In this gripping case of digital sabotage, former Eaton Corp. developer Davis Lu faces up to 10 years in prison for deploying a series of malicious codes designed to cripple his former employer’s network. After 11 years with Eaton Corp., Lu grew resentful following a corporate "realignment" in 2018 that curtailed his responsibilities. In an act of deliberate retaliation, he introduced harmful scripts that created infinite loops, deleted coworker profile files, and even crashed critical systems. His most notorious creation, a "kill switch" code dubbed "IsDLEnabledinAD"—an apparent shorthand for "Is Davis Lu enabled in Active Directory"—automatically activated the day he was terminated in 2019, causing widespread disruptions. As the US Department of Justice stated, Lu was convicted for "causing intentional damage to protected computers," a move that reportedly cost Eaton Corp. hundreds of thousands of dollars in losses.

Key points:

• Developer and Conviction: Davis Lu, a 55-year-old former developer at Eaton Corp., was convicted of deploying malicious code targeting the company's network.
• Motivation: Lu’s actions were allegedly spurred by a "realignment" in 2018 that reduced his responsibilities, leading to his disgruntlement.
• Methods of Sabotage: The malicious code included infinite loops and deletion of coworker profile files, causing system crashes and blocking legitimate logins.
• Notable Malicious Code: Lu named his damaging codes with dramatic titles such as "Hakai" (Japanese for destruction) and "HunShui" (Chinese for lethargy).
• The Kill Switch: His most destructive tool, the kill switch code named "IsDLEnabledinAD," automatically activated upon his termination on the day he was fired in 2019, disrupting systems globally.
• Legal Outcome: Facing up to 10 years in prison, Lu was convicted for "causing intentional damage to protected computers," marking a significant case of insider digital sabotage.

This case highlights the extreme lengths to which a once-trusted employee went to retaliate against his employer—a modern cautionary tale in cybersecurity and corporate governance.
Link to Article