Titan Rain was the designation given by the federal government of the United States to a series of coordinated attacks on American computer systems since 2003; they were known to have been ongoing for at least three years. The attacks were labeled as Chinese in origin, although their precise nature, e.g., state-sponsored espionage, corporate espionage, or random hacker attacks, and their real identities – masked by proxy, zombie computer, spyware/virus infected – remain unknown. The activity known as "Titan Rain" is believed to be associated with an Advanced Persistent Threat.
In early December 2005 the director of the SANS Institute, a security institute in the United States, said that the attacks were "most likely the result of Chinese military hackers attempting to gather information on U.S. systems."
Titan Rain hackers gained access to many United States defense contractor computer networks who were targeted for their sensitive information, including those at Lockheed Martin, Sandia National Laboratories, Redstone Arsenal, and NASA.
Who were the attackers?
The series of attacks are believed by some to be the actions of the People’s Liberation Army (PLA), rather than some freelance Chinese hackers. These hackers attacked both the American (Defense Intelligence Agency – DOD) and British Government Departments (Ministry of Defence – MOD). The British government had an incident in 2006 where a part of the House of Commons computer system was shut down by - initially thought to be an individual – an “organised Chinese hacking group.” Although most of the evidence has pointed to the Chinese government as the attackers, China have claimed that it was not them who attacked the United States. Leading to another possibility that it was hackers using Chinese computers. See Alternative Cases
How did Titan Rain occur?
‘Titan Rain’ was the result of the widespread and flawless penetration of many computer systems across the UK and the US. These attacks were not limited targeting governmental systems, but a variety of industries that support the government: automobile companies that make military equipment, food services that supply the military with rations, laboratories that supply substances for the military, oil companies that supply fuel, and companies with information on official government staff. The Titan Rain attackers hacked the network at the Foreign Office as well as other key departments. An incident occurred within the previous year that shut down part of the House of Commons and this was revealed to also be the work of Chinese hackers. According to the Financial Times American officials called the Titan Rain attack on the Pentagon military attack was the most successful cyber attack on the US defensive department. It was concluded from an investigation that the Peoples Liberation Army was responsible. These attacks coined the codename 'Titan Rain'. China has officially denied any responsibility.
Damages caused by Titan Rain
‘Titan Rain’ has caused friction between the U.S. and Chinese governments as, although with little evidence, the U.S. government has blamed the Chinese government for the attacks of 2004 on the unclassified, although potentially fatal information. Adam Paller, SANS Institute research director, stated that the attacks came from individuals with “intense discipline,” and that, “no other organisation could do this if they were not a military”. Such sophistication and evidence has pointed toward the Chinese military (People’s Liberation Army) as the attackers. 
‘Titan Rain’ reportedly attacked multiple high-end political systems, such as NASA and the FBI. Although no sensitive and classified information was reported stolen, the hackers were however able to steal unclassified information (e.g. information from a home computer). The fact that the information was classified or not was somewhat irrelevant; when it all comes together it could reveal the strengths and weaknesses of the U.S., making such an attack very damaging.
China themselves are in a predicament. Whether they carried out the attack or not they had to somehow prove that they did not, if not they are guilty and this can cause major political issues. Such political issues will likely put China-United States relations in jeopardy, not to mention the other countries that were targeted by ‘Titan Rain’. China have replied to this incident, and have stated that they were not the attackers; despite this, the United States are reluctant to believe them as the attacks originated from China, and the fact that a large organisation would have to have carried out the attacks does not bode well to support China’s claims. Although such an incident has caused tensions between these superpowers, the United States have continued to keep good relations with China. This is likely due to the large amount of cheap trading that the United States does with China as well as reducing the risks on a major international incident, which may result in dangerous actions being taken, putting needless danger on the people of both countries.
‘Titan Rain’ has cause distrust between other countries (such as the United Kingdom and Russia – other superpowers) and China. Such distrust has occurred because these countries were likely attacked but either did not detect an attack or have not released statements that they were attacked. The United Kingdom have stated officially that their governmental offices were attacked by hackers of a Chinese source. The events of ‘Titan Fall’ have caused the rest of the world to be more cautious of attacks; not just from China but from other countries as well, thereby causing, however small, a slight distrust between other countries. This distrust between them may affect future agreements and dealings and as such further affect their relationship with China.
