US Charges Employee of China’s State-Owned Aerospace Conglomerate With Phishing Scheme

The defendant allegedly targeted NASA, the U.S. military, the FAA, several U.S. universities, and private-sector aerospace companies.

A Chinese national working for one of China’s state-owned aerospace and defense companies has been indicted on charges related to an alleged hacking scheme targeting the U.S. military and other sectors, according to the Department of Justice (DOJ).

Song Wu, 39, an employee of the Aviation Industry Corporation of China (AVIC), allegedly tried to fraudulently obtain computer software and source code from NASA, the Air Force, the Navy, the Army, and the Federal Aviation Administration (FAA) in a spear-phishing email scheme from 2017 to 2021, according to an indictment unsealed by a federal court in Atlanta, Georgia, on Sept. 16.

Song also allegedly tried to send spear-phishing emails to individuals working at major universities in Georgia, Michigan, Massachusetts, Pennsylvania, Indiana, and Ohio, as well as those in private-sector aerospace companies.

Song is being charged “with 14 accounts of wire fraud and 14 accounts of aggravated identity theft,” according to the press release, and “faces a maximum statutory sentence of 20 years in prison for each count of wire fraud” and “a mandatory, two-year consecutive sentence in prison if convicted of aggravated identity theft.”

The DOJ did not say if Song had been arrested.

In his alleged email scheme, Song tried to impersonate a trusted source of his targets, such as a colleague, associate, friend, or other person in the research or engineering community.

According to the indictment, some of his targets did fall for the phishing attempt and “electronically transmitted the requested source code or software” to Song.

“Efforts to obtain our nation’s valuable research software pose a grave threat to our national security,” said U.S. Attorney Ryan K. Buchanan in a statement. “However, this indictment demonstrates that borders are not barriers to prosecuting bad actors who threaten our national security.”

Targeted Software

According to prosecutors, Song targeted software that could be used for military applications, such as developing advanced tactical missiles and aerodynamic design and assessing weapons.

Song also phished a NASA software known as Configuration-Based Aerodynamics (CBAERO), according to the indictment. NASA said on its website for its technology transfer program that CBAERO, which is used to predict the conceptual aero-thermodynamic environments of aerospace configurations, is for U.S. release only.

In a 2017 article, NASA said that CBAERO was being used by “at least half a dozen Department of Defense agencies and four universities,” as well as companies building commercial space vehicles.

“And it’s not just used for designing spacecraft,” NASA added. “For example, one branch of the U.S. Air Force uses it for fighter jets, large transports, and unmanned aerial vehicles while another uses CBAERO to assess potential threats from foreign missiles and hypersonic glide vehicles.”

To obtain CBAERO, Song allegedly emailed an individual—named “Victim 8” in the indictment—on Aug. 4, 2021. In the email, Song wrote: “Morning [Victim 8], I sent an email to Alicia for a copy of CBAERO software, but got no response yet. Are you available to help? Please let me know,” according to the indictment.

Song had phished another NASA software called the Aircraft Noise Prediction Program (ANOPP and ANOPP2), according to the indictment. NASA explains on its website that the program is used to predict noise from aircraft in flight, including sources and propagation, and is for U.S. release only.

An aircraft’s propulsion system and body parts, such as landing gear and flaps, are examples of noise sources, according to a NASA manual on the program. It explains that noise progradation of aircraft is tied to the effects of the atmosphere and terrain.

Song’s case sheds light on the Chinese regime’s relentless effort to steal U.S. trade secrets, intellectual property (IP), and technology. The Office of the U.S. Trade Representative, in a report published in 2018, called China the “worst infringer of American IP,” costing the U.S. economy between $225 billion and $600 billion annually.

Other Cases

In January, AVIC was placed on the Pentagon’s list of entities with ties to the Chinese military. In December 2020, the Commerce Department added 58 Chinese companies, including AVIC, to its “military end user” list.

In May, 11 Republicans on the House Select Committee on the Chinese Communist Party called on the Treasury Department to investigate six Chinese companies, including AVIC, to determine whether their activities with respect to Iran violated U.S. sanctions.

The DOJ has cracked down on several Chinese nationals for alleged theft or violations of export controls this year.

In January, the DOJ charged four Chinese nationals for their alleged role in exporting electronic components to Iran.

A Chinese national was arrested in California in February for allegedly stealing trade secret technologies developed for the U.S. government to detect nuclear missile launches and to track ballistic and hypersonic missiles.

In April, the DOJ charged two Chinese nationals for allegedly conspiring to export U.S. semiconductor manufacturing technology, including a machine to process silicon microchips, to prohibited end users in China.

 

Read More