U.S. federal prosecutors have charged Wu Song, a 39-year-old employee of China’s Aviation Industry Corporation of China (AVIC), with a sweeping indictment that underscores a serious breach of national security. Unsealed on September 16, 2024, the indictment accuses Song of conducting an elaborate phishing scheme targeting NASA and U.S. military technology. Over several years, from 2017 to at least 2021, Song allegedly sent deceptive emails, masquerading as colleagues, to extract sensitive software related to aerospace engineering and computational fluid dynamics. These applications are crucial for missile development and advanced aerodynamic design, making the breach a significant threat to U.S. national security.
The indictment includes 28 counts against Song, comprising 14 counts of wire fraud and 14 counts of aggravated identity theft. Despite the gravity of the charges, Song remains at large, complicating the federal investigation. Prosecutors allege that his phishing campaign sought software such as NASA’s CBAero tool, which predicts aerospace configurations, and the Direct Simulation Monte Carlo Analysis Code (DAC), used for analyzing low-density flow fields. The indictment reveals that these applications are categorized as “U.S. release only,” highlighting the sensitive nature of the stolen data.
This case is part of a broader pattern of Chinese state-sponsored cyber espionage. Similar to previous high-profile indictments, such as the 2020 case involving the hacking group APT41, this incident reflects ongoing Chinese efforts to acquire advanced technology through illegal means. The U.S. Department of Justice has been actively addressing these threats, recognizing the strategic implications of such cyber espionage on national and military technology.
AVIC, one of the world’s largest defense contractors, was blacklisted by the U.S. government in June 2023 due to its association with the Chinese military-industrial complex. The indictment against Song further illustrates the persistent and evolving threats posed by foreign actors targeting critical technology. As the U.S. continues to fortify its cybersecurity measures, this case serves as a stark reminder of the challenges faced in protecting sensitive national assets from sophisticated cyber threats.
Reference:
