recommended reading

NASA engineer, defense contractor knowingly bought illicit software from Chinese conspirator

Cienpies Design/

This story has been updated to include video of undercover meetings with Xiang Li.

Chinese resident Xiang Li has pleaded guilty to copyright infringement and wire fraud charges connected to a bootleg software conspiracy that involved federal sector accomplices, U.S. authorities are expected to announce today in Wilmington, Del.

A NASA engineer and government contractor knowingly bought some of the $100 million worth of critical computer programs that Li copied from mainly American companies, according to court papers and officials.

Immigration and Customs Enforcement Director John Morton and U.S. Attorney Charles M. Oberly III are scheduled to make public the successful prosecution of Li on Tuesday.

“Some of Li’s biggest customers were Americans who held significant engineering positions with government agencies and government contractors,” ICE spokesman Ross Feinstein said.

Between April 2008 and June 2011, Li peddled ill-gotten software through the Web to colluding customers, including the U.S. public sector employees, according to court documents filed on Jan. 4. Software that retails for as much as $3 million sold for between $20 and $1,200 on the Internet shopping sites he maintained. The pirated software has uses for, among other things, defense, space exploration and explosive simulation.

The “defendant acknowledged his involvement in this unlawful software piracy conspiracy throughout his emails with customers,” state the court papers. Clients in the United States, including small business owners, students and inventors accounted for more than one-third of the illegal software buys. The papers note that in one correspondence with a customer, Li describes his enterprise as “an international organization created to crack declassified document[s].”

In 2011, Chinese actors were characterized as “the world's most active and persistent perpetrators of economic espionage" by the Office of the Director of National Intelligence.

Cosburn Wedderburn, who was at the time of the crime a NASA electronics engineer, purchased illicit programs from Li worth a combined $1.2 million, according to officials. The software is used for telecommunications design and aerospace, among other applications.

Wronald Best, then a chief scientist at a Kentucky-based defense contractor, exchanged more than 260 emails with Li, court documents show. His company, which also supports law enforcement agencies, provides services related to radio transmissions, radar, and vacuum tubes used in military helicopters. Best’s purchases would have sold for $600,000 on store shelves.

Best is scheduled for sentencing on Feb. 1, Feinstein said, adding that a telephone conference with the court regarding Wedderburn has been set for April 29.

Li collected payments through wire services such as Western Union and MoneyGram, but profited only about $60,000 off those transactions, according to court documents. He used a Gmail account to transfer the counterfeit copies through “compressed electronic files or hyperlinks to download servers located in the United States and elsewhere,” the documents state.

Homeland Security released video of the meetings with undercover agents.

Video 1:

Video 2:

Video 3:

Threatwatch Alert

Network intrusion / Spear-phishing

Researchers: Bank-Targeting Malware Sales Rise in Dark Web Markets

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.