Chinese Engineer Indicted for Alleged Cyber Espionage Campaign Against US Aerospace Industry

CVE-2024-3817

A Chinese national, Song Wu, has been indicted on 14 counts of wire fraud and 14 counts of aggravated identity theft, stemming from an alleged multi-year spear phishing campaign to obtain sensitive aerospace software and source code. Wu, employed as an engineer at the state-owned Aviation Industry Corporation of China (AVIC), is accused of impersonating US researchers to deceive victims into sharing proprietary information.

U.S. Attorney Ryan K. Buchanan emphasized the seriousness of the indictment, stating, “Efforts to obtain our nation’s valuable research software pose a grave threat to our national security. However, this indictment demonstrates that borders are not barriers to prosecuting bad actors who threaten our national security.

Wu allegedly impersonated U.S.-based researchers and engineers through sophisticated spear phishing techniques. By creating fake email accounts designed to mimic trusted colleagues and associates, Wu successfully tricked victims into providing access to restricted software and source code. The software in question, which has specialized applications in aerospace engineering and computational fluid dynamics, could be used to develop advanced tactical missiles and assess weapon designs.

The FBI, which played a leading role in the investigation, reiterated its commitment to exposing cybercriminals worldwide. Keri Farley, Special Agent in Charge of FBI Atlanta, warned, “Cyber criminals around the world who are seeking to steal our companies’ most sensitive and valuable information can and will be exposed and held accountable. As this indictment shows, the FBI is committed to pursuing the arrest and prosecution of anyone who engages in illegal and deceptive practices to steal protected information.

According to the indictment, Wu targeted individuals working for the U.S. government, including agencies such as NASA, the Air Force, Navy, and Army, as well as the Federal Aviation Administration. His spear phishing campaign also extended to prominent research universities across multiple states, including Georgia, Michigan, Massachusetts, Pennsylvania, Indiana, and Ohio, and private aerospace companies.

Wu’s emails, which often appeared to come from trusted colleagues, requested that victims provide or share proprietary software and source code. This sophisticated social engineering tactic is particularly dangerous, as it exploits the trust inherent in professional relationships, making it easier for attackers to gain access to sensitive information.

A particularly troubling aspect of the case is Wu’s employment with Aviation Industry Corporation of China (AVIC), one of the largest defense contractors in the world. AVIC, a state-owned conglomerate in Beijing, manufactures both civilian and military aircraft, further underscoring the national security implications of Wu’s actions. The indictment suggests that Wu’s cyber operations were potentially motivated by a desire to enhance China’s military and aerospace capabilities through stolen U.S. technology.

If convicted, Wu could face up to 20 years in prison for each count of wire fraud, with an additional mandatory two-year consecutive sentence for aggravated identity theft.

Related Posts: