Tight Race

Wow! what a tight race. Right now I’m up with 1 vote after being down with as much as 8 votes over the last few days. The Yarrow Point race is the closest race in the County. I think we need to wait until the final reconciliation report (Nov 28th) before we can call this one. Every vote counts so I’m so grateful for all of you that voted for me. There are about 0.7% votes remaining or an estimated 3 (2.8) votes left to count. If the other candidate get all 3 remaining votes he will win. If I get 1 and he get 2, there will be a tie and coin toss. If I get 2 or more I will win. Fingers crossed.

So what happens if it is close or a tie? From what I understand, there is no recount on local ballots unless somebody ask and pay for it so I don’t expect that. If there is a tie there will be a coin toss administered by the King County Election office.

Votes update 11/9

Ok, I’m back to a 7 vote lead over David Young in the race for the Town council position 1. See results here. Still too close to call, there are probably some 10-20 more votes that are not counted. I base this on  comparing the number of counted ballots in 2017 vs 2015:

2017 – 321 ballots counted so far

2015 – 333 ballots counted in total


Keep your fingers crossed, new update tomorrow!



New IT-Security incident at Yarrow Point

On Friday I was notified about another IT-Security related incident that the Town fell victim for. So far not much information is available, but it appears that the attack resulted in some files and systems being inaccessible. Below is the notification that was sent from the Town. The Town also updated their website with information about the incident.

On Wednesday, October 18, 2017, the Town of Yarrow Point discovered that it was the victim of a cyber incident that made certain files and systems inaccessible. Immediately upon discovering this incident we launched an investigation to determine its impact and to restore the impacted systems. As part of our response, we began working with a leading independent third-party forensic investigator so that we can learn about the nature and scope of this incident. The Town has also contacted the Clyde Hill Police Department. The investigation of, and response to, this incident is ongoing. While electronic access to specific Yarrow Point services and information may be limited as we work to restore the impacted systems, the Town remains operational and can provide all necessary services, including the issuance of permits. We thank you for your understanding and patience as we resolve this issue. We will continue to update you as relevant information becomes available.

What seems odd is the timing of this incident.  There are no new widespread ransomware or other cyber-attacks reported during the week of October 16th when the attack supposedly took place. Another possibility is that this attack is related to the previous wire fraud attack and somebody is trying to cover their tracks. In either case, this is disturbing news. The Town should have implemented proper protection and procedures based on the learning from the previous incident to not fall victim for these types of attacks.

I’m getting really concerned about the Town and how they operate. As I’m running for the town council I will make sure to use my knowledge in the IT field to audit and fix these issues. We need to protect our Town’s infrastructure and the taxpayer’s money. Please consider voting for me on November 7th. You should have already received your ballots in the mail.

I will request public information and further review this incident as soon as it becomes available.

The $50,000 fraud, an update

Together with another resident, I have review the public records pertaining the wire fraud that happened in August and that unfortunately led to a loss of ~ $50k of the taxpayer’s money. Below are some details and a conclusion.


Fraud approach

The fraudster was sending emails that used the exact same email address as the Mayor. He or she sent it to the Town’s email system from outside. This is commonly known as email spoofing and is relatively simple to do. Normally, any reply to a spoofed email would go back to the Mayor’s proper address. However, in this case the sender also added another email trick. The fraudster added a separate reply-to address into the email. A separate reply-to address that is different from the senders is a standard feature in email but is not commonly used. The reply to address that showed up once you hit reply was an outlook.com address. This is a free consumer grade email address that anybody can sign up to.

The Fraudster asked the Town to wire money to a different bank. From there, the money probably went through multiple additional wire transfers until they finally reached the fraudster.

  1. Fraudster sends “phising” email impersonating the Mayor and asking for a wire transfer.
  2. Town personnel replies and ask what account to transfer money to.
  3. Fraudster copy/paste email from outlook server and replies again with an email impersonating the Mayor.
  4. Wire is sent out. Fraudster typically is using several layers of wire transfers to receive the money.



July 12thFailed attempt to fraud. This attempt was flagged by the Clerk/Treasurer and sent to the IT-  administrator. Clerk/Treasurer notes that she is getting a suspicious reply-to email address when she hits reply.

 Aug 16thSuccessful attempt that resulted in ~ $14k being wired out of the Town’s account.

Aug 21st Successful attempt that resulted in ~ $35k being wired out of the Town’s account.

Aug 22ndMayor discovers the fraud. Police and FBI informed.

Sept 1stYet another request for wire transfer received. This was flagged as fraud.



