 |
Call it an amazing example of entrepreneurship or a daring play of deceit. |
| |
你可以稱之為驚人的工作創意,也可以稱之為膽大包天的欺騙行為。 |
|
After a U.S.-based "critical infrastructure" company discovered in 2012 that its computer systems were being accessed from China, its security personnel caught the culprit ultimately responsible: Not a hacker from the Middle Kingdom but one of the company's own employees sitting right at his desk in the United States. |
| |
一家總部設在美國的「關鍵基礎設施」公司,在二0一二年發現其電腦系統遭到來自中國的存取。結果,該公司的安全人員逮到了真正的罪魁禍首:不是來自中國的駭客,而是該公司本身的一名員工,就在美國的辦公室裡上班。 |
|
The software developer is simply referred to as "Bob," according to a case study by the U.S. telecommunications firm Verizon Business. |
|
Bob was an "inoffensive and quiet" programmer in his mid-40's, according to his employee profile, with "a relatively long tenure with the company.". |
|
He was "someone you wouldn't look at twice in an elevator." |
| |
美國電信企業弗萊森商務公司的一份案例研究僅將這名軟體開發者稱為「鮑伯」。根據員工簡歷,鮑伯是個「溫順寡言」、四十五歲左右的程式設計師,「在公司任職時間相當長」。他是個「你在電梯裡遇到也不會多看一眼的人。」 |
|
Those innocuous traits led investigators to initially believe the computer access from China using Bob's credentials was unauthorized -- and that some form of malware was sidestepping strong two-factor authentication that included a token RSA key fob under Bob's name. |
| |
由於這些馴良無害的特質,讓調查人員一開始認為,那些來自中國並且使用鮑伯的身分登入公司電腦的行為是未經授權的入侵舉動──而且有某種形式的惡意軟體繞過了該公司嚴格的雙重驗證措施,其中包括一個歸屬於鮑伯名下的 RSA 憑證鎖圈。 |
| |
Investigators then discovered Bob had "physically FedExed his RSA token to China so that the third-party contractor could log-in under his credentials during the workday," wrote Andrew Valentine, a senior forensic investigator for Verizon. |
| |
接著,調查人員發現鮑伯「真的將他 RSA 憑證鎖寄到了中國,以便第三方的包商能夠在上班時間利用他的身分登入」,弗萊森的高級鑑識偵查員安德魯.瓦倫坦寫道。 |
| |
Bob had hired a programming firm in the northeastern Chinese city of Shenyang to do his work. |
| |
His helpers half a world away worked overnight on a schedule imitating an average 9-to-5 workday in the United States. |
| |
He paid them one-fifth of his six-figure salary, according to Verizon. |
| |
鮑伯雇用了中國東北部瀋陽市一家程式設計公司幫他做他的工作。他那些位於地球彼端的助手熬夜工作,以便模仿美國從早上九點到下午五點的一般工作時間。鮑伯把自己六位數薪水的五分之一付給對方,弗萊森指出。 |
|
Over the past several years, Bob received excellent performance reviews for his "clean, well written" coding. |
| |
He had even been noted as "the best developer in the building." |
| |
過去幾年來,鮑伯因為他的程式碼「簡潔並且撰寫良好」而獲得極佳的工作表現評價。他甚至還被稱為「本棟大樓裡最優秀的程式開發者。」 |
| |
The Verizon investigation suggested Bob's entrepreneurial outsourcing spirit stretched across several companies in his area -- netting him several hundred thousand dollars a year as he paid out about $50,000 a year to his China-based ghostwriters. |
| |
弗萊森的調查顯示,鮑伯將他充滿創意的外包精神應用在他那個地區的幾家公司上──讓他一年得以賺進數十萬美元,而他付給中國的那些代筆者則是一年約五萬美元。 |
| |
Verizon's Valentine told CNN via e-mail that Bob "was in fact terminated at the conclusion of the investigation." |
| |
Presumably Bob's Chinese helpers were as well. |
| |
弗萊森的瓦倫坦透過電子郵件向 CNN 表示,鮑伯「在調查結束後已遭到解雇」。鮑伯的中國助手想必也是一樣。 |
.jpg)
