Nice work if you can outsource it - IT expert surfed the net while Chinese firm did his job
Mystery man paid out thousands of dollars but still kept most of his salary
Tim Walker is The Independent’s Los Angeles correspondent, covering entertainment and other concerns from the West Coast of the US. He was previously a features writer and the editor of the paper’s diary column. His first novel, Completion, is being published in January 2014.
Wednesday 16 January 2013
A software developer employed by a US critical infrastructure company, and known only as “Bob”, was fired for outsourcing his duties to China so that he could spend the day surfing the internet.
The story comes from a case study by US telecommunications company Verizon, which was contacted by the man’s employer in May 2012 to help clear up an anomaly in its computer systems.
According to the case study, the offender is in his mid-forties, had worked for the company for some time, and was known as a quiet and inoffensive “family man”, who happened to have expertise in programming languages such as C, C++, Perl, Java, Ruby, PHP and Python. He was, the report suggests: “Someone you wouldn’t look at twice in an elevator. For the sake of the case study, let’s call him ‘Bob’.”
Two years before the case came to light, Bob’s firm had begun to allow its employees to work from home on certain days of the week, while connected to the company’s virtual private network. When its IT security team began monitoring the system in 2012, however, it discovered a perpetually open connection to the network from Shenyang, a major city in China.
Given the country’s reputation for cyber-espionage, and the company’s role in the “critical infrastructure” of the US, the team was understandably “greatly unnerved” by its discovery, not least because it seemed the connection to China had been open on and off for over six months.
The worker whose computer was making the suspicious connection – “Bob” – appeared to be at his desk, working hard. The company expected no less: performance reviews by its HR department revealed that he had been deemed an excellent employee, who wrote impeccable computer code and submitted it on time. “Quarter after quarter,” the case study claims, “his performance review noted him as the best developer in the building.”
The company feared Bob had fallen prey to Chinese malware, which could have been redirecting sensitive information from his desktop to China, and immediately contacted Verizon, its internet provider, for assistance. Verizon’s investigators sifted through the files in his computer, only to find hundreds of invoices from a Chinese consulting firm, based in Shenyang.
Bob, it quickly emerged, had paid the Chinese company less than 20 per cent of his six-figure salary to perform his duties on his behalf, and then spent the day coolly browsing the web. According to the report, which logged his daily computer habits, Bob began his mornings at 9am by flicking through Reddit, and would then “watch cat videos” before taking his lunchbreak at 11.30am. At 1pm he returned to his desk to surf eBay and update his Facebook and LinkedIn accounts. At 4.30pm he would send an email to his bosses, before leaving the office at 5pm.
When the ruse was uncovered, Bob was swiftly dismissed, yet it appears he was running a similar operation across several companies. He paid the Chinese firm approximately $50,000 per year, but took home a salary of several hundred thousand dollars.
“Every now and then,” reads the Verizon security report, “an attack comes along that, albeit small, still involves some unique attack vector – some clever and creative way that an attacker victimised an organisation. It’s the one-offs... that often become the most memorable and most talked about among the investigators.”
Day in the life of a cyber-skiver
9am Bob begins his working day by flicking through the social news and entertainment website Reddit. He then “watches cat videos”.
11.30am Bob takes his lunchbreak.
1pm Bob returns to his desk to browse eBay and update his Facebook and LinkedIn accounts. From now on, he may need to spend more time on LinkedIn, the professional social network often used for job-hunting.
4.30pm Having spent half an hour emailing his bosses, Bob leaves the office at 5pm.
Life & Style blogs
When did the Eiffel Tower open to the public? Six things you didn't know about iconic structure
Pacman Google Maps: company offers chance to play classic arcade game on real streets
Gamers confess the worst things they've done in The Sims
Worst time to be a parent revealed: Dinner, baths and bed time push stress levels to peak
American Apparel gets another ad banned by advertising watchdog for sexualising children
Ukip supporters are 55 or older, white and socially conservative, finds British Social Attitudes Report
Street preacher quoting from the Bible fined for calling homosexuality an 'abomination'
Woman filmed launching racist tirade against men on the Tube for speaking in 'own lingo'
The West has it totally wrong on Lee Kuan Yew
David Cameron calls Labour 'hopeless, sneering socialists' while announcing 7-day NHS plans
Revealed: Putin's army of pro-Kremlin bloggers
- 1 Tidal launch: The most pretentious lines from Alicia Keys' valedictory speech
- 2 Trevor Noah: Jon Stewart's replacement faces online criticism over 'anti-Semitic' tweets
- 3 Martha Stewart accuses Snoop Dogg of 'smoking for four hours' during Justin Bieber Roast
- 4 Gamers confess the worst things they've done in The Sims
- 5 Syrian child photographed 'surrendering to camera because she thought it was a gun'
iJobs Gadgets & Tech
Negotiable: Recruitment Genius: This leading supplier of compliance software a...
£25000 - £40000 per annum: Recruitment Genius: This fast growing digital agenc...
£58000 - £65000 per annum: Ashdown Group: SQL DBA - Bromley, South East London...
£55000 - £65000 per annum + Benefits: Ashdown Group: Service Delivery Manager ...