Do you fire an employee for not doing his job, or do you promote him for being brilliant?
你是会因为员工不做自己的工作而解雇他,还是因为他表现优秀而提拔他?

That thought may have crossed the minds of supervisors at an unidentified American critical-infrastructure company mentioned on Verizon's computer-security blog Monday (Jan. 14).
1月14日,威瑞森无线通讯公司在他们的电脑安全博客上提到了一家美国大型基础设施公司,这家公司的管理人员说不定就想过了这个问题。

An audit of the firm's server logs revealed an alarming amount of unexplained logins from China into the company's virtual private network.
公司在检查他们的服务器日志后发现,有大量无法解释的中国地址登陆公司的虚拟专用网的记录。

It appeared that a Chinese hacker was breaking into the corporate network almost every day by using an employee's RSA key, a random-passcode-generating token.
看来是一个中国黑客每天都用公司一名员工的RSA密钥(一种随机生成密码的身份凭证)闯入公司的网络。

But that specific employee, a software developer, was in the building every day sitting at his desk. Fearing that millions of dollars in company secrets had been stolen by Chinese hackers, the company brought in Verizon investigators.
但是牵涉其中的那名软件开发员,却每天都好端端地坐在写字楼的办公桌前。由于担心价值数百万美元的公司机密被中国黑客窃取,公司请来了运营商威瑞森的调查员。

The team took a look at the employee's computer for evidence of malware infection. What they found amazed them.
威瑞森的调查员检查了这名员工的电脑是否有被恶意软件感染。结果却让他们惊讶无比。

The employee wasn't doing any work at all. He just surfed the Web and checked email all day. Every week, he received an invoice — from China.
这名员工完全没有在工作。他整天做的事情只是上上网,收收电邮而已。每周他都会收到一张发票——一张来自中国的发票。

It turned out the employee, who was considered one of the best software developers in the company, had completely outsourced his job and was paying Chinese developers about one-fifth of his own six-figure salary.
原来,这名员工将他的所有工作全部都外包给了中国的软件开发员,并支付自己薪水的1/5给他们。他自己所拿到的工资是六位数的,而且公司还认为他还是最优秀的软件开发员之一。

He'd even sent the Chinese developers his passcode generator so they could log into the company's network on his behalf every day.
他甚至把他自己的密码发生器给了中国的开发员,这样他们就能以这名员工的名义登陆公司网络。

There was evidence he was pulling the same scam at other companies as well. The Verizon blog posting didn't mention whether the man still worked at the company.
有证据表明,他在其他公司也使过这招。威瑞森的博客上并没有提到这个员工是否还在该家公司工作。