‘This was not an isolated incident’: Chinese national exposed by NASA investigation in serial defense software theft phishing campaign that lasted years

News
By published

Song Wu stole export-restricted defense software

Abstract Futuristic Red Shinny Digital Hud Square Elements Mosaic Grid Map Of China Flat Screen With Horizontal Light
(Image credit: Shutterstock)
  • Chinese national indicted in a huge phishing campaign
  • NASA, the military, universities and private companies were targeted
  • The perpetrator stole restricted defense software

NASA’s Office of Inspector General (OIG) has released a report detailing an intricate campaign to steal export-restricted software, orchestrated by a Chinese national.

The campaign targeted engineers at NASA, the Air Force, the Navy, the Army, and the Federal Aviation Administration, as well as major universities and private companies.

Posing as a colleague or friend, the perpetrator managed to convince dozens of professors, researchers, and engineers to share sensitive defense software and code for almost five years.

Article continues below

Federal warrant issued

The Chinese national, identified as Song Wu, was investigated by the Office of Investigations Cyber Crimes Division (CCD) after receiving an alert that emails were being received from a Gmail account claiming to be an aerospace professor who had collaborated with NASA.

Song Wu’s phishing campaign began in January 2017 and ended in December 2021, during which time he contacted employees at NASA, the Air Force, the Navy, the Army, the Federal Aviation Administration, and employees at numerous universities and private companies.

According to the CCD, Song Wu and unidentified co-conspirators would rigorously research their targets, and then pose as a friend or colleague requesting access to copies or source code of modeling software used for aerospace design and weapons development.

As the software was related to defense, it was subject to export controls that were unknowingly violated when victims fell for Song Wu’s deception.

A federal warrant has been issued for Song Wu’s arrest, and he has been indicted on 14 counts of wire fraud and 14 counts of aggravated identity theft, but he remains at large, the NASA report said.

“Cases like this underscore the importance of complying with export controls and staying vigilant, even during everyday email exchanges,” said Ryan Pittman, the Special Agent in Charge of CCD. “At NASA OIG, it’s our job to protect the Agency’s cutting-edge technology and expose cyber criminals who attempt to steal it.”

Best identity theft protection header
The best ID theft protection for all budgets

➡️ Read our full guide to the best identity theft protection
1. Best overall:
Aura
2. Best for families:
IdentityForce
3. Best for credit beginners:
Experian IdentityWorks

Google logo on a black background next to text reading 'Click to follow TechRadar'

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

Benedict Collins
Benedict Collins
Senior Writer, Security

Benedict is a Senior Security Writer at TechRadar Pro, where he has specialized in covering the intersection of geopolitics, cyber-warfare, and business security.

Benedict provides detailed analysis on state-sponsored threat actors, APT groups, and the protection of critical national infrastructure, with his reporting bridging the gap between technical threat intelligence and B2B security strategy.

Benedict holds an MA (Distinction) in Security, Intelligence, and Diplomacy from the University of Buckingham Centre for Security and Intelligence Studies (BUCSIS), with his specialization providing him with a robust academic framework for deconstructing complex international conflicts and intelligence operations, and the ability to translate intricate security data into actionable insights.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.