Crash of production server leads to FBI case, despite modest losses
A US software developer faces computer sabotage charges after he was arrested over allegations that he planted malicious code on his former employer’s computer servers.
Davis Lu, 51, of Houston, Texas, has been indicted over one count of damaging protected computers following his arrest on Wednesday (April 14).
The case dates back to computer problems that the as-yet-unnamed Cleveland, Ohio-based start-up experienced on August 4, 2019, that witnessed the crash of production servers and staff locked out of systems.
A subsequent investigation uncovered “unauthorized code installed on a server, causing that server to create an infinite loop and crash”.
A US Department of Justice statement on the case adds that the company also found code that deleted files associated with user profiles – a factor that explains the system lock-out behaviour.
Relatively modest losses of more than $5,000 resulted from the incident.
Lu, a senior software developer at the start-up around the time of the fracas, was asked to return his computer.
A subsequent forensic investigation is said to have uncovered internet searches on how to escalate privileges, hide processes, and delete large folders and files.
In addition, the examination concluded that Lu “deleted encrypted volumes, attempted to delete Linux directories and attempted to delete two additional projects” prior to returning his work computer.
If Lu wasn’t a suspect in the first place, then the findings of an examination of his work computer certainly served to cast him in that role, leading on to his indictment and arrest.
The suspect faces a single count of allegedly damaging a protected computer.
Although the aggravating incident happened more than 18 months ago, the prosecution against Lu is still in its infancy and no plea has been recorded.
The case, perhaps surprising given the low monetary value of the alleged losses, was investigated by the Cleveland Division of the FBI.