### Chinese National Posed as U.S. Researcher to Obtain Sensitive Data The **Office of Inspector General (OIG)** of **NASA** recently revealed a sophisticated spear-phishing campaign where a Chinese national masqueraded as a U.S. researcher. This scheme aimed to acquire sensitive information from the space agency, other government bodies, universities, and private sector firms, resulting in violations of U.S. export control regulations. "For years, **NASA** employees and research collaborators thought they were simply sharing software with colleagues," the **OIG** stated. "Instead, they were emailing sensitive defense technology to a Chinese national who was impersonating U.S. engineers." ### Indictment and Allegations **Song Wu** was identified as the individual behind the campaign in September 2024, when the **U.S. Department of Justice (DoJ)** announced charges against him. The charges stem from a phishing scheme that spanned from January 2017 to December 2021, targeting numerous U.S. professors, researchers, and engineers. The victims included employees from **NASA**, the **Air Force**, the **Navy**, the **Army**, and the **Federal Aviation Administration**, as well as personnel from prominent universities and private companies. According to the 2024 indictment, **Song** was an engineer at the **Aviation Industry Corporation of China (AVIC)**, a Chinese state-owned aerospace and defense conglomerate. He and his accomplices allegedly conducted extensive research on their targets to gain access to proprietary software and source code, seeking modeling software used for aerospace design and weapons development. ### Success and Violations The **OIG** reported that the scheme succeeded in several instances where victims unknowingly shared sensitive information with the imposter accounts managed by **Song**, thereby violating U.S. export control laws. **Song** faces charges of wire fraud and aggravated identity theft, potentially leading to a maximum sentence of 20 years in prison for each wire fraud count, plus a consecutive two-year sentence for aggravated identity theft. He remains at large. ### FBI Involvement and Most Wanted List The **U.S. Federal Bureau of Investigation (FBI)** has added **Song** to its Most Wanted List, noting that the specialized software he sought could be used for industrial and military applications, including advanced tactical missile development and aerodynamic weapon design. ### Lessons Learned The **OIG** emphasized the importance of recognizing clues that can expose scammers and their export fraud schemes. In **Song's** case, these included multiple requests for the same software without justification and unusual payment methods. "Export control scammers also often suggest unusual payment methods (such as suspicious wire transfers); abruptly change the terms or source of payment; and use unconventional transfer methods to mask their identity and evade shipping restrictions."