Man outsources own job to China

Thu, Jan 17, 2013, 00:00

When a routine security check by a US-based company showed someone was repeatedly logging on to their computer system from China, it naturally sent alarm bells ringing. Hackers were suspected and telecoms experts were called in.

It was only after a thorough investigation that it was revealed that the culprit was not a hacker, but 'Bob' (not his real name), an "inoffensive and quiet" family man and the company's top-performing programmer, who could be seen toiling at his desk day after day and staring diligently at his monitor.

For Bob had come up with the idea of outsourcing his own job - to China. So, while a Chinese consulting firm got on with the job he was paid to do, on less than one-fifth of his salary, he whiled away his working day surfing Reddit, eBay and Facebook.

The extraordinary story has been revealed by Andrew Valentine, senior investigator at US telecoms firm Verizon Business, on its website, securityblog.verizonbusiness.com.

Verizon's risk team was called by the unnamed critical infrastructure company last year, "asking for our help in understanding some anomalous activity that they were witnessing in their VPN logs", wrote Valentine.

The company had begun to allow its software developers to occasionally work from home and so had set up "a fairly standard VPN [virtual private network] concentrator" to facilitate remote access. When its IT security department started actively monitoring logs being generated at the VPN, "What they found startled and surprised them: an open and active VPN connection from Shenyang, China! As in, this connection was live when they discovered it," wrote Valentine.

What was more, the developer whose credentials were being used was sitting at his desk in the office. "Plainly stated, the VPN logs showed him logged in from China, yet the employee is right there, sitting at his desk, staring into his monitor."

Verizon's investigators discovered "almost daily connections from Shenyang, and occasionally these connections spanned the entire workday".

The employee, whom Valentine calls Bob, was in his mid-40s, a "family man, inoffensive and quiet. Someone you wouldn’t look twice at in an elevator."

But an examination of his workstation revealed hundreds of pdf invoices from a third party contractor/developer in Shenyang.

"As it turns out, Bob had simply outsourced his own job to a Chinese consulting firm. Bob spent less than one-fifth of his six-figure salary for a Chinese firm to do his job for him."

When the company checked his web-browsing history, a typical "work day" for Bob was: 9am, arrive and surf Reddit for a couple of hours, watch cat videos; 11.30am, take lunch; 1pm, eBay; 2pm-ish, Facebook updates, LinkedIn; 4.40pm-end of day, update email to management; 5pm, go home.

The evidence, said Valentine, even suggested he had the same scam going across multiple companies in the area.

"Quarter after quarter, his performance review noted him as the best developer in the building," wrote Valentine.

Bob no longer works for the company.

Copyright: Guardian News & Media 2013

Sign In

Forgot Password?

Sign Up

The name that will appear beside your comments.

Have an account? Sign In

Forgot Password?

Please enter your email address so we can send you a link to reset your password.

Sign In or Sign Up

Thank you

You should receive instructions for resetting your password. When you have reset your password, you can Sign In.

Hello, .

Please choose a screen name. This name will appear beside any comments you post. Your screen name should follow the standards set out in our community standards.

Thank you for registering. Please check your email to verify your account.

We reserve the right to remove any content at any time from this Community, including without limitation if it violates the Community Standards. We ask that you report content that you in good faith believe violates the above rules by clicking the Flag link next to the offending comment or by filling out this form. New comments are only accepted for 3 days from the date of publication.