US software developer caught outsourcing his job to Chinese developers
Security auditors of a US critical infrastructure firm were alarmed when they spotted frequent unexplained logins from China into the company's virtual private network.
The first thought that struck their minds was that a Chinese hacker was breaking into the company's network almost daily by using an employee's RSA key.
Fearing that a hacker from China had been stealing the company's secrets worth millions of dollars, the critical infrastructure company immediately called in Verizon investigators.
Mentioning the incident, Verizon's computer-security blog said, "The company's IT personnel were sure that the issue had to do with some kind of zero day malware that was able to initiate VPN connections from Bob's desktop workstation via external proxy."
To get some evidence of malware infection, the investigators looked at the employee's computer. They were surprised to find that the employee, who was considered one of the company's best software developers, was not doing any work at all. He was spending his time in just surfing the Web and checking emails.
The investigation revealed that the employee had completely outsourced his work to Chinese developers. He was paying them just 20 per cent of his own six-figure salary. He even gave them his RSA key to allow them to log into the company's private network on his behalf.
Further probe revealed that the employee had actually taken jobs with some other companies also and had outsourced those assignments too.