Monday, January 23, 2006

Titan Rain: Chinese Espionage

Here is a worrisome bit of information. From what I've found, it sounds like this internet activity out of China is a bit scant on details, at least as far as the public is concerned.
There'’s a Cyber War going on between China and the rest of the world. The problem is, thereƂ’s enough proof to know that China is behind an increasing number of Internet based attacks, but not enough to call China out on it. It began about five years ago, with an increasing number of very well executed Internet attacks that appeared to be coming from China. At first, it was thought to be adventurous computer science students, or criminals out to steal something they could sell. Then, in 2003, came the "“Titan Rain"” incident. This was a massive and well organized attack on American military networks. The people carrying out the attack really knew what they were doing, and thousands of military and industrial documents were sent back to China. The attackers were not able to cover their trail completely, and some of the attackers were traced back to a Chinese government facility in southern China. The Chinese government denied all, and the vast amounts of technical data American researchers had as proof was not considered compelling enough for the event to be turned into a major media or diplomatic event.
I found this article at Wikipedia for a definition of Titan Rain.
Titan Rain is the U.S. government's designation given to a series of coordinated attacks on American computer systems since 2003. The attacks are believed to be Chinese in origin, although their precise nature (i.e., state-sponsored espionage, corporate espionage, or random hacker attacks) is uncertain.

In early December of 2005 the director of the SANS Institute, a security institute in the U.S., said that the attacks were most likely the result of Chinese military hackers attempting to gather information on U.S. systems. [1]

Titan Rain hackers have gained access to many U.S. computer networks, including those at Lockheed Martin, Sandia National Laboratories, Redstone Arsenal, and NASA.

Schneier had a post on this back in December as well.
There seems to be a well-organized Chinese military hacking effort against the U.S. military. The U.S. code name for the effort is "Titan Rain." The news reports are spotty, and more than a little sensationalist, but I know people involved in this investigation -- the attackers are very well-organized.
I hope Schneier is correct. Though I'm going to guess that if this wasn't Chinese Military Espionage, there probably is something of the kind in the process.

Makes you wonder though, if security is such an important part of all of these "sensitive" companies and government agencies, why haven't they taken steps to secure this infrastructure.


No comments: