The Internet is at once one of mankind’s most phenomenal achievements and may also one day prove to be its undoing. The price we pay for limitless information and instant worldwide communication always at our fingertips is one we have yet to discover.
Recently, Verizon noticed that someone was hacking their database from a location across the globe. They hired a team to investigate and happened upon one of the most ingenious scams imaginable…
Verizon security was in the midst of a bit of a crisis. They had reason to believe that someone was hacking their operations, someone foreign. They had no proof of this to speak of, just some subtle indications. It all started when a US firm audited Verizon’s American operations and found some irregularities.
What was perhaps most unusual about the suspected security breach, if indeed it was a breach at all, was that whoever had hacked it didn’t seem to have caused any damage to the infrastructure. The company believed that perhaps it was the work of some budding hacker, a teen perhaps, who’d stumbled into their system by mucking about in places they shouldn’t have…
Verizon’s security team, identified only as a critical infrastructure firm, decided that it was in their best interests to look into this situation on the off chance that it wasn’t a kid. They had Verizon’s web security team look into the data and what they found was not only disconcerting, it was potentially dangerous for American commerce.
The data indicated that Verizon’s virtual private network was being accessed by someone half a world away. Individuals from China had found a way to hack into part of Verizon’s infrastructure. What’s worse, they seemed to have acquired the credentials of one of the company’s most talented programmers…
Could this model employee have been behind some sort of scheme to steal secrets for a Chinese concern? This was not outside the realm of possibilities, but seemed unlikely, as the code was one easily traced back to the employee. Of course, the employee was sitting a few office doors down the hall. They could just ask him.
The employee in question, who we’ll call “Bob” for the purposes of anonymity, was described as your typical office worker. He was a family man in his 40s, had extensive software knowledge, was quiet, inoffensive: some might even say boring. He was not the type to sell his services to a rival Chinese company, but he did have some explaining to do…
Bob was an asset to the company. Every line of code he wrote was clean, well written, and submitted in a timely fashion. He was, as was proved by every quarterly review, the best developer in the building. So it seemed odd that someone in China could have accidentally gotten hold of his credentials.
They discovered the code was not being logged in from the man’s computer, not all the time anyway. It was coming from Shenyang, China. This made even less sense because the man’s security codes would have only come from a coded USB key, a fob with the credentials on it. To get in, they would have had to be able to access the fob itself…
The security team’s theory was that someone had just found a way to perfectly mimic Bob’s credentials even as he sat coding in his office. Not only that but whoever they were they were able to maintain an active, secure connection. They questioned him and asked to see his computer to find out what was happening.
What they found was almost unbelievable. Bob’s computer had hundreds of .pdf notices from a third party contractor/developer: a Chinese contractor located in Shenyang, China. Bob hadn’t been doing his work at all. He’d sent the credentials there himself so that he could outsource all his work to a Chinese company…
He’d shipped the fob out securely so that the company he hired, could perform all of his assigned work. It was a pretty brilliant scam, to be honest, and it had worked swimmingly. Once he got his first assignment back from them and found they hadn’t made a single mistake, he knew it was the right decision.
It made sense if you think about it. Bob was taking home a healthy six-figure salary, he had plenty leftover to hire a Chinese firm for way less than that to perform his work for him. As it turned out, he was paying them one-fifth of his six-figure salary to do his work for him. How long could he keep it up though?
It All Adds Up
As it happened, a pretty long time. Once they had finished the investigation, they found that he had earned several hundred thousand dollars a year, and since he only had to pay the Chinese consulting firm about fifty grand annually, he didn’t end up paying all that much out of pocket for their services.
In fact, the company he hired had done such good work that Bob was lauded for his coding ability time and time again. Which of course resulted in raises during his quarterly reviews. It wasn’t just a job well done, it was a superb job, well above what his coworkers were doing. So what WAS he doing all day?
Bob kept a pretty regular schedule at his office. At 9 am, he’d come in and search Reddit or watch Cat videos for a few hours. He’d take lunch at 11:30 am, then when he got back around 1 pm, search eBay. After that, he’d head to Facebook: the last bastion for office time-wasters everywhere.
End the Day
He’d check his emails a few hours later at around 4:30 pm, to make sure all the assignments he had were wrapped up and had been sent into QA. Finally, at 5 pm, he’d push his desk chair in, turn off his PC, and head home: confident that he’d done a great job that day. It was quite the gig until he got caught…
More Than One
Now, not only had he gotten caught, but Verizon’s investigators believe that Bob might not have stopped with just China. Bob might have outsourced to several foreign companies, not only ones in China but in other parts of Eastern Asia as well. While they continue the investigation into his various scams, Bob has been let go by the company.
Was it So Bad?
In the end, though, we have to ask ourselves, is what Bob did so wrong? He had the money to do it, he wasn’t hurting anyone and if anything, the Chinese firm was delivering better work than he could have accomplished on his own. Of course, it’s not just about the quality of the work it’s about the long-term ramifications inherent in outsourcing…
We hear a great deal about outsourcing these days. We hear that it’s a problem for our country, our economy, our workforce as a whole. And these points are valid, by outsourcing things like manufacturing and software engineering to other countries, we are essentially depleting the available jobs here.
Some Good Ideas
For some companies, like Verizon, who are multi-billion dollar industries, such practices seem almost Un-American, but for smaller companies, outsourcing provides them with a cheaper alternative that allows them to actually build a small business from the ground up. It’s a sticky situation to be sure, but hey, it worked out pretty well for Bob, all things considered.