The developer transferred his work to outsource to China and spent time on Reddit
Last year, during the security audit of an unnamed company, one of the key US infrastructure enterprises, it was revealed that one of the top developers found a successful way to not work, “walk” all day on the Internet and remain one of the best employees in the news script. release humorous newspaper false news Onion: he gave his own work is outsourced to Chinese contractor, and he spent time working on websites sotsilnyh networks "ibee" and watched a video with cats on Reddy ".
His clever trick was revealed after fragments of logins from the IP addresses of the PRC were found in the logs of the entrance to the company's corporate VPN. The VPN was set up specifically for developers to work from home. The logs showed a regular sequence of logins to the company's main servers from the Chinese Shenyang, using the account of a certain employee, B.
Initially, the company's IT specialists were convinced that this was the result of some malicious software that exploited the zero-day vulnerability, which allowed to establish connections from B.'s work computer to an external proxy server, and then open a VPN connection to the machine in China, but this guess was not confirmed.
After permission was received to study B.'s network behavior, employees of the Verizon telecommunications service provider found that B. uses the services of a software consultant from Shenyang who does his job. B. sent FedEx to China with his two-factor authentication key so that the contractor can log into his account. Hundreds of invoices from China were found on B.'s work computer. B. received a six-digit number of dollars a year, and to pay for the services of the Chinese, as if according to Pareto's law, only one-fifth of this amount went.
')
The rest of the time B. spent other tasks, in particular, his typical day consisted of:
This lifestyle was good for B. “His” labor productivity has increased significantly, as noted by the personnel department, “he” was the top programmer of the company based on the results of several quarters and was considered an expert in C, C ++, Perl, Java, Ruby, PHP and Python .
Further investigation revealed that enterprising B. took orders from other companies and "carried out" them with the hands of Chinese outsourcers, which brought him hundreds and thousands of dollars in profits, as well as a huge amount of free time that he spent on fermenting through forums and watching videos by type Detective mittens
At the moment, B. is no longer employed in the company.
According to The Register
His clever trick was revealed after fragments of logins from the IP addresses of the PRC were found in the logs of the entrance to the company's corporate VPN. The VPN was set up specifically for developers to work from home. The logs showed a regular sequence of logins to the company's main servers from the Chinese Shenyang, using the account of a certain employee, B.
Initially, the company's IT specialists were convinced that this was the result of some malicious software that exploited the zero-day vulnerability, which allowed to establish connections from B.'s work computer to an external proxy server, and then open a VPN connection to the machine in China, but this guess was not confirmed.
After permission was received to study B.'s network behavior, employees of the Verizon telecommunications service provider found that B. uses the services of a software consultant from Shenyang who does his job. B. sent FedEx to China with his two-factor authentication key so that the contractor can log into his account. Hundreds of invoices from China were found on B.'s work computer. B. received a six-digit number of dollars a year, and to pay for the services of the Chinese, as if according to Pareto's law, only one-fifth of this amount went.
')
The rest of the time B. spent other tasks, in particular, his typical day consisted of:
- 9:00 - arrival to work and a couple of hours of fermentation on the "Reddit". View videos with cats.
- 11:30 - lunch.
- 13:00 - shopping on ebay.
- In the third hour of the day - updates on Facebook and LinkedIn.
- 16:30 - letter to the manager.
- 17:00 - home
This lifestyle was good for B. “His” labor productivity has increased significantly, as noted by the personnel department, “he” was the top programmer of the company based on the results of several quarters and was considered an expert in C, C ++, Perl, Java, Ruby, PHP and Python .
Further investigation revealed that enterprising B. took orders from other companies and "carried out" them with the hands of Chinese outsourcers, which brought him hundreds and thousands of dollars in profits, as well as a huge amount of free time that he spent on fermenting through forums and watching videos by type Detective mittens
At the moment, B. is no longer employed in the company.
According to The Register
Source: https://habr.com/ru/post/285528/
All Articles