Davis Lu, 55, worked at Eaton for twelve years and became a senior developer before a demotion during restructuring. He created and deployed a kill-switch Java program that spawned non-terminating threads in an infinite loop to exhaust server resources. Lu uploaded the code with corporate credentials and labeled it IsDLEnabledinAD. After Eaton revoked his network access on September 9, 2019, the program activated, overloaded networks, prevented login access for thousands of global employees, and deleted corporate data. Federal agents arrested Lu within a month; he admitted the wrongdoing and was sentenced to four years in prison.
Davis Lu, 55, spent a dozen years at Eaton and rose to become a senior developer of emerging technology, before the company demoted him after restructuring. Lu unwisely responded to that setback by installing a "kill switch" that would activate if the company revoked his network access. The package was a Java program that generated increasing numbers of non-terminating threads in an infinite loop that would eventually use enough resources to crash the server.
Not that he had much technical savvy. Lu labeled his malware IsDLEnabledinAD, for "Is Davis Lu enabled in Active Directory." Furthermore, after developing the software he uploaded it using his corporate credentials - hardly clean OPSEC, to quote the US Defense Secretary. Eaton terminated Lu's position on September 9, 2019, and cut off his network access, which caused the Java program to fire up, overloading the network, preventing login access for thousands of Eaton's global staff, and deleting some corporate data.
Collection
[
|
...
]