Developer from China Imprisoned for Installing Harmful Software at American Business
Software Developer Sentenced for Insider Attack on Employer's Systems
In a press release dated August 21, the US Department of Justice (DoJ) announced the sentencing of Chinese software developer Davis Lu. Lu, aged 55, has been sentenced to four years in prison and three years of supervised release.
The crimes took place while Lu was employed as a software developer for an unnamed victim company headquartered in Beachwood, Ohio, between November 2007 and October 2019. The malicious activity began in 2018, following a corporate realignment that reduced Lu's responsibilities and system access.
Acting Assistant Attorney General Matthew R. Galeotti commented that the defendant breached his employer's trust by using his access and technical knowledge to sabotage company networks. The malicious code created "infinite loops," designed to exhaust Java threads and cause server crashes. The damage was so extensive that thousands of company users were impacted globally, and hundreds of thousands of dollars in losses for the employer were accrued.
The insider activity was motivated by disgruntlement with the employer, with no suggestion of nation-state involvement. The malicious code deleted coworker profile files and implemented a kill switch that locked out all users if Lu's credentials in the company's active directory were disabled. By August 2019, Lu had introduced malicious code that caused system crashes and prevented user logins.
On the day he was directed to turn his laptop in, Lu deleted encrypted data. The kill switch was automatically activated when Lu was placed on leave by his employer and asked to surrender his laptop on September 9, 2019. Investigators found that Lu had researched methods to escalate privileges, hide processes, and rapidly delete files.
The Criminal Division is committed to identifying and prosecuting those who attack US companies, whether from within or without, to hold them responsible for their actions. The sentencing comes after Lu was convicted of causing intentional damage to protected computers.
It's important to note that no further details about the victim company or the cost-of-living crisis were provided in the initial paragraph. The crimes occurred while Lu legally resided in Houston, Texas. This incident serves as a stark reminder of the potential harm that can be caused by disgruntled employees with access to sensitive systems.
Read also:
- Peptide YY (PYY): Exploring its Role in Appetite Suppression, Intestinal Health, and Cognitive Links
- House Infernos: Deadly Hazards Surpassing the Flames
- Rare Genetic Disease Affecting a Child: Lend a Hand to Those in Need
- Aspergillosis: Recognizing Symptoms, Treatment Methods, and Knowing When Medical Attention is Required
