The Washington PostDemocracy Dies in Darkness

Security firm can’t comment on Attkisson computer intrusions

Sharyl Attkisson’s new book, “Stonewalled,” treats readers to a lot of shadowy characters. As the former CBS News reporter narrates the story of the bizarre intrusions into her work and personal computer, she consults with a source that she identified only as “Number One”; she relies on input from a pseudonymous “Jeff”; another pseudonymous person conducts some serious tests on a computer of hers.

Yet near the book’s conclusion, Attkisson cites a real, live person who works for a real, live company — somebody who can be contacted for confirmation about what happened to the controversial former CBS Newser. His name is Don Allison and he works for KoreLogic, a computer security firm with 20 full-timers headquartered in Annapolis. With Allison’s help, Attkisson is able to come to some pretty scary conclusions about what happened to her computer:

While a great deal of data has been expertly wiped in an attempt to cover-up the deed, Don is able to find remnants of what was once there. There’s key evidence of a government computer connection to my computer. A sort of backdoor link that leads to an ISP address for a government computer that can’t be accessed by the general public on the Web. It’s an undeniable link to the U.S. government.

Last night we left a message for Allison. This morning, we heard back from KoreLogic President and Co-Founder Bob Austin, with hopes of engaging in a thoroughgoing chat about the ins and outs of Attkisson’s troubles.

No such luck. Not only has KoreLogic not had a chance to review the book yet, but the firm is under a confidentiality agreement regarding the work it performed in this case. “I doubt that the folks we signed the confidentiality agreement with will loosen it,” said Austin. “We’ll have to check and see if there’s any flexibility on our ability to comment. I think the answer will be no.” Austin declined to identify the parties with whom he signed the confidentiality agreement, though it’s not too hard to guess who they are (CBS News declined to comment on this matter).

Confidentiality agreements are indeed common in this line of work. Clients don’t want their computer histories — and their inability to keep intruders out of their systems — leaking into the public realm. According to Austin, KoreLogic’s clients are primarily Fortune 500 companies, though it does some government work, including a recently concluded project for the Department of Defense. The firm sponsors an annual password-cracking contest called “Crack Me If You Can,” the goal of which is to strengthen computer password protections (the firm’s blog is found here). As for the firm’s work in computer forensics, Allison is the go-to guy on that front with 20 years’ experience in the field, Austin said.

Details in “Stonewalled” regarding KoreLogic serve to extend the long-running story of Attkisson’s computer intrusions. It was May 2013 when Attkisson first discussed them in an interview with a Philadelphia radio host. A month later, CBS News confirmed the intrusions in a statement but didn’t provide the name of the security firm that did the analysis. Attkisson resigned from CBS News in the spring.

Updated to note that CBS News has declined to comment.