16 Jan 2013, Gareth Morgan , V3
Like many workers, Sneak struggles to manage his Facebook, eBay and Reddit commitments with the drudgery of his day-to-day job. But now Sneak has realised the secret to striking the perfect work-life balance.
Verizon's latest security blog posting details a great story about a worker at an unnamed firm working in US critical infrastructure. It had installed a VPN service to allow some of its staff to work from home for a couple of days a week, and all was good. Or at least it was until they started checking the logs.
It appeared they had an open and active connection to Shenyang, China. Given the VPN needed two-factor authentication, this had all the hallmarks of a sophisticated malware attack on their infrastructure – and given the nature of their work, that set the alarms bell ringing.
Having drafted in Verizon Wireless to help out, the firm soon discovered that one of its developers had been compromised. Not by a group of nefarious Chinese hackers, but by an affliction Sneak knows only too well: lazyitis.
The developer in his mid-40s had been hiring a Chinese consulting firm to do his job for him. He'd simply FedEx his security token over, and sit back and enjoy his pay cheque – as we all know, offshore workers can be much cheaper. In fact, as the investigators discovered, it looked like he'd been running the same scam with a number of firms in the area.
Still, it's not all bad news. The developer in question had quarter after quarter been rated as the best in the firm, so at least the firm was getting good coding for its money.