Posted on 01/17/2013 12:11:03 PM PST by ksen
What began as a company's suspicion that its infrastructure was being hacked turned into a case of a worker outsourcing his own job to a Chinese consulting firm, according to reports that cite an investigation by Verizon's security team. The man was earning a six-figure salary.
The anonymous company, identified only as a critical infrastructure firm, asked Verizon's Web security personnel to look into data that showed its virtual private network was being accessed from China — even as the employee whose credentials were used to log in from overseas was sitting in the company's offices, using his computer.
As Emil Protalinski writes at The Next Web, the company's security measures included a coded fob which, the investigating team learned, a code developer had shipped to Shenyang, China, so that a company there could perform his assigned work.
And it turns out that the job done in China was above par — the employee's "code was clean, well written, and submitted in a timely fashion. Quarter after quarter, his performance review noted him as the best developer in the building," according to the Verizon Security Blog.
It seems that Verizon has removed the page publishing this "case study" — either that, or it has merely become unavailable for some other reason. But a cached version of the story offers more details. The report, which assigns the inventive employee the fictitious name of "Bob," described him as a family guy in his 40s, with extensive software knowledge.
After they were called in to look for rogue software that allowed hackers to perfectly mimic an employee's log-in, and maintain an active and secure connection, the investigators instead found "hundreds of .pdf notices from a third party contractor/developer in (you guessed it) Shenyang, China."
The Verizon team even found that "Bob" kept a regular schedule at his office: 9:00 a.m. – Arrive and surf Reddit for a couple of hours. Watch cat videos 11:30 a.m. – Take lunch 1:00 p.m. – Ebay time. 2:00 – ish p.m Facebook updates – LinkedIn 4:30 p.m. – End of day update e-mail to management. 5:00 p.m. – Go home
And as they learned, his schedule also included sending less than one-fifth of his salary to the Chinese firm. Verizon's investigators say the evidence they uncovered suggests "Bob" might have had similar arrangements at several companies.
"All told, it looked like he earned several hundred thousand dollars a year, and only had to pay the Chinese consulting firm about fifty grand annually," according to the Security Blog.
It is not yet clear whether "Bob" has read former kickboxer Tim Ferriss's book The 4-Hour Workweek, which explores ideas that include "Outsourcing Life" and "Disappearing Act: How to Escape the Office."
Several hundred thousand dollars a year to watch cat video for two and a half hours a day? I think I’d want a raise.
thinking outside the nine dots...
Personal outsourcing, it’s about time.
Why didn’t he deal with china on his home computer and then just submit the work. That was his mistake. Ill bet the guy was cleaning fish on his desk (office space reference)
Outside the box thinking at it’s best...
I sincerely wish I had someone with this guys brains working for me.
Brilliant absofrigginlutely brilliant!
Piker. He could have become a CEO and made tens of millions of dollars with this idea.
Very slick. I see outsourcing consultancy in your future.
Clever, but I’d rather do the work. Less boring.
The Bobs would be impressed.
Sounds like the movie Outsourced. The protagonist goes to another town to try and order a cheeseburger, and another American takes some pit on him and tells him a couple of things:
“It’s India, you just have to go along with it.”
“INDIA. You know what that means? I’ll Never Do It Again.” The guy is on his fourth trip.
Lastly, “Did you hear about the guy who outsourced himself? Yeah, he quit one company and convinced his new boss to let him work from home. He worked about four hours a week correcting and was enjoying it so much he went to work for another company doing the same thing.”
Ummm... His first name wouldn't be 'Microsoft' would it... ;-)
You know - 'Microsoft Bob'... For those of you old enough to remember that famous piece of software... ;-)
M$ Bob was a pos?
Well... yeah..
Now, was that a question or a comment? ;-)
I wuz just wondering if you were talking in code.
Giving them VPN access to his company’s network without permission is probably a crime.
It's been so long ago that the last time I talked in code it was called 'Pascal'.. ;-)
I learned to believe in the Freedom of Assembly myself.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.