Titan Rain cyber attack Essay

 In recent history and more of import in Cyber warfare history the incident codification named Titan Rain shook the Intelligence Community and cemented China as a first rate menace in the country of cyber espionage and computing machine web onslaught ( CNA ) .Titan Rain is the codification name assigned to a series of CNA ‘s that took topographic point in 2003-2004 in which China targeted webs of the US Department of Defense, Sandia National research labs, and US defence contractors.

The end of the PRC is to utilize its cyber capablenesss to do relentless onslaughts to beginnings of involvements military, commercial or political and utilize the mark states electronic substructure into a weak point or Achilles Heel ( Fisher 2011, 4 ) .Operation Titan Rain is a good illustration of how a good defensive Counter Intelligence operation can try to extenuate a CNA, and point to the beginning of these onslaughts. This incident besides serves to demo how in the clip period of the incident the US Commercial, IC, and DOD were non in a place to carry on Counterintelligence operations in support of or in revenge for Cyber warfare onslaughts.Background on 1 November 2004 at 2223 hours the hackers found their manner into US Army Information Systems Engineering Command at Fort Huachuca, Arizona, at 0119 utilizing the same exposure moved to Defense Information Systems Agency in Virginia, at 0325 Naval Ocean Systems Center San Diego, and at 0446 the United States Army Space and Strategic Defense installing in Alabama, among the informations compromised was Aviation Mission Planning ( AMPS ) 3. 2 used for lading US Army choppers with mission informations.While some of this information is unclassified it is sensitive in the illustration of AMPS it would give the PRC penetration into how the US Army choppers digital web onboard the choppers plants and do inroads how to burlesque or do those systems fail. The PRC has integrated CAN into the formal order of conflict like land warfare, CAN ‘s are standard operation processs in about every PRC bureau, the Ministry of State Security ( MSS ) , Ministry of People Security ( MPS ) , Ministry of Information, its military subdivisions, and private contracted organisations such as Huawei a commercial computing machine house.

These activities are seen by the PRC to carry through strategic effects such as land warfare and a force multiplier for kinetic operations ( Fisher 2011, 2 ) . It appears in this instance the PLA cyber warfare unit made it initial operational capableness in operation Titan Rain. In this context operation Titan Rain was a semi successful defensive Counterintelligence operations spread headed by the FBI, DOD, and a lone civilian.As Titan Rain became an evident menace to US technologies the FBI and DOD used a single codification named Spiderman to supervise and set up the beginning of these go oning CNA ‘s. Shawn Carpenter aka Spiderman was called to responsibility after he was utile in an probe at Lockheed Martin in 2003. Spiderman observed similar fingerprints in the onslaughts at Sandia and he was moved to join forces with his CI opposite number in the Army.It must be noted in this illustration it appears that the DOD was reasonably level footed in the turning cyber onslaught onslaughts but managed to utilizing bing resources including voluntaries to track the interlopers.

Spiderman noted that the interlopers would utilize the victims ain computing machines internal thrust, subdivision them off compress the files so transmit them to other computing machines in South Korea, Hong Kong, and Twain so farther travel them to China ( Thornburgh 2005, 1 ) .Further probe showed the PLA hackers used a scanner plan to place failing in the DOD web left no cardinal shot mistakes and left really few fingerprints ( Tkacik 2008, 3 ) . Spiderman was a lone soldier in an unofficial counterintelligence operation and made contact with US ARMY intelligence, while ordinances prohibited collusion the ARMY passed Carpenter to the FBI. Then FBI made Spiderman a confidential source for 5 months until his employers found out about his late dark activities and fired him.While Spiderman CI work was short lived his work exposed Titan Rain routers in Guangdong and used their waiters against the Titan Rain group directing Spiderman and e-mail every clip the router was active ( Thornburgh 2005, 3 ) . After two hebdomads over 20,000 electronic mails were sent to his screen electronic mail reference, one for every attempted to obtain files.

Spiderman mapped out what he thought was the make-up of Titan Rain group, he estimated three routers with at a minimal 6 workstations behind the routers manned 24/7 ( Thornburgh 2005, 3 ) .The existent inquiry in this indispensable lone Texas Ranger operation is why the FBI used Spiderman alternatively of official counter intelligence secret agents? The FBI up to this event ad a good record of holding host authorities aid in offenses but China would non assist in the instance of Titan Rain. In this instance the FBI would necessitate high degree diplomatic ( State Department ) and Department of Justice mandate to make the same thing Spiderman did.In this instance the DOD would hold an easier clip of deriving the proper mandate to carry on the same activities utilizing the Intelligence Preparation of the Battlefield ( IPB ) but if caught it would promote this to an incident of international proportions ( Thornburgh 2005, 3 ) .

Spiderman was praised for his lone Texas Ranger operations, at the same clip he was being investigated by the bureau which finally cost him his occupation. An counterintelligence officer at Sandia said that Spiderman should hold been decapitated or at least bloodies for his actions.The lesson from Titan Rain was that IT decision makers need to joint the incidents to upper direction. It besides at the clip call for a National Strategy in procuring our IT networks every bit good as incorporating CI into all aspects of intelligence particularly cyber warfare. The Pentagon has over 3. 5 million computing machines world-wide and Titan Rain served to set the DOD on notice that about 20 hackers utilizing multiple routers and proxy references can successfully assail US webs and basically bring those webs down.