Press Release

Coalfire Objects to All Charges Pending in Cybersecurity Trespass Case

October 29, 2019

After Clear Exoneration, Ruling Remains Questionable in Iowa State Courts Incident


Westminster, CO – October 29, 2019 – Coalfire, a provider of cybersecurity advisory and assessment services, today announced that charges were reduced from felony accusations of burglary to the lesser offense of criminal trespass for two of its employees that were arrested while conducting legal and authorized cybersecurity penetration tests at an Iowa courthouse shortly after midnight on September 11th. Coalfire CEO Tom McAndrew issued a detailed public statement on the matter, highlights of which are provided in this release.

The charges against Mr. Wynn and Mr. DeMercurio should be dropped. Our employees were doing the job that Coalfire was hired to do for the Iowa State Judicial Branch. Coalfire was successful in performing security testing which is an important component of a cyber security program. Testing is critical to identify vulnerabilities that can be exploited by cyber criminals.

Our work included the testing of the physical security of county courthouses and judicial buildings. After gaining access to the Judicial Branch Building, our employees were in communications with our client at the state level to let them know of their successful entry, and the state acknowledged the entry. Days after the entry to the Judicial Branch Building, the employees walked into the Dallas courthouse in the evening, gaining access from an open door. The team locked the door and intentionally tripped the alarm in order to test the security response.

After setting off the alarm in the Dallas courthouse, Mr. Wynn and Mr. DeMercurio stayed at the courthouse to meet County law enforcement responding to the alarm. When confronted by the local Sheriff, the employees appropriately presented a letter executed by the Judicial Branch authorizing Coalfire and its employees to conduct the security testing. This letter is standard practice for this type of work and outlined that the state commissioned the work they were performing. Despite the authorization letter and verbal verification by a Judicial Branch employee, the local sheriff proceeded to arrest Mr. Wynn and Mr. DeMercurio.

Coalfire has done hundreds of these types of engagements, typically finding open doors, unconcealed passwords, and other items that criminals can use to exploit organizations, and is often stopped by law enforcement or security personnel.
When this occurs, the authorization letter is presented. This is the first time that the authorization letter has not resulted in the immediate release of our employees.

Mr. Wynn and Mr. DeMercurio were acting as professionals carrying out their state-authorized obligations focused on improving the security of the Judicial Branch. It is unacceptable that they are now pawns in the dispute between the state and the county related to governance of the court buildings. Our concern is that common sense is not prevailing in this case. The fact that this case is still ongoing is a failure of the criminal justice system in Iowa. 

If what is happening in Iowa begins to happen elsewhere, who will keep those who are supposed to protect citizens honest? This is setting a horrible precedent for the millions of information security professionals who are now wondering if they too may find themselves in jail as criminals simply for doing their job. I believe that citizens of Iowa would benefit from using their resources to fix vulnerabilities, protect their data, and secure their public buildings rather than waste time and tax payer money on this criminal pursuit.

Coalfire is cooperating fully in the ongoing investigation. Our hope is that the officials involved in this case will appropriately consider the context in which the actions of our employees were performed and the ongoing dispute between the state and the county related to governance of the court buildings.

Coalfire is committed to performing our work with the utmost integrity and to making the world a safer place. We stand fully behind our employees and will pursue all avenues to clear their name. They are completely innocent of the charges being brought against them.

McAndrew’s full statement is accessible here.

About Coalfire

Coalfire is the trusted cybersecurity advisor that helps private and public-sector organizations avert threats, close gaps and effectively manage risk. By providing independent and tailored advice, assessments, technical testing and cyber engineering services, we help clients develop scalable programs that improve their security posture, achieve their business objectives and fuel their continued success. Coalfire has been a cybersecurity thought leader for nearly 20 years and has offices throughout the United States and Europe.

Press Contact:
Mike Gallo
For Coalfire