September 17, 2024 U.S. federal prosecutors have indicted Wu Song, a Chinese national employed by state-owned Aviation Industry Corporation of China, for conducting a multi-year phishing campaign targeting NASA software. The indictment alleges that, starting in 2017, Song sent targeted emails to U.S. academics and engineers, seeking applications used in aerospace engineering and computational fluid dynamics, which could be used for missile and weapons development. Song faces 14 counts of wire fraud and 14 counts of identity theft, with each wire fraud charge carrying up to a 20-year sentence.

The campaign aimed to steal specific software, including NASA’s CBAero tool, used for predicting aerodynamics in aerospace configurations, and DAC (Direct Simulation Monte Carlo Analysis Code), which is designated for U.S. government use only.

The investigation that ultimately caught Wu is part of a broader U.S. effort to counter intellectual property theft and espionage tied to Chinese state-driven initiatives. It underscores ongoing concerns about cybersecurity and intellectual property theft related to China’s military-industrial complex.

The Aviation Industry Corporation of China, among the world’s largest defence contractors, has already faced restrictions from the U.S. government, including a 2023 ban on purchasing U.S.-made dual-use technology. The indictment and subsequent sanctions reflect U.S. measures to protect national security interests and technology from foreign exploitation, particularly in sectors crucial to defense and aerospace.