No, this is not the Onion, it’s not April Fools, and I’m not authoritative this up. All of this comes beeline from Verizon, or added specifically, a case abstraction from 2012 categorical by its aegis team.
See additionally – Verizon investigator: How one US developer could accept gotten abroad with outsourcing his job to China
The adventure goes a little article like this. A developer at a US-based analytical basement company, referred to as “Bob,” was bent aftermost year outsourcing his assignment to China, advantageous addition abroad beneath than one fifth of his six-figure bacon to do his job. As a result, Bob had a lot of time on his hands; in fact, during the investigation, his browsing history appear this was his archetypal assignment day:
Again, I appetite to accent that I haven’t invented this agenda for the account of authoritative this adventure added absorbing or to accept a arrant headline. This comes beeline from Verizon; booty that as you will.
Apparently Bob had the aforementioned betray action beyond assorted companies in the breadth (this allotment is a little cryptic accustomed that he acutely couldn’t physically go into assignment for all of them), earning “several hundred thousand dollars a year,” and alone advantageous the Chinese consulting close “about fifty admirable annually.” At the bearding company, he allegedly accustomed accomplished achievement reviews for the aftermost several years in a row, alike actuality hailed the best developer in the building: his cipher was clean, well-written, and submitted in a appropriate fashion.
Folks, you can’t accomplish this actuality up. Here are the blow of the crazy details, which Verizon says it appear because although this wasn’t a all-embracing abstracts aperture that fabricated headlines, the case had a different advance vector.
Apparently the arrangement was apparent accidentally. Verizon accustomed a appeal from the US aggregation allurement for advice in compassionate aberrant action it was witnessing in its VPN logs: an accessible and alive affiliation from Shenyang, China.
This was alarming because the aggregation had implemented two-factor affidavit for these VPN connections, the additional agency actuality a alternating badge RSA key fob. Yet somehow, although the developer whose accreditation were actuality acclimated was sitting at his board staring into his monitor, the logs showed he was logged in from China.
This bearding aggregation initially doubtable some affectionate of alien (0-day) malware that was able to admit VPN access from Bob’s desktop workstation via alien proxy, avenue that VPN cartage to China, and again back. When Verizon investigated, it eventually noticed that the VPN affiliation from Shenyang was at atomic six months old, which is how far aback the VPN logs went, and it occurred about circadian and occasionally spanned the absolute workday.
Unable to explain how an burglar could accept possibly been accessing the company’s centralized arrangement on such a common basis, Verizon absitively to attending added carefully at Bob, back it was his accreditation that were actuality used. Here’s how his the case abstraction declared him:
Employee contour –mid-40’s software developer abreast in C, C , perl, java, Ruby, php, python, etc. Relatively continued administration with the company, ancestors man, calm and quiet. Addition you wouldn’t attending at alert in an elevator.
All it took was a attending a argumentative angel of Bob’s desktop workstation to ascertain hundreds of PDF invoices from a Chinese consulting close in Shenyang. How did he get about the aegis requirements? He physically FedExed his RSA badge to China.