In an eloquent testimony to the pervasive grip of the outsourcing trend here, the U.S. employee of an infrastructure company has been caught outsourcing his work to a firm in Shenyang, China, earning approximately $250,000 for watching cat videos on You Tube all day while paying the Chinese company a mere $50,000.
Andrew Valentine, a senior forensic investigator at telecom operator Verizon, said in a blog entry that the scheme by the software developer, who was said to be an “inoffensive and quiet” family man in his mid-40s, came to light after the infrastructure company noticed unusual VPN activity on its servers.
An audit of the company’s VPN connections revealed that the employee seemed to be logged in from Shenyang and the data link to the firm there had been active for at least six months.
“Central to the investigation was the employee himself, the person whose credentials had been used to initiate and maintain a VPN connection from China,” investigators said, adding that they had spent the initial hours with the victim working to facilitate a thorough understanding of their network topology, segmentation, authentication, log collection and correlation.
Mr. Valentine detailed a typical day “at the office” for the employee, nicknamed “Bob”: 9 a.m. — arrive and surf Reddit for a couple of hours; watch cat videos. 11.30 a.m. — take lunch. 1 p.m. — Ebay time. 2-ish p.m. — Facebook updates, LinkedIn. 4.30 p.m. — end of day update e-mail to management. 5 p.m. — go home.
Ironically, Mr. Valentine noted, when Verizon investigators read through Bob’s performance reviews it appeared that for the last few years in a row he received excellent remarks from Human Resources. “His code was clean, well written, and submitted in a timely fashion. Quarter after quarter, his performance review noted him as the best developer in the building,” Mr. Valentine said.
According to the investigation there was evidence that Bob “had the same scam going across multiple companies in the area,” which made it possible for him to rake in the six-figure salary and cough up around $50,000 to his partners in China.
Pointing to some of the risks inherent in the highly popular VPN structure that firms with telecommuting workforce adopt Mr. Valentine warned, “Continual and pro-active log review happens basically never — only about eight per cent of breaches in 2011 were discovered by internal log review.”