  • This was a classic and common type of phishing email.
  • Town’s email system lacked good spam/fraud protection. An email coming from Nigeria with this type of odd header should have been flagged and deleted by the system. As of 10/17/2017 The Town’s website is indicating that they are upgrading their email system.
  • Town’s email system does not use Sender Policy Framework and is therefore susceptible to spoofing. This is still the case as of 10/17/2017.
  • The sender’s IP-addresses from can be traced back to Smile Telecom in Nigeria. This means that a system in Nigeria sent the fraudulent email that initiated the wire transfer.
  • Sender knew names and short names of people working in the Town’s administration. This information was potentially harvested from the Town’s website. However, some of the names used were not mentioned on the town’s website at the time of the fraud. The harvesting must have taken place earlier in the year.


The chances that the perpetrator will be found is probably slim at this point. But not all hope is lost. There are avenues open that I know the Mayor is exploring to try to recoup some or all the money. I’m happy to assist in any way I can. If I get elected to the Town council on November 7th, I believe that my background in IT, Networking and Security will be helpful to make sure the town have a modern IT infrastructure.

Surveillance cameras


During last council meeting the question regarding Town owned surveillance cameras came up.  One resident made an appearance and told the town that their house was burglarized the other day. He asked the Town council to consider surveillance cameras as you enter the Town. I hope that the Clyde Hill Police department can find the perpetrator who committed this serious crime.

Would surveillance cameras be worth implementing in Yarrow Point?  Here are some of my thoughts on the topic.



The camera system must be visible to deter criminals from entering the town. Unfortunately, this means that the esthetics of the town must be sacrificed. We have all seen the surveillance cameras as you enter Hunts Point and Medina. They are not hidden by any means. The treelike structure with cameras in all directions located in the roundabout looks almost comical [1]

Video recording and archiving must be available for law enforcement purposes. Night recording capabilities are needed so that the system can operate on a 24×7 basis.

Automated license plate reading could be available. This would help law enforcement to faster find stolen vehicles. However, during last council meeting the Clyde Hill police noted that they believed current system in Medina and Hunts Point had about 1 hour lag before the Police department got notified about stolen vehicles entering the town.



The placement of such cameras would be challenging. The obvious spot would be the roundabout on 92nd Ave. however that does not cover the entire Town. Some 27 properties (marked with a blue dot below) can be reached via Clyde Hill or from the 520 via the 84th street exit without passing the 92nd avenue roundabout. Hunts Point and Medina have a similar issue with areas such as Medina Circle and properties on Points Drive that are accessible via the 520 offramp without passing any camera. These residents must be compensated in some way.

It must be explored what other permits that are needed to place the cameras in the roundabout. The cameras would record any Clyde Hill resident using the 92nd offramp so this would be something that must be discussed with Clyde Hill.

 Residents not covered by a potential camera system in the roundabout



It is challenging to estimate the cost of a camera system like this. I have been trying to find information online from the city of Medina’s budget but it is hard to see the details. We can see that there were over $200k of funds allocated in 2012 and 2013 for “Public Safety Camera System”. This is a good indication but Medina is however a larger Town with more entry points and the cost of this type of devices has steadily gone down over the years.

My estimate would be that if Yarrow point were to implement a something in the roundabout it would probably be in the cost of at least the multiple tens of thousands of dollars, if not hundreds of thousands. On top of that there would be a significant annual fee to operate the system. Keep in mind that we are using Clyde Hill for our Police services and that they currently do not have any camera system like this. New procedures and equipment would be needed on their side as well.

The cost is perhaps high but not unreasonable, especially if compared to solving or deterring a few serious crimes.

Medina budget with line items for camera system


It is hard to tell if there is any significant benefit with a camera system. Over the years, there have been some great success stories [2]. However, one interesting thing to note is that both Clyde Hill (who also does not have Cameras) and Yarrow Point have a lower crime rate compared to Media [3].

Another thing to keep in mind is the uptick of overall video capable devices. Today, most residents have some type of alarm system with camera capabilities not to mention all photo and video capable mobile devices. This was not the case when Medina and Hunts Point implemented their systems years back.


Other than the cost for the city to operate cameras, it is certainly an invasion of privacy to get your vehicle and face photographed every time you enter Yarrow Point. It could be quite a significant number of non-residents who would be captured too, especially with a camera in the roundabout.

The esthetics of the cameras are of a concern. They will certainly look ugly and not blend in very well.

Another concern worth bringing up is the signal a camera system like this send to visitors and other non-residents. Although the main goal is security for our resident, it sends a signal that can be misinterpreted as unwelcome and that the Town wishes to be separated from the rest of our metropolitan area.


Setting up a camera system like this has both benefits and drawbacks. The town should very carefully consider the implications before making any decision.  I would like to hear more from the residents in this matter to understand if this is something that should be pursued.

