Comment by dmix
6 years ago
The court is claiming it wasn't a prearranged part of the test that they were aware of. It will be up to the company to prove that it was.
> But it added that the administration “did not intend, or anticipate, those efforts to include the forced entry into a building.”
It's possible they misunderstood something in the contract such as what physical entry means and the scope of red teaming.
In the article it said they were aware of a forced entry made at another court house, but I'm assuming it was after the fact and the security company told them they did it before? If it was before the test then that changes the story but I dont know why they'd admit it to the press otherwise.
> Iowa’s State Court Administration also said in the statement that it had been made aware of a break-in at the Polk County Historic Courthouse in nearby Polk County on Sept. 9 that was similar in nature to the break-in at the Dallas County Courthouse.
The fact they courts aren't fully supporting the guys raises a lot of questions.
It's not like the guys were caught doing anything for personal gain. But there's a small possibility they wanted to show off their ability and keep it hyper realistic, and crossed a lined that should have been better communicated.
The court is claiming it wasn't a prearranged part of the test that they were aware of. It will be up to the company to prove that it was
It should be pretty straightforward to determine if the contract explicitly specified electronic penetration or left some ambiguity. Unfortunately it looks like they won't release the contract so we won't know. (I'm sure the defense will get to see it, unless they go to Kafka land, though presumably they also wouldn't have charged these guys if there was such a large hole in the contract language.)
The contract will almost definitely go into evidence. Unless the judge makes an explicit ruling to the contrary, I believe this means that it will be made public (although access might involve a physical visit and some fees)
In my experience red team contracts explicitly state what is in-scope. Ambiguity means no.
> In the article it said they were aware of a forced entry made at another court house, but I'm assuming it was after the fact and the security company told them they did it before? If it was before the test then that changes the story but I dont know why they'd admit it to the press otherwise.
It isn't clear at all. Perhaps Coalfire informed the Iowa State Court Administration of the Polk county break in when this came to light to avoid further misunderstandings? Who knows what "similar in nature" actually means in this context.
Nope, that theory is busted. I found an article that references a Polk County press release:
> The Polk County Sheriff's Office said in a release Monday that the two suspects in the burglary have been identified as, 43-year-old Gary Demercurio and 29-year-old Justin Wynn. Deputies said the suspects were identified through surveillance footage captured at the courthouse. According to the news release, they are the same suspects in the Dallas County Courthouse burglary. Polk County Sheriff's Detectives continue to work closely with Dallas County Sheriff's Office in this case. Deputies said a small electronic devise baring the company logo to Coal Fire was located in the Polk County Historic Courthouse during the investigation. [0]
[0] https://www.kcci.com/article/deputies-believe-same-suspects-...
This is a weird story. Why are red teamers 'breaking into' places they don't have permission to?