Chinese national charged in alleged spearphishing campaign that targeted NASA, Air Force
A federal grand jury in Atlanta has indicted a Chinese national on charges stemming from his alleged efforts to use spearphishing to target U.S. entities, including NASA, the Federal Aviation Administration, and several military branches.
The indictment, which was filed Sept. 10 and unsealed Monday by the U.S. District Court for the Northern District of Georgia, charges Song Wu, 39, with wire fraud and aggravated identity theft related to those efforts. According to a DOJ press release, Song was an employee of the Aviation Industry Corporation of China, a Chinese state-owned company, and remains at large.
The case was one of three announced by the DOJ on Monday as part of its Disruptive Technology Strike Force that’s co-led by the Department of Commerce. The strike force, which was established in 2023, is aimed at thwarting attempts by foreign adversaries to obtain sensitive U.S. technology through illicit means.
The criminal charges in the other two cases involve allegations that a Russian national illegally exported components for unmanned aerial vehicles to Russia and that another Russian national and a Massachusetts man smuggled laser welding machines to Russia.
“As today’s announcements make clear, our efforts to protect sensitive U.S. technologies — which to date have yielded 24 publicly charged criminal cases, millions of dollars in administrative penalties, and multiple Entity List additions — remain relentless and unyielding,” Matthew S. Axelrod, assistant secretary for export enforcement at the Department of Commerce, said in a statement provided in the release.
Specifically, Song’s indictment states that he, with the help of other unknown individuals, “devised and intended to devise a scheme and artifice to defraud the United States government, research universities, private sector companies, professors, researchers, and engineers,” among other things.
In a scheme that lasted from roughly January 2017 to December 2021, Song allegedly sent spearphishing emails — those that appear to be coming from a trusted sender — to individuals employed by the U.S. government at NASA, the Air Force, the Navy, the Army, and the FAA, as well as professors at multiple research universities and private-sector aerospace companies.
Song, according to the indictment, sought source code and software related to aerospace engineering and computational fluid dynamics. The indictment described that source code and software as not publicly available, designated as “U.S. Release Only,” or limited to use by those “working on projects where the tools would be applicable.”
The emails Song allegedly sent asked the recipient to make the source code and software available and were made to look like they were coming from a colleague, associate or friend. In some cases, the victim fell for the scam and sent the source code Song requested, according to the court document. It is not clear from the filing what software or source code Song obtained.
According to a press release from the Justice Department, the case is being investigated by the FBI and NASA’s Office of the Inspector General.
NASA declined to comment.