit 61398.[3] These hackers attacked both the US government (Defense Intelligence Agency) and the UK government (Ministry of Defence). In 2006, an "organised Chinese hacking group" shut down a part of the UK House of Commons computer system.[4] The Chinese government has denied responsibility.

Consequences

[edit]

The U.S. government has blamed the Chinese government for the 2004 attacks. Alan Paller, SANS Institute research director, stated that the attacks came from individuals with "intense discipline" and that "no other organization could do this if they were not a military". Such sophistication has pointed toward the People's Liberation Army as the attackers.[5]

Titan Rain reportedly attacked multiple organizations, such as NASA and the FBI. Although no classified information was reported stolen, the hackers were able to steal unclassified information (e.g., information from a home computer) that could reveal strengths and weaknesses of the United States.[6]

The U.S. Department of the Treasury, Washington, D.C.

Titan Rain has also caused distrust between other countries (such as the United Kingdom and Russia) and China. The United Kingdom has stated officially that Chinese hackers attacked its governmental offices. Titan Rain has caused the rest of the world to be more cautious of attacks not just from China but from other countries as well.

See also

[edit]

References

[edit]
  1. ^ a b Bodmer, Sean; Kilger, Max; Carpenter, Gregory; Jones, Jade (July 24, 2012). Reverse Deception: Organized Cyber Threat Counter-Exploitation. New York: McGraw-Hill Osborne Media. ISBN 978-0071772495.
  2. ^ Thornburgh, Nathan (2005-08-29). "The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them)". Time.
  3. ^ "Connect the Dots on State-Sponsored Cyber Incidents - Titan Rain".
  4. ^ Norton-Taylor, Richard (September 5, 2007). "Titan Rain - how Chinese hackers targeted Whitehall". The Guardian. Retrieved 2018-05-10.
  5. ^ "The lesson of Titan Rain: Articulate the dangers of cyber attack to upper management". Homeland Security News Wire. December 14, 2005. Retrieved 2018-05-10.
  6. ^ "The 7 worst cyberattacks in history (that we know about)". Dvice. September 22, 2010. Archived from the original on November 12, 2014.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Titan_Rain&oldid=1183147706"