Iain Thomson reports an update to a case previously reported on this site:
A US court sentenced a former developer at power management biz Eaton to four years in prison after he installed malware on the company’s servers.
Davis Lu, 55, spent a dozen years at Eaton and rose to become a senior developer of emerging technology, before the company demoted him after restructuring. Lu unwisely responded to that setback by installing a “kill switch” that would activate if the company revoked his network access.
The package was a Java program that generated increasing numbers of non-terminating threads in an infinite loop that would eventually use enough resources to crash the server.
… Lu labeled his malware
IsDLEnabledinAD, for “Is Davis Lu enabled in Active Directory.” Furthermore, after developing the software he uploaded it using his corporate credentials – hardly clean OPSEC, to quote the US Defense Secretary.
Read more at The Register.