A U.S. court has found 55-year-old software developer Davis Lu guilty of deliberately sabotaging his former employer’s computer systems following a demotion. The incident occurred at Eaton, a major corporation specializing in power management solutions, with expertise spanning electrical engineering, hydraulics, and mechanical systems.
Lu had been employed at Eaton since 2007, but in 2018, a corporate restructuring significantly reduced both his responsibilities and salary. In retaliation, he developed malicious software and embedded a “kill switch” within the company’s infrastructure, ultimately causing a widespread operational failure. The malware contained infinite loops that overwhelmed the production server’s resources, resulting in system crashes and preventing users from accessing their accounts.
Beyond this, Lu deleted colleagues’ profiles and implemented a lockout mechanism that would be triggered if his Active Directory account was ever deactivated. This “kill switch” was disguised under the encrypted label “IsDLEnabledinAD”, which translates to “Is Davis Lu Enabled in Active Directory”. When he was terminated on September 9, 2019, the code automatically restricted access to the company’s systems for thousands of employees.
On the day he was ordered to return his corporate laptop, Lu erased encrypted data. According to the U.S. Department of Justice, his internet search history revealed attempts to escalate privileges, conceal processes, and erase files rapidly—suggesting a calculated effort to evade detection.
Lu’s actions inflicted hundreds of thousands of dollars in damages upon the company. The court found him guilty of intentionally causing harm to protected computer systems, a charge that carries a maximum sentence of 10 years in prison. The date of sentencing has yet to be determined.
