Man Fired For Outsourcing His Own Job To China---Call it an amazing example of entrepreneurship or a daring play of deceit.
After a U.S.-based "critical infrastructure" company discovered in 2012 its computer systems were being accessed from China, its security personnel caught the culprit ultimately responsible: Not a hacker from the Middle Kingdom but one of the company's own employees sitting right at his desk in the United States.
The software developer is simply referred to as "Bob," according to a case study by the U.S. telecommunications firm Verizon Business.
Bob was an "inoffensive and quiet" programmer in his mid-40's, according to his employee profile, with "a relatively long tenure with the company" and "someone you wouldn't look at twice in an elevator."
Those innocuous traits led investigators to initially believe the computer access from China using Bob's credentials was unauthorized -- and that some form of malware was sidestepping strong two-factor authentication that included a token RSA key fob under Bob's name.
Investigators then discovered Bob had "physically FedExed his RSA token to China so that the third-party contractor could log-in under his credentials during the workday," wrote Andrew Valentine, a senior forensic investigator for Verizon.
Bob had hired a programming firm in the northeastern Chinese city of Shenyang to do his work. His helpers half a world away worked overnight on a schedule imitating an average 9-to-5 workday in the United States. He paid them one-fifth of his six-figure salary, according to Verizon.
And over the past several years, Bob received excellent performance reviews of his "clean, well written" coding. He had even been noted as "the best developer in the building."
Read more: http://edition.cnn.com/2013/01/17/business/us-outsource-job-china/index.html
After a U.S.-based "critical infrastructure" company discovered in 2012 its computer systems were being accessed from China, its security personnel caught the culprit ultimately responsible: Not a hacker from the Middle Kingdom but one of the company's own employees sitting right at his desk in the United States.
The software developer is simply referred to as "Bob," according to a case study by the U.S. telecommunications firm Verizon Business.
Bob was an "inoffensive and quiet" programmer in his mid-40's, according to his employee profile, with "a relatively long tenure with the company" and "someone you wouldn't look at twice in an elevator."
Those innocuous traits led investigators to initially believe the computer access from China using Bob's credentials was unauthorized -- and that some form of malware was sidestepping strong two-factor authentication that included a token RSA key fob under Bob's name.
Investigators then discovered Bob had "physically FedExed his RSA token to China so that the third-party contractor could log-in under his credentials during the workday," wrote Andrew Valentine, a senior forensic investigator for Verizon.
Bob had hired a programming firm in the northeastern Chinese city of Shenyang to do his work. His helpers half a world away worked overnight on a schedule imitating an average 9-to-5 workday in the United States. He paid them one-fifth of his six-figure salary, according to Verizon.
And over the past several years, Bob received excellent performance reviews of his "clean, well written" coding. He had even been noted as "the best developer in the building."
Read more: http://edition.cnn.com/2013/01/17/business/us-outsource-job-china/index.html
