The software developer fired after outsourcing his job thought he was outsmarting his employer.
And he was – for a time.
In a security blog post by Andrew Valentine on the Verizon Business Security website, Valentine details the case of an unnamed man who had outsourced his own job to a firm in China.
The software developer was a well-paid employee who was paid hundreds of thousands of dollars per year to perform his job. He hired a Chinese consulting firm to do his job and he paid the firm $50,000 per year out of his own salary.
The situation came to light when some irregular activity was noticed and the company sought assistance in determining the cause.
Since more and more of their employees were allowed to work from home, standard VPN access was set up and someone was logging in from China.
The firm that the software developer hired was logging in with the employees credentials. Company officials couldn’t understand this, since the employee was his desk when connections were logged as coming in from China.
There were hundreds of VPN connections made from China. Sometimes the connection was active for the entire workday, while the employee was sitting at his desk “working”
At first, they thought maybe they were the target of a malware attack and took steps to review all the files on the employees computer.
They were quire surprised to discover hundreds of .pdf files that were invoices from a consulting firm in China.
A review of this employees web activity showed that he hardly did any real work.
According to the Verizon Security blog, the employee’s typical workday was spent on social networking websites and ebay. Here’s how he spent his day,
9:00 a.m. – Arrive and surf Reddit for a couple of hours. Watch cat videos
11:30 a.m. – Take lunch
1:00 p.m. – Ebay time.
2:00 – ish p.m Facebook updates – LinkedIn
4:30 p.m. – End of day update e-mail to management.
5:00 p.m. – Go home
Further, the evidence uncovered suggested that this, now former, employee had the same scam going across multiple companies in the area.
Aside from the irregular VPN logs, there was nothing to raise a red flag.
Any of the projects the unassuming man in his 40’s had turned in contained well-written solid code and the now former employee had even received positive evaluations and was singled out as the best developer in the building.
The software developer fired after outsourcing his job has been described by some as a genius.
In actuality he was nothing more than a creative thief and scammer.
The moral of the story- review your logs!