ETDA ThaiCERT
Report
Search
Home > List all groups > Operation Titan Rain

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link APT group: Operation Titan Rain

NamesOperation Titan Rain (US Government)
CountryChina China
SponsorState-sponsored, PLA Unit 61398
MotivationInformation theft and espionage
First seen2003
Description(Kaspersky) Hacks against the Defense Department and other U.S. agencies stretching back to 2003 were codenamed Titan Rain by investigators. The attacks, which breachedhundreds of networks, including Departments of State, Energy and Homeland Security, were coordinated from Chinese computers, investigators found. Global defense contractor Lockheed Martin and NASA were also struck in what many experts called an attempt to glean information on U.S. systems. While it’s usually difficult to locate the country of origin for such attacks, researchers were able to trace them back to the Chinese province of Guangdong. However, the individuals behind the operation remain a mystery to this day.
ObservedSectors: Defense, Energy, Government.
Countries: UK, USA.
Tools used
Information<https://threatpost.com/titan-rain/91835/>
<https://www.academia.edu/32222445/_Investigating_Titan_Rain_Cyber_Espionage_Cyber_Security_and_Cyber_Operations>
<https://en.wikipedia.org/wiki/Titan_Rain>

Last change to this card: 02 July 2020

Download this actor card in PDF or JSON format

Previous: Operation Shady RAT
Next: Operation ViceLeaker

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key