While investigating a possible security breach at a US-based company, experts from Verizon’s Risk Team discovered that one of the developers had actually outsourced his job to China.
The firm had set up a VPN concentrator to allow employees to work from home on certain days. However, when analyzing the VPN logs, they found a connection from Shenyang, China, to the workstation of one employee.
They contacted Verizon because they thought it was the work of hackers. In reality, when they analyzed the computer to which the connections were made to, they discovered hundreds of invoices from a contractor in China.
That’s when they realized that their employee, Bob, was actually paying the Chinese company to do his work.
“Bob spent less than one fifth of his six-figure salary for a Chinese firm to do his job for him. Authentication was no problem, he physically FedExed his RSA token to China so that the third-party contractor could log-in under his credentials during the workday. It would appear that he was working an average 9 to 5 work day,” explained Andrew Valentine of Verizon.
Since he didn’t actually work, Bob spent most of his free time surfing the web. He watched cat videos on YouTube, updated his social media accounts, and surfed eBay.
At the end of the work day, he sent an update email to the management.
With no proper monitoring systems in place, the scam went on for a long time and the company’s HR department always gave him good reviews because he always submitted his code on time.
“Evidence even suggested he had the same scam going across multiple companies in the area. All told, it looked like he earned several hundred thousand dollars a year, and only had to pay the Chinese consulting firm about fifty grand annually,” Valentine said.