Titan Rain was a series of coordinated attacks on computer systems in the United States since 2003; they were known to have been ongoing for at least three years.[1] The attacks originated in Guangdong, China.[2] The activity is believed to be associated with a state-sponsored advanced persistent threat. It was given the designation Titan Rain by the federal government of the United States.
Titan Rain hackers gained access to many United States defense contractor computer networks, which were targeted for their sensitive information,[1] including those at Lockheed Martin, Sandia National Laboratories, Redstone Arsenal, and NASA.
The attacks are reported to be the result of actions by People's Liberation Army Unit 61398.[3] These hackers attacked both the US government (Defense Intelligence Agency) and the UK government (Ministry of Defence). In 2006, an "organised Chinese hacking group" shut down a part of the UK House of Commons computer system.[4] The Chinese government has denied responsibility.
The U.S. government has blamed the Chinese government for the 2004 attacks. Alan Paller, SANS Institute research director, stated that the attacks came from individuals with "intense discipline" and that "no other organization could do this if they were not a military". Such sophistication has pointed toward the People's Liberation Army as the attackers.[5]
Titan Rain reportedly attacked multiple organizations, such as NASA and the FBI. Although no classified information was reported stolen, the hackers were able to steal unclassified information (e.g., information from a home computer) that could reveal strengths and weaknesses of the United States.[6]
Titan Rain has also caused distrust between other countries (such as the United Kingdom and Russia) and China. The United Kingdom has stated officially that Chinese hackers attacked its governmental offices. Titan Rain has caused the rest of the world to be more cautious of attacks not just from China but from other countries as well.