Man who embedded 'kill switch' on ex-employer's system handed brutal sentence
A Chinese national has been prosecuted following the attack
One software developer has been caught and handed a brutal prison sentence after it was revealed that he embedded a 'kill switch' into his ex-employer's systems, causing signifiant damage when he was let go.
Advanced hacking techniques now allow individuals with enough skill to cause significant damage to certain companies, and sometimes all they need is a single password in order to completely take down a business.
There have even been suggestions that the Chinese government has implemented a 'kill switch' of sorts into key electrical grids across America due to a vital component, yet rarely do you see these attacks carried out by individuals already within the system they are targeting.
That strange circumstance has landed Chinese software developer Davis Lu, 55, in serious trouble with the FBI though, as he designed programs that specifically targeted his own employer in response to demotions and eventual dismissal.
What was the 'kill switch'?
As reported by The Hacker News, Davis Lu's kill switch was a code he had named 'IsDLEnabledinAD', which was an abbreviation of the question 'Is Davis Lu enabled in Active Directory'.
Advert
It effectively meant that the dangerous code would be 'released' into the system the moment that his employee credentials were disabled or removed from the company's active directory, which would end up happening in the event of his eventual dismissal.
Lu's attacks on his employer began well before that though, as it all started in 2018 following a corporate realignment that left his responsibilities and system access reduced.
At that point he had been at the company for over a decade and was unhappy with the effective demotion, so he decided to introduce malicious code that caused system crashes and prevented certain other employees from logging in.
In addition he created 'infinite loops' in the system, deleted the work of his fellow employees, and then finally decided to embed IsDLEnabledinAD into the company's systems.
Upon his dismissal on September 9, 2019, Lu's kill switch was activated and it caused significant financial damage to the company that is estimated to be in the hundreds of thousands of dollars.
He also deleted encrypted data that made it harder for his coworkers to resolve the issues his kill switch had created, but he was eventually apprehended by the FBI and handed a hefty prison sentence.
How has he been punished?
Following a sentencing on August 21, Lu was given a four year prison sentence and three years of supervised release following that, with officials slamming his successful attempt to sabotage his former employer.
"The defendant's technical savvy and subterfuge did not save him from the consequences of his actions," explained Acting Assistant Attorney General Matthew R. Galeotti in a statement from the Department of Justice.
"The Criminal Division is committed to identifying and prosecuting those who attack U.S. companies, whether from within or without, to hold them responsible for their actions."
Brett Leatherman, Assistant Director of the FBI's Cyber Division, also added that he "is proud of the FBI cyber team's work which led to today's sentencing and hope it sends a strong message to others who may consider engaging in similar unlawful activities.
"This case also underscores the importance of identifying insider threats early and highlights the need for proactive engagement with your local FBI field office to mitigate risks and prevent further harm."