Malicious Code Deployment by Chinese Developer Leads to Imprisonment at US Company
In a recent development, Chinese software developer Davis Lu, aged 55, has been sentenced to four years in prison for intentionally damaging protected computers belonging to his former employer.
The malicious activity, which took place while Lu was employed as a software developer for an unnamed victim company headquartered in Beachwood, Ohio, between November 2007 and October 2019, caused significant disruptions globally. Thousands of company users were impacted due to the malicious activity.
Lu's crimes came to light after a corporate realignment that reduced his responsibilities and system access. In response, he began sabotaging his employer's systems from 2018. By August 2019, he had introduced malicious code that caused system crashes and prevented user logins.
The malicious code created "infinite loops" that exhausted Java threads, causing server crashes. It also deleted coworker profile files and implemented a kill switch that locked out all users. The kill switch was automatically activated when Lu was placed on leave and asked to surrender his laptop on September 9, 2019.
On the day he was directed to turn his laptop in, Lu deleted encrypted data. The US Department of Justice revealed the sentence in a press release dated August 21.
Acting Assistant Attorney General Matthew R. Galeotti commented that Lu breached his employer's trust by sabotaging company networks. He added that the Criminal Division is committed to identifying and prosecuting those who attack US companies, whether from within or without, to hold them responsible for their actions.
The damage was extensive, with hundreds of thousands of dollars in losses accrued by the employer as a result of the disruptions. However, there are no search results providing information about Lu's former supervisor at the unnamed victim company in Beachwood, Ohio.
It is important to note that the insider activity was motivated by disgruntlement with the employer, with no suggestion of nation-state involvement. Lu's internet search history revealed he had researched methods to escalate privileges, hide processes, and rapidly delete files.
This case serves as a reminder of the potential harm that can be caused by disgruntled insiders with access to sensitive systems. It also underscores the commitment of the US Department of Justice to prosecute such cases and protect American businesses from cyber threats.
