Chinese Spy Infiltrates NASA Through Phishing Campaign to Steal Defense Software
- Apr 27
- 2 min read
Key Findings
Chinese national Song Wu conducted a multi-year spear-phishing campaign impersonating U.S. aerospace researchers between 2017 and 2021
Targets included NASA, U.S. military, government agencies, universities, and private companies
Wu obtained export-controlled software and source code for aerospace engineering and computational fluid dynamics applications
The stolen technology has potential applications in advanced tactical missile development and weapons assessment
Wu was employed by Aviation Industry Corporation of China (AVIC), a state-owned defense contractor
Indicted in September 2024 on 14 counts of wire fraud and 14 counts of aggravated identity theft; remains at large
Maximum penalties include 20 years per fraud count plus 2 years for identity theft
Background
Song Wu's operation targeted a broad range of institutions over four years, demonstrating the persistence of state-sponsored cyber espionage efforts. The scheme exploited trust in academic and professional networks, with Wu creating fake email accounts that mimicked legitimate aerospace researchers and engineers. This allowed him to build credibility before requesting access to sensitive materials.
Campaign Tactics
Wu's approach relied on social engineering and impersonation rather than technical exploits. He would establish personas based on real or fictional U.S. researchers, then contact targets through email. Red flags investigators identified included repeated requests for the same software, unclear justifications for access, unusual payment methods, and attempts to circumvent security controls or export restrictions.
Targeted Materials
The software sought by Wu had significant military applications. Computational fluid dynamics tools are essential for designing aircraft, missiles, and other aeronautical systems. By obtaining both the software and accompanying source code, Wu provided Chinese defense contractors with insights into American aerospace engineering capabilities and methodologies.
Investigation and Enforcement
NASA's Office of Inspector General and the FBI jointly investigated the scheme, ultimately leading to Wu's indictment. The case demonstrates the importance of export control compliance and heightened awareness among government and private sector employees handling sensitive technology. Officials emphasized that vigilance in reviewing email requests and understanding export regulations are critical defenses against such espionage.
Sources
https://securityaffairs.com/191347/intelligence/chinese-spy-posed-as-researcher-in-spear-phishing-campaign-targeting-nasa-to-steal-defense-software.html
https://securityboulevard.com/2026/04/nasa-employees-duped-in-chinese-phishing-scheme-targeting-defense-software/

Comments