Davis Lu, a 55-year-old former software developer from rural Houston, Texas, was sentenced to four years in prison. In this case he intentionally hacked into his employer’s computer systems. In March 2025, Lu was convicted of knowingly damaging protected computers. Additionally, he exploited his access to run destructive code on an Ohio-based company’s servers.
Lu’s changes had the effect of introducing infinite loops into the source code. This lack of proper Java thread management led to severe outages and even data center failures. That’s because his sabotage led to “serious and substantial losses” in excess of $400,000 for the company. The crimes starting in April of 2021 to Lu’s arrest and later indictment for his crimes.
Malicious Code and Server Crashes
In a calculated move, Davis Lu deployed what has been termed a “kill switch” code, which he named “IsDLEnabledinAD,” an abbreviation for “Is Davis Lu enabled in Active Directory.” The purpose of this malicious code was to generate an infinite loop that would result in server crashing.
Lu made things even worse by rapidly creating new Java threads without suitable cleanup. Every one of these actions completely destabilized the company’s network and operation, resulting in tremendous financial impact.
So on the day Lu was asked to return his company-issued laptop, he decided to act fast. He shredded encrypted volumes and attempted to expunge essential Linux directories, like two other cases, indicating a fervent desire to obscure wrongdoing.
Legal Consequences and Statements
In a statement on Lu’s plea, Acting Assistant Attorney General Matthew R. Galeotti focused on the breach of trust fundamental to Lu’s actions.
“The defendant breached his employer’s trust by using his access and technical knowledge to sabotage company networks, wreaking havoc and causing hundreds of thousands of dollars in losses for a U.S. company,” – Acting Assistant Attorney General Matthew R. Galeotti
Galeotti further commented on the hopelessness of Lu’s efforts to escape retribution, saying that
“However, the defendant’s technical savvy and subterfuge did not save him from the consequences of his actions.”
The Department of Justice denounced Lu’s actions, calling them illegal. They did this specifically to send the message that the tech industry will not stand by when things happen like this.
Importance of Early Detection
The case has sparked discussions around the emergent insider threat. FBI Assistant Director Brett Leatherman of the FBI’s Cyber Division underscored the essential importance of being able to identify these risks early on.
“This case also underscores the importance of identifying insider threats early,” – Assistant Director Brett Leatherman
Of further importance to employers, Lu’s case raises a key reminder. Second, it highlights the risks that insiders who have access and technical know-how can present. As industry and government alike struggle with an increasingly hostile cybersecurity environment, strong monitoring and response mechanisms shall be more and more important.