Former Siemens contract employee David Tinley was sentenced to six months in prison for sabotaging his employer over a span of roughly two years using logic bombs planted in company spreadsheets.

The end goal of his efforts was to cause Siemens to ask for his services at the firm's Monroeville, PA location to repair the malfunctioning software.

62-year old Tinley pleaded guilty to the intentional damage to a protected computer charge in July 2019 and the conviction also came with an additional two-year term of supervised release and a $7,500 fine.

Tinley faced a maximum total sentence of 10 years in prison for the charges, a maximum fine of $250,000, and a maximum term of supervised release of three years according to court documents.

The plea agreement stipulated a total loss amount of $42,262.50 according to the United States Sentencing Guidelines.

Siemens contract employee sentenced for intentionally inserting logic bombs into computer programs he designed, causing company to hire him to fix the malfunctions https://t.co/F1eKipSipC — WDPAnews (@WDPAnews) December 17, 2019

The spreadsheet logic bombs

Tinley planted logic bombs designed to trigger automatically after a set time and randomly crash a series of spreadsheets he designed to automatically calculate customer order cost estimates and workflow according to a Law360 report.

While his spreadsheets worked without flaw for years, starting in 2014 they suddenly began randomly crashing and glitching because of the logic bombs he inserted within the password-protected code.

This prompted Siemens to ask Tinley to fix the issue for a set fee. Each his services were required, he would go in, edit the spreadsheets code and modify the date when they would again start crashing according to Assistant U.S. Attorney Shardul S. Desai.

According to information presented to the court, from in and around 2014 and continuing until on or about May 13, 2016, Tinley intentionally inserted logic bombs into computer programs that he designed for Siemens Corporation. The logic bombs ensured that the programs would malfunction after the expiration of a certain date. As a result, Siemens was unaware of the cause of the malfunction and required Tinley to fix these malfunctions. - DoJ press release

While this worked for about two years until May 13, 2016, Tinley's scheme was discovered when he was out of town and he had to give his password to Siemens' employees because of a time-sensitive deadline that required the spreadsheets to work.

This is not the first instance of logic bombs being planted on computers documented by the U.S. DoJ as shown by previous instances of employees being sentenced, charged, pleading guilty of inserting such software implements on public or their companies' systems [1, 2, 3, 4, 5]