Gary DiMercchio and Justin Wynn, experts in physical penetration testing at Coalfire Systems, share a wild story about their ill-fated attempt to break into a courthouse. They reveal the challenges of conducting security assessments and the unexpected legal troubles that arose from their work. Tensions rise as they recount a miscommunication with law enforcement that nearly led to their arrest. Through humor and candidness, they explore the vulnerabilities of courthouse security and the complexities of legality in the cybersecurity realm.
Physical penetration testers successfully navigate through courthouse security systems to assess vulnerabilities.
Clear communication with clients and maintaining professionalism during physical penetration testing is vital.
Wrongful arrests and criminal charges can have lasting impacts on personal and professional lives.
Despite facing legal challenges, the perseverance of Garry and Justin leads to the eventual dropping of charges.
Deep dives
Testing security at university dean's office
The speaker recalls a time when they visited the dean's office at their university after being denied permission to take too many courses. They went to confront the dean, only to realize they were in the wrong office.
Physical penetration testing at financial institution branches
The podcast explores the experience of two penetration testers who were hired to gain physical access to branches of a financial institution. They successfully exploited different vulnerabilities to gain access to private areas and gather sensitive information.
Physical penetration testing at court houses
The penetration testers were tasked with assessing the security of court houses. They encountered challenges and navigated through alarms and cameras, and successfully explored restricted areas without being detected. Law enforcement responded to the alarms, but after verifying their credentials, the testers were allowed to continue their assessment.
Challenges and successes in physical penetration testing
The podcast highlights the professionals' experiences in physical penetration testing, including techniques such as bypassing locked doors and exploiting vulnerabilities in security systems. They discuss the importance of clear communication with clients and maintaining professionalism when confronted by law enforcement.
The Confusion of Authorization
Garry and Justin, working as contractors, break into a courthouse for a physical penetration test, believing they had permission from the state. However, they are arrested by the sheriff, who claims they didn't have authorization. Garry and Justin remained calm, believing it was a misunderstanding and that their contacts would vouch for them.
Incarceration and Legal Troubles
Garry and Justin are taken to jail, where they are questioned and processed separately. Despite their innocence, they are given orange jumpsuits, put in cells with other inmates, and face charges of burglary and possession of burglary tools. Their bail is set at $5,000, but the county prosecutor insists on higher bail. They spend a sleepless night in jail before being released the next day after the bail money is secured.
Legal Battles and Lingering Consequences
Garry and Justin continue to face legal challenges and fight to clear their names. The county drops the charges to misdemeanor trespassing, but they refuse to plead guilty due to their innocence. They endure months of battles with prosecutors, stress, and uncertainty. Although the charges are eventually dropped, their wrongful arrests leave a lasting criminal record, affecting their personal and professional lives.
In this episode we hear from Gary and Justin. Two seasoned penetration testers who tell us a story about the time when they tried to break into a courthouse but it went all wrong.
This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.
Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
