DOJ indicts Chinese national for spear phishing campaign against NASA, FAA, Air Force

Jason Macuray
The Justice Department indicted a Chinese national for attempting to hack several aviation agencies across the U.S. government in order to steal software and code created by the National Aeronautics and Space Administration (NASA) and others.

The Justice Department indicted a Chinese national for attempting to hack several aviation agencies across the U.S. government in order to steal software and code created by the National Aeronautics and Space Administration (NASA) and others.

Song Wu, a 39-year-old engineer at Chinese state-owned aerospace and defense conglomerate Aviation Industry Corporation of China (AVIC), is facing decades in prison on 14 counts of wire fraud and 14 counts of aggravated identity theft.

AVIC is one of the largest defense contractors in the world, building both civilian and military aircrafts. 

The DOJ accused Song of launching a lengthy campaign of sending emails to employees of NASA, the U.S. Air Force, Navy, Army and Federal Aviation Administration as well as officials at research universities in several states and aerospace companies.

Song would send the emails pretending to be someone connected to the victim — either a relative, friend or work colleague — asking that they send the source code or software that he was after.  

“Efforts to obtain our nation’s valuable research software pose a grave threat to our national security,” said U.S. Attorney Ryan Buchanan.

Buchanan said Song’s campaign lasted for years and he created multiple email accounts to impersonate people, successfully obtaining “specialized restricted or proprietary software used for aerospace engineering and computational fluid dynamics.”

The software, created by NASA and officials at universities and private companies, had military and civilian uses and could be applied to the “development of advanced tactical missiles and aerodynamic design and assessment of weapons,” U.S. officials added. 

The Justice Department did not name the software and did not say where Song is currently located. The FBI and NASA’s Office of Inspector General are still investigating Song’s actions. 

The charges come after U.S. agencies warned of campaigns led by hackers to steal proprietary aerospace information from U.S. companies. 

U.S. security agencies reported last year that multiple nation-state hackers exploited two vulnerabilities to attack an undisclosed aerospace company. Several other countries have had nation-state attackers target their aerospace industry over the last year as well. 

The FBI, the National Counterintelligence and Security Center (NCSC) and the Air Force Office of Special Investigations (AFOSI) published a two-page advisory one year ago that also warned of cyberattacks on the space industry due to its increasing importance to the global economy.

CybercrimeChinaGovernmentIndustryNewsNews Briefs
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

China suspected of hacking diplomatic body for Pacific islands region

Next Post

U.S. Treasury Sanctions Executives Linked to Intellexa Predator Spyware Operation

Related Posts

OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf

The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region. "The group utilizes sophisticated tactics that include deploying a backdoor that leverages Microsoft Exchange servers for credentials theft, and exploiting vulnerabilities
Avatar
Read More