Ethical hacking experts report the arrest of two security specialists hired to evaluate a US court’s IT infrastructure; according to the reports, the two experts were caught while trying to physically access the court’s systems.
Justin Wynn and Gary Demercurio, the two information security specialists involved, were arrested by police in Iowa, US, after they set on an alarm while attempting to carry out the intrusion.
According to police reports, the two individuals argued that the intrusion was part of a penetration testing process that the court had requested from security firm Coalfire. In turn, this company hired the defendants, who now face charges of attempted robbery. In short, the hackers mention that they were only doing the work for which they were hired; the defendants had already collaborated with Coalfire on other ethical hacking services.
However, the Dallas County Court has another version. Although officials acknowledge that the company was in fact hired to conduct a series of information security tests, they also note that Coalfire never reported them hat part of the process was to try to physically compromise its systems.
“The company was hired to try to access court records through hacking activities in order to find potential security vulnerabilities. We were not informed that these attempts included physical intrusions”, says a statement from the court.
The two defendants have been in the custody of the law since last week; a court hearing has been scheduled for September 23th, while the law established a $50k USD bond for both investigators.
In this regard, the firm states that “on previous occasions we have worked with government agencies; our collaborators carry out the requested services with the utmost integrity and with attachment to the needs of customers; because of our privacy policy, and as part of the ongoing investigation, that’s all we can comment on for now.”
Specialists in ethical hacking at the International Institute of Cyber Security (IICS) believe that it is possible for those involved to evade time in prison, as long as the company can demonstrate that physical intrusion is part of its process of penetration tests.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.