This article is from the source 'bbc' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at http://www.bbc.co.uk/news/technology-21043693
The article has changed 2 times. There is an RSS feed of changes available.
Previous version
1
Next version
| Version 0 | Version 1 |
|---|---|
| US employee 'outsourced job to China' | US employee 'outsourced job to China' |
| (about 2 hours later) | |
| A security check on a US company has reportedly revealed one of its staff was outsourcing his work to China. | A security check on a US company has reportedly revealed one of its staff was outsourcing his work to China. |
| The software developer, in his 40s, is thought to have spent his workdays surfing the web, watching cat videos on YouTube and browsing Reddit and eBay. | |
| He reportedly paid just a fifth of his six-figure salary to a company based in Shenyang to do his job. | He reportedly paid just a fifth of his six-figure salary to a company based in Shenyang to do his job. |
| Operator Verizon says the scam came to light after the US firm asked it for an audit, suspecting a security breach. | Operator Verizon says the scam came to light after the US firm asked it for an audit, suspecting a security breach. |
| According to Andrew Valentine, of Verizon, the infrastructure company requested the operator's risk team last year to investigate some anomalous activity on its virtual private network (VPN) logs. | According to Andrew Valentine, of Verizon, the infrastructure company requested the operator's risk team last year to investigate some anomalous activity on its virtual private network (VPN) logs. |
| "This organisation had been slowly moving toward a more telecommuting oriented workforce, and they had therefore started to allow their developers to work from home on certain days. In order to accomplish this, they'd set up a fairly standard VPN concentrator approximately two years prior to our receiving their call," he was quoted as saying on an internet security website. | "This organisation had been slowly moving toward a more telecommuting oriented workforce, and they had therefore started to allow their developers to work from home on certain days. In order to accomplish this, they'd set up a fairly standard VPN concentrator approximately two years prior to our receiving their call," he was quoted as saying on an internet security website. |
| The company had discovered the existence of an open and active VPN connection from Shenyang to the employee's workstation that went back months, Mr Valentine said. | The company had discovered the existence of an open and active VPN connection from Shenyang to the employee's workstation that went back months, Mr Valentine said. |
| And it had then called on Verizon to look into what it had suspected had been malware used to route confidential information from the company to China. | And it had then called on Verizon to look into what it had suspected had been malware used to route confidential information from the company to China. |
| "Central to the investigation was the employee himself, the person whose credentials had been used to initiate and maintain a VPN connection from China," said Mr Valentine. | "Central to the investigation was the employee himself, the person whose credentials had been used to initiate and maintain a VPN connection from China," said Mr Valentine. |
| Further investigation of the employee's computer had revealed hundreds of PDF documents of invoices from the Shenyang contractor, he added. | Further investigation of the employee's computer had revealed hundreds of PDF documents of invoices from the Shenyang contractor, he added. |
| The employee, an "inoffensive and quiet" but talented man versed in several programming languages, "spent less than one fifth of his six-figure salary for a Chinese firm to do his job for him", Mr Valentine said. | The employee, an "inoffensive and quiet" but talented man versed in several programming languages, "spent less than one fifth of his six-figure salary for a Chinese firm to do his job for him", Mr Valentine said. |
| "Authentication was no problem. He physically FedExed his RSA [security] token to China so that the third-party contractor could log-in under his credentials during the workday. It would appear that he was working an average nine-to-five work day," he added. | "Authentication was no problem. He physically FedExed his RSA [security] token to China so that the third-party contractor could log-in under his credentials during the workday. It would appear that he was working an average nine-to-five work day," he added. |
| "Evidence even suggested he had the same scam going across multiple companies in the area. All told, it looked like he earned several hundred thousand dollars a year, and only had to pay the Chinese consulting firm about $50,000 (£31,270) annually." | "Evidence even suggested he had the same scam going across multiple companies in the area. All told, it looked like he earned several hundred thousand dollars a year, and only had to pay the Chinese consulting firm about $50,000 (£31,270) annually." |
| The employee no longer worked at the firm, Mr Valentine said. | The employee no longer worked at the firm, Mr Valentine said. |
Previous version
1
Next version