If a Company can outsource its job, so can an individual.
If it is business acumen for A company so it is with an employee.
Are the Clients of the out sourcing aware the our sourced Company out sources further?
In Tamil it is called as ‘Kalavadirrathu’(this term is most commonly used in Brahmin Households)
The truly lazy are often the most creative. Like this developer, who was caught outsourcing his entire job to China so that he could spend his time at work… not working.
The ruse—highlighted in a Verizon case study—was carried out by an employee called “Bob” who worked at an anonymous “critical infrastructure company”. The trick was only spotted when someone noticed suspicious activity on the company’s VPN log. The report explains:
“We received a request from a US-based company asking for our help in understanding some anomalous activity that they were witnessing in their VPN logs. Plainly stated, the VPN logs showed [Bob] logged in from China, yet the employee is right there, sitting at his desk, staring into his monitor.”
While Bob apparently received glowing performance reviews, all of his development work was being carried out from China. In fact, he pulled off the same scam across multiple companies concurrently, earning “several hundred thousand dollars a year”.
Further investigation revealed a typical day’s work for Bob included: reading Reddit for two hours, shopping on eBay for an hour, browsing Facebook for two hours, and checking LinkedIn for a further two. Looks like he’ll be spending more time on LinkedIn from now on.
Such a case came about in 2012. The scenario was as follows. We received a request from a US-based company asking for our help in understanding some anomalous activity that they were witnessing in their VPN logs. This organization had been slowly moving toward a more telecommuting oriented workforce, and they had therefore started to allow their developers to work from home on certain days. In order to accomplish this, they’d set up a fairly standard VPN concentrator approximately two years prior to our receiving their call. In early May 2012, after reading the 2012 DBIR, their IT security department decided that they should start actively monitoring logs being generated at the VPN concentrator. (As illustrated within our DBIR statistics, continual and pro-active log review happens basically never – only about 8% of breaches in 2011 were discovered by internal log review). So, they began scrutinizing daily VPN connections into their environment. What they found startled and surprised them: an open and active VPN connection from Shenyang, China! As in, this connection was LIVE when they discovered it.
Besides the obvious, this discovery greatly unnerved security personnel for three main reasons:
- They’re a U.S. critical infrastructure company, and it was an unauthorized VPN connection from CHINA. The implications were severe and could not be overstated.
- The company implemented two-factor authentication for these VPN connection. The second factor being a rotating token RSA key fob. If this security mechanism had been negotiated by an attacker, again, the implications were alarming.
- The developer whose credentials were being used was sitting at his desk in the office.
Plainly stated, the VPN logs showed him logged in from China, yet the employee is right there, sitting at his desk, staring into his monitor. Shortly after making this discovery, they contacted our group for assistance. Based on what information they had obtained, the company initially suspected some kind of unknown malware that was able route traffic from a trusted internal connection to China, and then back. This was the only way they could intellectually resolve the authentication issue. What other explanation could there be?
Our investigators spent the initial hours with the victim working to facilitate a thorough understanding of their network topology, segmentation, authentication, log collection and correlation and so on. One red flag that was immediately apparent to investigators was that this odd VPN connection from Shenyang was not new by any means. Unfortunately, available VPN logs only went back 6 months, but they showed almost daily connections from Shenyang, and occasionally these connections spanned the entire workday. In other words, not only were the intruders in the company’s environment on a frequent basis, but such had been the case for some time.
Central to the investigation was the employee himself, the person whose credentials had been used to initiate and maintain a VPN connection from China.