Do you remember the case where penetration testers got arrested? Here’s the statement from the pen testing firm…:
WESTMINSTER, Colo., Oct. 29, 2019 /PRNewswire/ — Coalfire, a provider of cybersecurity advisory and assessment services, today announced that charges were reduced from felony accusations of burglary to the lesser offense of criminal trespass for two of its employees that were arrested while conducting legal and authorized cybersecurity penetration tests at an Iowa courthouse shortly after midnight on September 11th. Coalfire CEO Tom McAndrew issued a detailed public statement on the matter, highlights of which are provided in this release.
The charges against Mr. Wynn and Mr. DeMercurio should be dropped. Our employees were doing the job that Coalfire was hired to do for the Iowa State Judicial Branch. Coalfire was successful in performing security testing which is an important component of a cyber security program. Testing is critical to identify vulnerabilities that can be exploited by cyber criminals.
Our work included the testing of the physical security of county courthouses and judicial buildings. After gaining access to the Judicial Branch Building, our employees were in communications with our client at the state level to let them know of their successful entry, and the state acknowledged the entry. Days after the entry to the Judicial Branch Building, the employees walked into the Dallas courthouse in the evening, gaining access from an open door. The team locked the door and intentionally tripped the alarm in order to test the security response.
After setting off the alarm in the Dallas courthouse, Mr. Wynn and Mr. DeMercurio stayed at the courthouse to meet County law enforcement responding to the alarm. When confronted by the local Sheriff, the employees appropriately presented a letter executed by the Judicial Branch authorizing Coalfire and its employees to conduct the security testing. This letter is standard practice for this type of work and outlined that the state commissioned the work they were performing. Despite the authorization letter and verbal verification by a Judicial Branch employee, the local sheriff proceeded to arrest Mr. Wynn and Mr. DeMercurio.
Coalfire has done hundreds of these types of engagements, typically finding open doors, unconcealed passwords, and other items that criminals can use to exploit organizations, and is often stopped by law enforcement or security personnel.
When this occurs, the authorization letter is presented. This is the first time that the authorization letter has not resulted in the immediate release of our employees.