Authorised Pen-Testers Nabbed, Jailed in Iowa Courthouse Break-in Attempt
MrPlow writes:
Submitted via IRC for SoyCow3997
Two security contractors were arrested in Adel, Iowa on September 11 as they attempted to gain access to the Dallas County Courthouse. The two are employees of Coalfire-a "cybersecurity advisor" firm based in Westminster, Colorado that frequently does security assessments for federal agencies, state and local governments, and corporate clients. They claimed to be conducting a penetration test to determine how vulnerable county court records were and to measure law enforcement's response to a break-in.
Unfortunately, the Iowa state court officials who ordered the test never told county officials about it-and evidently no one anticipated that a physical break-in would be part of the test. For now, the penetration testers remain in jail. In a statement issued yesterday, state officials apologized to Dallas County, citing confusion over just what Coalfire was going to test:
"The scope is everything," Roseblatt explained. If the scope is only vaguely defined, "you could find yourself exposed to legal liability."
Coalfire's Justin Wynn and Gary Demercurio, who are still in jail [Update: They appear to have made bail on Thursday], have been charged with third-degree burglary and possession of burglary tools. Their bond has been set at $50,000, and they are scheduled to appear for a preliminary hearing on September 23-in the same courthouse they were caught breaking into.
Read more of this story at SoylentNews.