Unnecessary traffic in Yarrow Point

A lot of traffic in Yarrow Point is unnecessary traffic from vehicles not knowing how to get to 520. This has gotten worse in recent days. The reason is that Clyde Hill made some changes to the traffic flow. They have problems with a lot of thru traffic on their streets during rush hours. This is because of phone apps like Waze that always scans and send traffic on the fastest route. When 520 is clogged, cutting through Clyde Hill is an option that those apps are suggesting to drivers. To tackle this, Clyde Hill recently prohibited left turn on 92nd street towards Points drive between 4 and 7 PM. This means that any car coming down 92nd street will have to go down to the Yarrow Point roundabout or further and then turn around and go back up to Clyde Hill to get to Points Drive and on to 520 westbound.

I live on 33rd street, a street that has been plagued with a lot of turn around traffic to begin with. Drivers seem to think that 33rd street is an on-ramp to 520. I can say that once Clyde Hill implemented their change I have seen more confused drivers that ever before. I see an increase both on 33rd street as well as in the roundabout. I have witnessed several cars making a full circle during those hours.

Although I empathize with Clyde Hills problem, it does not seem like a good solution to send traffic down to Yarrow Point into what is essentially just a large dead-end zone.

  • Town of Yarrow Point should work on improving the street markings in the roundabout to clarify that there is no outlet to 520 anywhere as you come in from 92nd
  • Town of Yarrow Point should work with our neighbors in Clyde Hill to make sure they consider alternatives to preventing traffic from turning left into Points Drive during rush hours.

520 lid maintenance

A lot of people have been upset about the lack of 520 lid maintenance this summer. The online forum Nextdoor had a long thread of comments on the topic. This was up for discussion last town council meeting. What I learned at the meeting was that the town teamed up with our neighbors Hunts Point, Clyde Hill and Medina and we are negotiating about the future maintenance of the lid with WSDOT. The State is willing to pay about $12,000 per acre and year to the cities for us to take over the maintenance. The Mayor said that Yarrow Point’s own estimate of the cost is $30,000 per acre. Maintenance includes taking care of the landscaping , hardscape as well as maintaining the roads. The roads might get very expensive to maintain as they will need new asphalt overlay every 15th year. The Town of Yarrow Point’s responsibility would be the entire west part of the lid including the “kiss and ride” half circle.

We need to be very careful here what we sign up for here. The mayor told me that Mercer Island took over the maintenance of their lids a few years back and they regret it now. The money they are getting from WSDOT is not covering their expenses.  My suggestion is to do nothing at this point. Let WSDOT do a sloppy job and we can all chip in to fix the landscaping and pick up trash. At least we are not signing up for any expensive overlay 15 years from now.

Town of Yarrow Point lost $50,000 due to wire fraud

Yes! you heard that right, the town lost $50,000 of Yarrow Point’s taxpayers money in August 2017. This was announced during the Thursday September 14th Town Council meeting but with very little details. Apparently, somebody sent a fake emails from the Mayor’s account that triggered two wire transfers. The Town is trying to recover some money via insurance. I’m working on getting some more information about this topic and will post it here as soon as I have them.

I have a background in IT-security and I know there are plenty of others with strong background in IT-security in Yarrow Point. And I’m sure that there are plenty of residents that would like to know what happened. If anybody would like to join me in doing an independent review of this incident, let me know. We should be able to get access to all public records surrounding this incident from the Town. I think it would be valuable to really look into how this could happen and make sure the town is taking necessary actions to prevent it in the future. email me (stephan.lagerholm@yahoo.com) or submit a comment on this post.

Town of Yarrow Point’s website

The Town’s first website was created somewhere in the beginning of 2001. It was a simple layout on a light blue background and a menu on the left. This layout remained until 2004 with just a slight change in 2003 when the menu bar on the left was improved. In April 2004, the website was taken down temporary and a new site on a beige background was launched in May of 2004. This new design featured a new menu on the left and the main picture of the town hall changed from a black and white drawing to a picture. In 2007 there was another revision and we ended up with the same web layout as we have today. The content has pretty much remained the same throughout the years. See the bottom of this post for screenshots of how the website looked like over the years.

Now 10 years later, it is time to modernize and improve the Town’s public website. Not only does the current website look old and boring but the content is stale and outdated too. I’m writing this on September 9th and the last town council meeting minutes I can find on the website is from May 9th. The last newsletter was posted is from 2015. The site does not have any search capabilities.

Thankfully, there are newer technologies that makes it much easier to run a website today without having to be an IT guru or graphical expert. Millions of websites are using a product called WordPress and they host their sites in the cloud. For example, my website that you currently are reading is provided by Godaddy for $4 per month. Something like WordPress will separate the content from the layout so that both can be updated independently of each other. It allows for multiple users to work on the content and there are built in approval workflows before something is posted on the live site.

This is an area I look forward to contributing to if elected on November 7th.



Screenshot of Yarrow Point website year 2001 to 2004

Screenshot of Yarrow Point website year 2004 to 2007

Screenshot of Yarrow Point website year 2007 to current