The U.S. Department of Justice announced the indictment of Song Wu, a Chinese national, on charges of wire fraud and aggravated identity theft. Wu is accused of carrying out an advanced phishing campaign to steal specialized software and source code created by the National Aeronautics and Space Administration (NASA) and other critical U.S. aviation agencies.
According to U.S. Attorney Ryan K. Buchanan, Song Wu engaged in a multi-year spear phishing campaign, targeting individuals in key positions across U.S. government agencies, including NASA, the Air Force, Navy, Army, and the Federal Aviation Administration. Wu’s goal was to fraudulently obtain restricted or proprietary software used in aerospace engineering and computational fluid dynamics. These programs are vital to both industrial and military applications, such as developing advanced tactical missiles and designing cutting-edge weapons systems.
Wu’s efforts were not limited to government entities. His phishing emails also targeted prominent research universities in Georgia, Michigan, Massachusetts, Pennsylvania, Indiana, and Ohio, as well as private companies in the aerospace sector. These institutions and businesses are critical to U.S. innovation and defense, making them prime targets for cybercriminals seeking to steal valuable intellectual property.
Spear Phishing Campaign Used to Impersonate U.S. Researchers
In his phishing scheme, Wu created fake email accounts that appeared to be from trusted colleagues, researchers, or engineers. By impersonating U.S.-based professionals in the aerospace field, Wu deceived victims into believing they were communicating with trusted contacts. He then requested access to restricted software and source code, hoping to acquire proprietary information that could be used for industrial and military purposes in China.
Song Wu’s actions were carried out while he was employed as an engineer at Aviation Industry Corporation of China (AVIC), one of the world’s largest defense contractors and a state-owned aerospace conglomerate headquartered in Beijing. AVIC manufactures both civilian and military aircraft and plays a significant role in China’s defense industry.
“Efforts to obtain our nation’s valuable research software pose a grave threat to our national security,” said U.S. Attorney Buchanan. “However, this indictment demonstrates that borders are not barriers to prosecuting bad actors who threaten our national security.” Buchanan emphasized that the Justice Department is committed to holding cybercriminals accountable, no matter where they are located.
Keri Farley, Special Agent in Charge of FBI Atlanta, echoed this sentiment, stating, “Once again, the FBI and our partners have demonstrated that cybercriminals around the world who are seeking to steal our companies’ most sensitive and valuable information can and will be exposed and held accountable.” Farley added that this indictment is proof of the FBI’s ongoing efforts to track and prosecute those involved in cyber espionage.
Charges and Penalties
Song Wu, 39, faces 14 counts of wire fraud and 14 counts of aggravated identity theft. If convicted, he could face up to 20 years in prison for each count of wire fraud. Additionally, Wu faces a mandatory two-year consecutive sentence for aggravated identity theft. The charges reflect the severity of his alleged actions and the potential damage they could have caused to U.S. technological and defense advancements.
It is important to note that the charges against Wu are allegations, and he is presumed innocent until proven guilty. The government bears the burden of proving his guilt beyond a reasonable doubt during the trial.
Collaboration Between Law Enforcement Agencies
The investigation into Song Wu’s activities is being conducted by the Federal Bureau of Investigation (FBI) and NASA’s Office of Inspector General. Both agencies have been working diligently to uncover the extent of Wu’s phishing campaign and prevent further cyber intrusions into sensitive U.S. systems.
Assistant U.S. Attorney Samir Kaushal is leading the prosecution, with support from the National Security Division’s Trial Attorney Tanner Kroeger and the Counterintelligence and Export Control Section. Their work is crucial in navigating the complexities of international cybercrime and ensuring that those who attempt to undermine U.S. national security are brought to justice.
This case is part of a broader effort coordinated by the Disruptive Technology Strike Force, a specialized interagency law enforcement team co-led by the Departments of Justice and Commerce. The Strike Force is designed to target illicit actors seeking to steal critical technology from the U.S., particularly by authoritarian regimes and hostile nation-states.
The Strike Force uses a range of tools and authorities from across the U.S. government to strengthen the enforcement of export control laws and prevent valuable technology from being acquired by foreign adversaries.