Chinese National Sentenced to Four Years for Kill-Switch Code Deployment on Employer’s Network
Published
- Prison sentence: The 55-year-old Chinese national who locked thousands of users out of their company accounts got four years in prison.
- What happened: The individual planted malicious code to disrupt and sabotage the company's network infrastructure.
- The result: He implemented "infinite loops" to exhaust server resources, deleted coworker profiles, and deployed a "kill switch."
A federal court has sentenced Davis Lu, a 55-year-old Chinese national, to four years in prison followed by three years of supervised release for the malicious code deployment on his former employer’s network. The sentencing follows his conviction in March for intentionally causing damage to protected computers.
Details of the Kill-Switch Code Cybercrime
Lu, a software developer for a Beachwood, Ohio-based company from 2007 to 2019, began his attack after a corporate realignment diminished his system access and responsibilities, an official Department of Justice (DOJ) press release says.
According to evidence presented at trial, Lu introduced malicious code designed to disrupt and sabotage the company's network infrastructure. He implemented "infinite loops" to exhaust server resources, deleted coworker profiles, and, most notably, deployed a "kill switch."
This kill-switch code, which Lu named "IsDLEnabledinAD" (Is Davis Lu enabled in Active Directory), was designed to activate automatically if his corporate credentials were ever disabled.
On September 9, 2019, when the company placed him on leave and requested he surrender his laptop, the kill switch triggered, locking out thousands of company users globally.
Investigation and Impact
The FBI's investigation revealed that on the day he was terminated, Lu also deleted encrypted data and had a search history that included methods for escalating privileges and hiding malicious processes.
His actions resulted in hundreds of thousands of dollars in financial losses for his employer and significant operational disruption.
“The defendant breached his employer’s trust by using his access and technical knowledge to sabotage company networks, wreaking havoc and causing hundreds of thousands of dollars in losses for a U.S. company,” said Acting Assistant Attorney General Matthew R. Galeotti of the Justice Department’s Criminal Division.
This case highlights the severe consequences of insider threat cybersecurity breaches. Just recently, active-duty U.S. Navy sailor Jinchao Wei, also known as Patrick Wei, was convicted of espionage and export violations as he agreed to sell Navy secrets to a Chinese intelligence officer for $12,000.
In July, the ex-U.S. Army soldier Kiberphant0m pleaded guilty to ransomware extortion related to the AT&T and Verizon hacks.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular