Chinese individual sentenced to 4 years for harming employer with harmful software

Former Software Developer Sentenced for Cybercrime

A Houston resident, Davis Lou, has been sentenced to four years in prison after being found guilty of installing malicious code on his former employer’s computer system. This code included a “kill switch” that disrupted operations when he was locked out of his accounts. In addition to prison time, Lou will also serve three years of supervised release.

The 55-year-old had been employed as a software developer with a company based in Ohio from 2007 until 2019. After the company underwent a restructuring in 2018, which limited his access and responsibilities, he began sabotaging the system. This act of cyber sabotage resulted in significant financial losses—hundreds of thousands of dollars, as noted in a U.S. Department of Justice release.

According to Matthew R. Galeotti, an assistant attorney in the DOJ’s criminal division, Lou’s actions violated the trust of his employer. By using access to disrupt the company’s network, he caused considerable chaos and financial damage.

Lou’s activities escalated to the point where, by August 2019, he had planted code that crashed the entire system and prompted employees to log in multiple times. Among his acts was deleting colleagues’ profile files and creating an “infinite loop” that overwhelmed the server. The “kill switch” he created had a code name of “ISDLENABLENINAD.” It was triggered when he was told to return his company laptop after being placed on leave.

This led to thousands of users around the globe being locked out of the system. On the day he returned his laptop, he also wiped encrypted data from the company’s system. His search history showed that he researched ways to hide processes, escalate privileges, and delete files rapidly.

This case underscores the seriousness of insider threats and the importance of early identification, as highlighted by the FBI cyber team that worked on the investigation. The DOJ aims to send a clear message discouraging similar illegal activities in the future.