Sounds like a plan - Outsourced to China

Started by Melbosa, January 17, 2013, 09:22:09 AM

Previous topic - Next topic

Melbosa

http://www.cnn.com/2013/01/17/business/us-outsource-job-china/

QuoteHong Kong (CNN) -- Call it an amazing example of entrepreneurship or a daring play of deceit.

After a U.S.-based "critical infrastructure" company discovered in 2012 its computer systems were being accessed from China, its security personnel caught the culprit ultimately responsible: Not a hacker from the Middle Kingdom but one of the company's own employees sitting right at his desk in the United States.

The software developer is simply referred to as "Bob," according to a case study by the U.S. telecommunications firm Verizon Business.

Bob was an "inoffensive and quiet" programmer in his mid-40's, according to his employee profile, with "a relatively long tenure with the company" and "someone you wouldn't look at twice in an elevator."

Those innocuous traits led investigators to initially believe the computer access from China using Bob's credentials was unauthorized -- and that some form of malware was sidestepping strong two-factor authentication that included a token RSA key fob under Bob's name.

Investigators then discovered Bob had "physically FedExed his RSA token to China so that the third-party contractor could log-in under his credentials during the workday," wrote Andrew Valentine, a senior forensic investigator for Verizon.

Bob had hired a programming firm in the northeastern Chinese city of Shenyang to do his work. His helpers half a world away worked overnight on a schedule imitating an average 9-to-5 workday in the United States. He paid them one-fifth of his six-figure salary, according to Verizon.

And over the past several years, Bob received excellent performance reviews of his "clean, well written" coding. He had even been noted as "the best developer in the building."

A forensic image of Bob's workstation revealed his true work habits and typical day:
9:00 a.m. -- Get to work, surf Reddit, watch cat videos
11:30 a.m. -- Lunch
1:00 p.m. -- Ebay
2:00 p.m or so -- Facebook and LinkedIn
4:30 p.m. -- Send end-of-day e-mail update to management
5:00 p.m. -- Go home

The Verizon investigation suggested Bob's entrepreneurial outsourcing spirit stretched across several companies in his area -- netting him several hundred thousand dollars a year as he paid out about $50,000 a year to his China-based ghost writers, according to hundreds of PDF invoices also discovered on his work computer.

Verizon's Valentine told CNN via e-mail that Bob "was in fact terminated at the conclusion of the investigation."

Presumably Bob's Chinese helpers were as well.

So who here is getting ideas...
Sometimes I Think Before I Type... Sometimes!

Thorin

That's hilarious!  Someone needs to put him in management.
Prayin' for a 20!

gcc thorin.c -pedantic -o Thorin
compile successful

Lazybones

The impressive part is that he found such a great outsourcing company that no issues where detected accept the direct remote access..

If he had been a little more clever about covering his tracks he would have setup a machine / VM at home that the remote workers used so it would have appeared he was working from home a lot.

Mr. Analog

As has been stated previously that guy should be running a consulting company, he managed to find some great resources.

Unfortunately to do it he had to share his VPN security fob with a 3rd party (whoa not cool). And he was doing this at a number of companies.

Still, gotta hand it to him... rewards come to those who can find others to do hard work.
By Grabthar's Hammer