Former Employee Sentenced to Prison for Sabotaging Company IT Systems

A former employee of an Ohio-based industrial power management company has been sentenced to four years in prison and three years of supervised release, following his conviction for sabotaging the company’s IT system with malicious computer code.

The individual, identified as Davis Lu, was a senior software developer at Eaton Corp. in Beachwood, Ohio, since 2007. However, a corporate reorganization in 2018 reduced his responsibilities and access to the company’s network, leading him to secretly sabotage the system.

According to the Department of Justice (DoJ), Lu introduced malicious code on Aug. 4, 2019, causing system crashes and preventing user logins. The sabotage involved triggering an infinite loop in the company’s IT systems, leading to server hangs and crashes. Additionally, Lu installed a kill switch designed to lock out other employees as soon as the company disabled his profile from the active directory.

This occurred on Sept. 9, 2019, following his termination, resulting in disruptions for thousands of users worldwide. Federal investigators suggest that Eaton quickly identified Lu as the perpetrator, due to part of the sabotage being hosted on a development server with exclusive access granted to Lu. Moreover, the kill switch code was named “IsDLEnabledinAD,” which translates to “Is Davis Lu enabled in Active Directory.”

The DoJ states that on the day he was asked to return his company laptop, Lu deleted encrypted data and conducted online research into methods for escalating privileges, hiding processes, and rapidly deleting files—indicating an intention to hinder his colleagues’ efforts to resolve the system disruptions.

Lu was initially charged in 2021, following a lengthy court process, during which a federal jury found him guilty of causing damage to protected computers. He now faces up to ten years in prison.