Texas man convicted of sabotaging employer’s computer systems

A Texas software developer has been convicted for deploying malicious code on his former employer’s network, causing system failures and widespread disruptions.

What happened

A federal jury in Cleveland found Davis Lu, 55, of Houston, guilty of intentionally damaging protected computers. Lu, a former software developer for a Beachwood, Ohio-based company, introduced malicious code into the company’s systems after his job responsibilities were reduced following a corporate realignment.

By August 4, 2019, he had inserted code that crashed servers and blocked user access. He created "infinite loops" that overloaded Java threads, deleted coworker profiles, and installed a "kill switch" that disabled user access if his credentials were revoked. This switch activated upon his termination on September 9, 2019, affecting thousands of employees worldwide.

Additionally, Lu erased encrypted data on his company laptop before returning it, and his search history revealed he had researched ways to escalate privileges, hide processes, and delete files. His actions resulted in hundreds of thousands of dollars in losses for the company.

What was said

Federal officials stressed the severity of the attack. Supervisory Official Matthew R. Galeotti of the Justice Department’s Criminal Division, Acting U.S. Attorney Carol M. Skutnik for the Northern District of Ohio, and Special Agent in Charge Gregory D. Nelsen of the FBI Cleveland Field Office announced the conviction.

Why it matters

Lu’s actions caused operational and financial harm to his former employer. Thousands of employees worldwide were unable to access critical systems, leading to widespread disruptions. The company had to invest in forensic investigations, security upgrades, and system recovery efforts. 

This case shows the risks of insider threats in cybersecurity. Employees with technical knowledge and system access can cause severe damage if motivated by personal grievances. 

The bottom line

Lu faces a maximum sentence of 10 years in prison. His conviction displays the importance of strong cybersecurity policies and proactive monitoring to prevent insider threats from disrupting critical systems.

FAQs

How was Lu caught?

Investigators traced the malicious code to Lu’s credentials and discovered incriminating search history on his devices.

Could this kind of attack have been prevented?

Stronger access controls, real-time monitoring, and early detection of unusual system activity could have mitigated the damage.

What is an "infinite loop" in coding, and why is it harmful?

An infinite loop is a programming flaw that causes a system to repeat a process indefinitely, consuming resources and potentially crashing the system.

How does a "kill switch" work in a cyberattack?

A kill switch is a mechanism designed to disable systems or lock out users when certain conditions, like account termination, are met.