A Chinese national was sentenced to four years in a U.S. federal prison for intentionally damaging his former employer’s computer network with malicious code. Davis Lu, a 55-year-old software developer, was convicted in March for a scheme that caused hundreds of thousands of dollars in losses for Eaton Corporation, a global power management company based in Beachwood, Ohio.
According to court documents and evidence presented during the trial, Lu, who had been an employee since 2007, began sabotaging the company’s systems in 2018 after a corporate reorganization reduced his responsibilities. By August 2019, he had deployed a series of malicious codes designed to disrupt operations. These included “infinite loops” that caused servers to crash by overwhelming their resources, as well as code that randomly deleted co-worker profiles.
The most damaging piece of malware was a “kill switch” Lu had programmed to activate if his account was disabled from the company’s network. He audaciously named the code “IsDLEnabledinAD,” an abbreviation for “Is Davis Lu enabled in Active Directory.” When he was terminated on September 9, 2019, the kill switch was triggered, locking out thousands of employees worldwide and crippling company systems.
The Department of Justice released a statement from Acting Assistant Attorney General Matthew R. Galeotti, who said, “The defendant breached his employer’s trust by using his access and technical knowledge to sabotage company networks, wreaking havoc and causing hundreds of thousands of dollars in losses for a U.S. company.”
In addition to the extensive damage, Lu also attempted to cover his tracks. On the day he was asked to return his company laptop, he deleted encrypted data and ran a command to make the information unrecoverable by forensic software. However, investigators were able to recover his internet search history, which showed he had researched methods to escalate privileges and rapidly delete files, demonstrating a clear intent to obstruct efforts to resolve the disruptions. The FBI noted that the case highlights the importance of identifying and mitigating insider threats. Following his four-year sentence, Lu will serve three years of supervised release.
