Siemens Contractor Pleads Guilty For Planting Logic Bombs Into Programs He Designed
A former contract programmer of a German-based tech company has pleaded guilty to planting “logic bombs” in the company’s worksheet that required them to rehire him every few years. He now faces up to 10 years in jail and up to a $250,000 fine for the crime, according to Business Insider.
David Tinley, 62, a resident of North Huntington, Pennsylvania, pleaded guilty in federal court to one count of intentional damage to a protected computer, the U.S. Attorney’s Office of the Western District of Pennsylvania said in a press release. He had been offering software services for Siemens’ Monroeville, PA offices for nearly ten years.
According to court documents, Tinley had been hired by a U.S. unit of Siemens’ Monroeville, PA on a contract basis to create custom, automated spreadsheets, which were used by the company to manage orders for electrical generation equipment.
Tinley inserted the so-called “logic bomb” in the company’s spreadsheets designed by him, which caused glitches in the spreadsheet to face problems such as changes in the on-screen buttons sizes and error messages, according to a report from Law360.
A “logic bomb” is a piece of computer code intentionally inserted into a software system that will set off a malicious function when specific conditions are met.
“From in and around 2014 and continuing until on or about May 13, 2016, Tinley, a contract employee for Siemens Corporation at the Monroeville, PA location, intentionally inserted logic bombs into computer programs that he designed for Siemens Corporation. The logic bombs ensured that the programs would malfunction after the expiration of a certain date. As a result, Siemens was unaware of the cause of the malfunction and required Tinley to fix these malfunctions,” reads the court documents.
The logic bombs would go off every few years after a certain date and crash the files. Every time the scripts would crash, the company would call Tinley to fix the glitch for a fee. He would then fix the bugs by resetting the date the logic bombs were due to go off next time.
Tinley’s plan went unnoticed until he was caught in 2016 when Siemens had to put an urgent order through the system which had begun glitching while he was away on a vacation.
The situation reportedly forced Tinley to hand over an administrative password that protected the system’s code for the spreadsheets to Siemens’ IT staff, which ended up busting his logic bombs.
Tinley’s lawmakers argued that his only motivation to do this was to simply protect his proprietary work and not make any extra money by fixing the spreadsheets.
However, prosecutors argued that the act should still be considered a felony. Further, such conduct did cause loss to Siemens of more than $5,000 during a one-year period. Besides this, the company also spent about $42,000 on an investigation into the damages caused by Tinley to the company.
Tinley’s plea included an agreement to pay restitution for those costs, as well as forfeiting two laptops that were used for facilitating the commission of the offense. Additionally, he could serve up to 10 years in jail and a fine up to $250,000 for the crime.
The contractor’s sentencing hearing is scheduled for November 8, 2019.