Print 36 comment(s) - last by virtualdll.. on Jan 18 at 2:43 PM

Bob gets busted bypassing business security

It comes as no surprise to anyone that it is typically much cheaper to have programming performed in China rather than in the U.S., as the work can typically done for a fraction of the cost. A security case involving this interesting dynamic between the U.S. and China has surfaced that's both funny and disturbing at the same time.

A developer for a U.S.-based critical infrastructure company simply called "Bob" was busted for outsourcing his programming job to China. Obviously, his employer had no idea what Bob was doing despite the fact that he had been receiving glowing performance reviews.

Bob was caught during a company security review of VPN logs. Security personnel at the company discovered that there was an unauthorized VPN connection coming into their system from China. Since they are a U.S. critical infrastructure company, having an unauthorized VPN access from China was a big deal.

Making the problem even scarier for the security personnel was that the company had implemented two-factor authentication for the VPN using a rotating token RSA key fob. An unauthorized Chinese connection to the VPN meant that whoever was accessing the system from China had also been able to bypass a security token, or at least they thought this was the case.

Making things even more puzzling for the investigators was that the developer whose credentials were being used was sitting at his desk in the office when the live VPN connection from China was discovered. On further investigation, it was discovered that Bob had physically mailed his RSA key fob to China and had hired developers to do his work.

Bob was reportedly making several hundred thousand dollars per year while paying roughly $50,000 per year to the Chinese developers who were doing his work for him. Bob was spending his day watching cat videos, surfing Facebook, and messing around on eBay according to evidence the security researchers later found on his computer. Bob was also storing invoices from his Chinese developer on his work computer.
Bob had a good thing going, but unsurprisingly, his company wasn’t too fond of his antics and fired him.

Source: Verizon Business Security Blog (cached)

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

By Brandon Hill on 1/16/2013 10:07:51 AM , Rating: 5
Bob was reportedly making several hundred thousand dollars per year while paying roughly $50,000 per year to the Chinese developers who were doing his work for him. Bob was spending his day watching cat videos, surfing Facebook, and messing around on eBay

Living the American Dream!! :)

By fic2 on 1/16/2013 10:17:34 AM , Rating: 4
Just good capitalist practice...

By javiergf on 1/16/2013 10:25:12 AM , Rating: 5
Is the Bob on this story the same one on this video?

By adrift02 on 1/16/2013 11:58:59 AM , Rating: 2
Lol you beat me to it!

By Spuke on 1/16/2013 3:15:29 PM , Rating: 2

By Flunk on 1/16/2013 10:39:27 AM , Rating: 2
Bob thought too small, I'm sure he could have managed several teams of Chinese developers with several different 6 figure incomes.

By Brandon Hill on 1/16/2013 10:45:58 AM , Rating: 5
Well, then I gotta ask, then why can't the customers just take the
specifications directly to the software people, huh?

Well, uh, uh, uh, because, uh, engineers are not good at dealing with

You physically take the specs from the customer?

Well, no, my, my secretary does that, or, or the fax.

By kattanna on 1/16/2013 10:58:43 AM , Rating: 3
Evidence even suggested he had the same scam going across multiple companies in the area. All told, it looked like he earned several hundred thousand dollars a year, and only had to pay the Chinese consulting firm about fifty grand annually.

actually it seems he was managing multiple jobs..

By Jeffk464 on 1/16/2013 12:08:50 PM , Rating: 2
Oh come one we already know China has pretty much been hacking into all of our systems anyways.

By NellyFromMA on 1/16/2013 12:54:03 PM , Rating: 3
This story is effing hilarious

By DrApop on 1/16/2013 1:24:37 PM , Rating: 5
The guy has upper management written all over himself. Plus he is contributing to global economic growth through trickle down economics. He is truly visionary!

This is the best, most positive article on outsourcing I have read. Keep your own job but outsource the work!

By Shane McGlaun on 1/17/2013 8:27:22 AM , Rating: 2

By Shane McGlaun on 1/17/2013 8:29:13 AM , Rating: 2
Luckily for me Chinese characters can't be displayed in our comment system... not that I am outsourcing. Carry on.

By Nortel on 1/17/2013 4:30:54 PM , Rating: 2
Can you give yourself a "6" rating, haha!

"If you mod me down, I will become more insightful than you can possibly imagine." -- Slashdot
Related Articles

Most Popular ArticlesSmartphone Screen Protectors – What To Look For
September 21, 2016, 9:33 AM
UN Meeting to Tackle Antimicrobial Resistance
September 21, 2016, 9:52 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM
5 Cases for iPhone 7 and 7 iPhone Plus
September 18, 2016, 10:08 AM
Update: Problem-Free Galaxy Note7s CPSC Approved
September 22, 2016, 5:30 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki