During the hectic days of the Vietnam war, Pentagon, the building that housed the US Defence Ministry, had acquired a formidable reputation on its own, with the doughty Robert McNamara and the whiz kids gathered there.

There was such frenetic activity, that on any given day nobody knew who was being posted ‘in’ and who was ‘out’. Pentagon became the butt of several jokes, particularly, in the area of cubicle culture.

It was said that two military officers shared the same cubicle. While one, a Colonel, was extremely busy with writing reports, status positions, and getting endless calls from several phones on his desk, the other, an Army Major, was sitting twiddling his thumbs and alternately yawning and sipping tea. When he spoke on the phone it was for arranging a date for the weekend.

One Saturday afternoon, when the Colonel could breathe a little easy, he turned to his colleague and enquired as to how he could be so relaxed amidst all the mad rush.

The Major guffawed and said, “Ah! That’s easy, I take papers from my In-tray and mark them to some Col Smith and there my disposal ends. I don’t know who the sucker is, but it works.” Col Smith was aghast and came away without revealing he was the victim of his colleague’s tricks.

Unwinding, at work

Forward to 2012, when most of the work is done online, with professionals identified through log-in rituals with multi-layered entry using passwords. In this environ, you would think such chicanery is impossible. Don’t be so sure!

Here is what happened recently. A hi-tech Internet security company received a request from a client to look into the Log History in its VPN (Virual Private Network — Internet access used exclusively and privately by the company).

At first there was nothing amiss. However, on deeper scrutiny, it was found that one set of log-in appeared as though it was from Shenyang, China, with which the company had no connection.

Evidently, this discovery jolted the company as it was working in a critical Internet area and therefore such breach had serious implications. It had put in a complex authentication system using the latest in cryptology. Therefore such breach sent alarm bells ringing as the attacker could cause huge havoc.

Enquiry revealed that the logs showed an employee, let us call him Bob, logged in from China, yet the employee was right there in the US, sitting at his desk, staring into his monitor. The company initially suspected some unknown malware that was able to route traffic from a trusted internal connection to China, and then back. It was further revealed that almost daily connections from Shenyang were seen, and occasionally these connections spanned the entire workday.

What gave the game away quickly were the hundreds of invoices from a developer in Shenyang, China, that were unearthed from the desktop of Bob after a forensic search.

As it turned out, Bob had simply outsourced his own job to a Chinese developer for one-fifth of his salary received in the US, parting with his credentials cleverly so that the latter could substitute for Bob without arousing suspicion.

You must be curious how Bob spent his day in the office after such clever outsourcing. It seems a typical ‘work day’ for the much envied Bob looked like this:

9:00 a.m. – Arrive and surf Reddit for a couple of hours. Watch cat videos

11:30 a.m. – Take lunch

1:00 p.m. – Ebay time.

2:00 – ish p.m Facebook updates – LinkedIn

4:30 p.m. – End of day update e-mail to management.

5:00 p.m. – Go home

Related Topics