Ex Eaton Engineer Sentenced for Four Years After Cyberattack on Employer

When office frustration turns into a vendetta, the fallout can be massive. Former software developer Davis Lu has learned that lesson the hardest way possible, as he now faces prison time for planting malicious code inside his employer’s systems.

Good to know

• Davis Lu has been sentenced to four years in federal prison plus three years supervised release.
• His malware “kill switch” caused system lockouts and heavy financial losses for Eaton Corporation.
• Lu admitted to the sabotage in 2019, though he tried to frame co-workers.

Lu’s story began with a demotion in 2018. At the time, he was working as a senior developer for Eaton Corporation. Instead of moving on, prosecutors say Lu started crafting malicious code aimed at sabotaging his own employer. By the time he was officially placed on leave in September 2019, the trap was already set.

The most damaging part of that plan was a so-called “kill switch.” Lu coded the system to lock out all users if his own login was disabled. He even named it “IsDLEnabledinAD,” short for “Is Davis Lu enabled in Active Directory.” As soon as the company revoked his access, the malware triggered, blocking logins, crashing systems, and deleting files.

According to the Department of Justice, the damage added up to hundreds of thousands of dollars in losses. The FBI quickly traced the code back to Lu, despite his efforts to make it look like other colleagues were responsible. Investigators also discovered that he wiped encrypted data from his company laptop before handing it back.

By October 2019, Lu openly admitted to sabotaging Eaton’s systems. Still, he didn’t plead guilty, and the case stretched on for years until his conviction in March. Now, with his four-year sentence handed down, the long saga has come to a close.