Nice work if you can outsource it - IT expert surfed the net while Chinese firm did his job
Mystery man paid out thousands of dollars but still kept most of his salary
Tim Walker is The Independent’s Los Angeles correspondent, covering entertainment and other concerns from the West Coast of the US. He was previously a features writer and the editor of the paper’s diary column. His first novel, Completion, is being published in January 2014.
Wednesday 16 January 2013
A software developer employed by a US critical infrastructure company, and known only as “Bob”, was fired for outsourcing his duties to China so that he could spend the day surfing the internet.
The story comes from a case study by US telecommunications company Verizon, which was contacted by the man’s employer in May 2012 to help clear up an anomaly in its computer systems.
According to the case study, the offender is in his mid-forties, had worked for the company for some time, and was known as a quiet and inoffensive “family man”, who happened to have expertise in programming languages such as C, C++, Perl, Java, Ruby, PHP and Python. He was, the report suggests: “Someone you wouldn’t look at twice in an elevator. For the sake of the case study, let’s call him ‘Bob’.”
Two years before the case came to light, Bob’s firm had begun to allow its employees to work from home on certain days of the week, while connected to the company’s virtual private network. When its IT security team began monitoring the system in 2012, however, it discovered a perpetually open connection to the network from Shenyang, a major city in China.
Given the country’s reputation for cyber-espionage, and the company’s role in the “critical infrastructure” of the US, the team was understandably “greatly unnerved” by its discovery, not least because it seemed the connection to China had been open on and off for over six months.
The worker whose computer was making the suspicious connection – “Bob” – appeared to be at his desk, working hard. The company expected no less: performance reviews by its HR department revealed that he had been deemed an excellent employee, who wrote impeccable computer code and submitted it on time. “Quarter after quarter,” the case study claims, “his performance review noted him as the best developer in the building.”
The company feared Bob had fallen prey to Chinese malware, which could have been redirecting sensitive information from his desktop to China, and immediately contacted Verizon, its internet provider, for assistance. Verizon’s investigators sifted through the files in his computer, only to find hundreds of invoices from a Chinese consulting firm, based in Shenyang.
Bob, it quickly emerged, had paid the Chinese company less than 20 per cent of his six-figure salary to perform his duties on his behalf, and then spent the day coolly browsing the web. According to the report, which logged his daily computer habits, Bob began his mornings at 9am by flicking through Reddit, and would then “watch cat videos” before taking his lunchbreak at 11.30am. At 1pm he returned to his desk to surf eBay and update his Facebook and LinkedIn accounts. At 4.30pm he would send an email to his bosses, before leaving the office at 5pm.
When the ruse was uncovered, Bob was swiftly dismissed, yet it appears he was running a similar operation across several companies. He paid the Chinese firm approximately $50,000 per year, but took home a salary of several hundred thousand dollars.
“Every now and then,” reads the Verizon security report, “an attack comes along that, albeit small, still involves some unique attack vector – some clever and creative way that an attacker victimised an organisation. It’s the one-offs... that often become the most memorable and most talked about among the investigators.”
Day in the life of a cyber-skiver
9am Bob begins his working day by flicking through the social news and entertainment website Reddit. He then “watches cat videos”.
11.30am Bob takes his lunchbreak.
1pm Bob returns to his desk to browse eBay and update his Facebook and LinkedIn accounts. From now on, he may need to spend more time on LinkedIn, the professional social network often used for job-hunting.
4.30pm Having spent half an hour emailing his bosses, Bob leaves the office at 5pm.
Life & Style blogs
Planes go hybrid-electric in important step to greener flight
Victoria Beckham's clothing sales double to £30 million in one year
GTA 5: Christmas arrives in Los Santos as update brings snowball fights, festive jumpers and a homing missile launcher
'Tis the season!: Google celebrates Christmas Eve with second animated Doodle
Christmas 2014: Jesus was not born in a stable, says theologian
Nigel Farage defends Kerry Smith 'ch***y' comment: 'If you are going for a Chinese, what do you say you’re going for?'
British actor Idris Elba cannot star as James Bond because he is black, says shock jock Rush Limbaugh
Rozanne Duncan: Ukip expels councillor for 'jaw-dropping' comments made in BBC TV interview
Germany anti-Islam protests: 17,000 march on Dresden against 'Islamification of the West'
Ukip member gets into Christmas spirit with Union Flag plea to Santa 'for our country back'
Panic Saturday: 13 million Britons spend £1.2bn – while 13 million others across the country live in poverty unable to afford food
- 1 Planes go hybrid-electric in important step to greener flight
- 2 Antonio Martin shooting: Police and protesters clash over teenager's death just five miles from Ferguson, Missouri
- 3 Northern Lights above Britain: Stunning Aurora Borealis illuminates Northumberland sky on Christmas Eve
- 4 British actor Idris Elba cannot star as James Bond because he is black, says shock jock Rush Limbaugh
- 5 New route to Mars could make manned mission much cheaper and easier
iJobs Gadgets & Tech
£35000 - £45000 per annum: Ashdown Group: Moodle Developer (PHP ,Linux, Apache...
£17000 - £30000 per annum: Recruitment Genius: This is a fantastic opportunity...
£21000 - £26000 per annum: Recruitment Genius: This Award-winning pharma softw...
£30000 - £45000 per annum: Recruitment Genius: A Senior Java Developer is requ...