NEWYou can now listen to Fox News articles!
A Chinese national living in Texas was sentenced on Thursday to four years in prison and three years of supervised release for installing malicious code on his former employer’s systems, including a “kill switch” that locked workers out when his account was disabled.
Davis Lu — a 55-year-old man residing legally in Houston — was convicted in March of intentionally damaging protected computers while working as a software developer for the Ohio-based company, according to a news release from the U.S. Department of Justice.
CHINESE CITIZEN ADMITS STEALING US TRADE SECRETS FOR NEXT-GENERATION NATIONAL SECURITY TECH
The cyberattack resulted in the company losing hundreds of thousands of dollars, as noted in the release.
“The defendant breached his employer’s trust by using his access and technical knowledge to sabotage company networks, wreaking havoc and causing hundreds of thousands of dollars in losses for a U.S. company,” Matthew R. Galeotti, acting assistant attorney general of the criminal division at the DOJ, said in a statement.
NORTH KOREA LASHES OUT AFTER TRUMP DOJ EXPOSES MASSIVE IT INFILTRATION SCHEME
Lu — who worked at the company for nearly twelve years — began undermining his employer’s systems after a 2018 corporate realignment reduced his system access and work responsibilities. By August 2019, he had planted malicious code that triggered system crashes and blocked employees from logging in, as noted in the release.
He deleted coworkers’ profile files, created “infinite loops” that overwhelmed servers and built a “kill switch” designed to lock out all users if his account was ever disabled. He named the “kill switch” code “IsDLEnabledinAD,” an abbreviation for, “Is Davis Lu enabled in Active Directory,” according to the DOJ.
NORTH KOREAN IT WORKERS INFILTRATED FORTUNE 500 COMPANIES IN MASSIVE FRAUD SCHEME
That “kill switch” was triggered in September 2019 when Lu was placed on leave and told to return his company laptop, instantly shutting out thousands of users worldwide, according to the release.
On the day he was ordered to give back his laptop, Lu also wiped encrypted data from company systems. His search history revealed that he researched how to hide processes, escalate privileges and quickly erase files — suggesting an attempt to slow down recovery efforts, according to the DOJ.
“I am proud of the FBI cyber team’s work which led to today’s sentencing and hope it sends a strong message to others who may consider engaging in similar unlawful activities,” Brett Leatherman, assistant director of the cyber division at the Federal Bureau of Investigation (FBI), said in a statement. “This case also underscores the importance of identifying insider threats early and highlights the need for proactive engagement with your local FBI field office to mitigate risks and prevent further harm.”
The U.S. Department of Justice did not immediately respond to Fox News Digital’s request for comment.
Read the full article here