One of the alternative to the People’s Liberation Army carrying out the attacks is: hackers using Chinese computers and websites to carry out the attack. It has been long known that Chinese computers and websites are very insecure. Hackers use the website/system to attack a targeted system. This makes it look as if it was a Chinese system attacking the target, and not the hacker. This method allows a hacker to attack a system without his/her location being revealed. People’s Republic of China (PRC) have argued that this method had been used to attack the U.S. and other locations targeted by ‘Titan Rain’. This has, however, sparked controversy as to who actually cause the events of ‘Titan Rain’ – the Chinese or a bored hacker?
In addition, to support Adam Paller’s idea of the attackers having to be a large, organised body with “intense discipline,” it is possible such an organisation could have exploited these insecure computers, servers and websites to attempt to steal sensitive information from the United States and other targets. A rouge state and/or a large, sophisticated collection of hackers could have used these insecurities in China’s computers to attack the targets, rather than China themselves being the attacker. Using this method of using China’s computers means that this organisation can hide themselves while making an effective attack, all with relative ease. Such a plot protects the hackers but put the Chinese government in a predicament where they cannot prove that they did not do the attack, causing tensions between the United States and China.
Another less likely case is that the United States could have made out the attack to be of Chinese origin as a ploy to deteriorate relationships with China. The hacking of other countries could have been made by the United States and made out to be China, thereby causing further distrust between China and the targeted country. However this theory has often been proven to be highly unlikely as the United States would probably not wish to damage it's electronics industry by damaging it's relationship with such a major supplier.
After Titan Rain
After the events of Titan Rain, the relationship between the USA and China suffered greatly for many years. This was a result of a lack of trust between the two nations, particularly on the side of the United States. The events of Titan Rain were shrouded in secrecy, and the cause of the attack was never really identified. The US placed the blame on China, and as a result the relations between these two economic superpowers broke down. This included a massive hit to the trade market between them, and caused a huge lapse in trade profits for both parties. This particularly affected the trading of electronics and computers, which is one of Chinas largest exports. This greatly affected China, as it lost out on a large portion of profits due to one of its largest trade partners refusing to trade with them. This also had a knock on effect on the global economy, since China slowed its production and trading of electronics to accommodate the lack of trade from the US. If China was able to prove it's innocence after Titan Rain and prove that the hackers were not affiliated with their government and in anyway planned by China, It would allow for China and the United States relationship to be mended, this would therefore help mend the issues of trading between the two and help boost both of their industries, this would also help lower the costs of parts within the electronics industry and hence make it easier to access electronic parts. If China was able to prove it’s innocence to United States and General public, it would therefore help regenerate areas of poverty within China, due to the jobs cut when the strain began between the two countries and the two countries stopped trading with each other, and due to the United States being one of Chinas top clients, there wasn’t enough supply and demand to keep on many of the employees within the electronics, among other industries. With innocence proven it could lower chances of any further attacks taking place on major US networks and industries such as NASA and the pentagon , this would allow for the United States security to be focused on other areas and not centered around the risk of more hacking attacks from China.
- Shawn Carpenter
- Moonlight Maze
- Operation Aurora
- Advanced Persistent Threat
- Computer network operations
- Bodmer, Kilger, Carpenter, & Jones (2012). Reverse Deception: Organized Cyber Threat Counter-Exploitation. New York: McGraw-Hill Osborne Media. ISBN 0071772499, ISBN 978-0071772495
- "Hacker attacks in US linked to Chinese military" at the Wayback Machine (archived December 22, 2006)
- Richard Norton-Taylor (2007) Titan Rain - how Chinese hackers targeted Whitehall The Guardian
- Homeland Security News Wire (2005) The lesson of Titan Rain
- Dvice (2010) The 7 worst cyberattacks in history (that we know about)
- Nathan Thornburgh (2005) The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them) Time
- Graham, Bradley (2005-08-25). "Hackers Attack Via Chinese Web Sites". Washington Post.
- Espiner, Tom (2005-11-23). "Security experts lift lid on Chinese hack attacks". ZDNet News. Archived from the original on 2006-12-11.
- Thornburgh, Nathan (2005-08-25). "Inside the Chinese Hack Attack". Time.com.
- Thornburgh, Nathan (2005-08-29). "The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them)". Time.
- Brenner, Bill. "Myfip's Titan Rain connection". 2005-08-31.
- Onley, Dawn S.; Wait, Patience (2007-08-21). "Red Storm Rising". Government Computing News.
- Norton-Taylor, Richard. "Titan Rain - how Chinese hackers targeted Whitehall". 2007-09-05.
- Winkler, Ian. "Guard against Titan Rain hackers". 2005-10-20.