A Texas man formerly employed by an Ohio company has been found guilty by a federal jury for malicious activity that wreaked havoc on his ex-employer’s network systems. Identified as Davis Lu, the 55-year-old hailing from Houston had worked as a software developer at the Ohio-based firm for over a decade before a corporate shake-up in 2018 brought reduced roles and lower system access that fueled his damaging actions.
During his tenure from November 2007 to October 2019 at the company in Beachwood, Ohio, Lu seemed like any other staff member. However, following changes within the company that not only trimmed his responsibilities but his system access as well, things turned sour. According to the evidence at trial, Lu retaliated by deploying malicious code into the company’s system, as the U.S. Department of Justice reported.
This sabotage on August 4, 2019, involved creating “infinite loops,” a concept designed to overwhelm servers by endlessly generating new tasks without proper shutdown, causing server crashes and blocking users from logging in. Lu went further, deleting coworkers’ profile files and creating a “kill switch” that effectively locked all users out of the system if his own company credentials were disabled—a function he ominously termed “IsDLEnabledinAD,” short for “Is Davis Lu enabled in Active Directory.”…