From 'Byzantine Hades' to 'Titan Rain', Cyber Attack Code Names are Sci-Fi Poetry - Atlas Obscura

From ‘Byzantine Hades’ to ‘Titan Rain’, Cyber Attack Code Names are Sci-Fi Poetry

President Obama with advisors in the White House’s Situation Room in January. (Photo: Official White House Photo by Pete Souza)

Operation Shady Rat. Operation Aurora. Titan Rain.

The short but surprisingly lengthy list of cyber attack code names grew a little bit Tuesday, when The New York Times revealed the name of the U.S.’s latest foray into cyber warfare: Nitro Zeus, an elaborate cyber attack on Iran that was planned if nuclear talks with the country failed.

Nitro Zeus never happened—Iran agreed to a nuclear deal over the summer with Western powers—but its code name, which suggests a Greek god on steroids, will live on.

Countries in recent years have increasingly turned to cyber attacks as a way to avoid bloodier types of warfare, most famously in 2012, when the U.S. and Israel launched a joint attack on Iran’s nuclear system, destroying hundreds of centrifuges after launching a worm in computer systems at nuclear facilities. (Neither the U.S. nor Israel has ever officially acknowledged it was behind the attacks, though their involvement has been widely reported.) Outside security experts initially referred to that attack as Stuxnet, based on two file names found in the code, .stub and mrxnet.sys, but after it was later revealed to be a U.S.-Israeli operation the cyber attack’s code name emerged: Olympic Games.

That name raised eyebrows in intelligence circles for being a bit too on the nose, but it’s barely remarkable in the history of cyber attack names, which tend toward the obscure and nerdy. Before Olympic Games and Nitro Zeus, for example, there was Operation Shady Rat, which referred to a series of attacks in the late aughts (likely originating from China) on a range of companies and governments.

Around the same time there was a wave of attacks on energy companies dubbed Night Dragon, as well as an attack on tech companies, also originating in China, known as Operation Aurora. (Both names as well as Operation Shady Rat were the work of an executive at a private computer security company.) Two other recent cyber attacks, called Operation Newscaster and Operation Cleaver, are believed to have come from Iran.

But those monikers don’t approach the absurdity of code names conceived by the American government, which tend toward the dramatic. According to Vanity Fair, one series of attacks on US government systems was first referred to in code as Titan Rain. After that name leaked, the National Security Agency began calling the attacks Byzantine Hades. But that name leaked, too, prompting the NSA to come up with three more code names. (Those names so far have not leaked.)

The U.S. isn’t the only government handing out code names, of course, though it might be the most creative. Documents leaked by Edward Snowden revealed a British attack on a Belgian telecommunications company code-named Operation Socialist. (British code names tend to be pedestrian, since they are randomly selected from a pre-approved list.)

In 1999, Newsweek reported on possibly the first code-named cyber attack, which went after US Department of Defense computer systems and was said to have originated in Russia. That breach was code named Moonlight Maze.

“We’re in the middle of a cyber war,” a defense official said then.