Iowa Illegally Jails Hackers
Cristal M Clark
In rather shocking move, Iowa arrested hackers, hackers the State of Iowa contracted through Coalfire in an effort to conduct a penetration test to see if it were possible for a hacker to access sensitive data.
Coalfire by the way is a very well known and prominent cybersecurity company often times hired and contracted to perform such tests worldwide.
Two Coalfire employees were arrested for being able to obtain sensitive data by hacking into the county courthouses servers.
The two Coalfire employees, Justin Wynn, 29, of Naples, Florida, and Gary Demercurio, 43, of Seattle found a door to the Dallas Courthouse open, and when they closed the door to see if it would lock and then attempted to open it, an alarm was set off. Following protocol, the employees waited for police to arrive and showed them their paperwork. Initially, they were told they were “good to go.” Until the local sheriff showed up and put them up for the night in jail.
They have been charged with third-degree burglary and possession of burglary tools after they tripped the alarm at the Dallas County Courthouse.
Coalfire CEO Tom McAndrew: “Our employees were doing the job that Coalfire was hired to do for the Iowa State Judicial Branch. Coalfire was successful in performing security testing, which is an important component of a cyber-security program. Testing is critical to identify vulnerabilities that can be exploited by cybercriminals.”
This move is quite frankly really inept on the part of the State of Iowa, it would appear that some idiot within the State of Iowa lacks the intelligence to read and fully understand let alone comprehend a simple contract which states the Coalfire employees will in fact “pick locks” did this bloody fool think they were picking the locks to the front door?
Not to mention the part of the issues are employees conducting the work outside of normal business hours? Yes, clearly not a single individual within the state of Iowa understands that in the cybersecurity industry a lot of what they do and test is after fucking hours.
While many cybersecurity employees are approached by law enforcement for setting off alarms nationwide, this is a first in terms of two men being arrested and subsequently charged. Charges the men have plead not guilty to.
This incident could be the start of some very bad vibes between states and testing companies in the runup to 2020. Across the country, similar companies are already getting ready to vet the security of hundreds of local elections ahead of 2020, amid widespread fears that Russia will try to interfere as it did in 2016.
Let’s hope Iowa gets its shit together and drops the charges for Justin and Gary who were simply doing what Iowa HIRED them to do, should they refrain to do so they are by default urging every cybersecurity company to refuse to work with every other state in the United States.
Nicely done Iowa, nicely done.
Cristal M Clark