Jump to content

Tiversa

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 63.155.125.7 (talk) at 02:07, 5 August 2020 (changed "unreliability" to "reliability" so that the sentence makes sense in context). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Tiversa is an American cybersecurity firm headquartered in Pittsburgh, Pennsylvania. It was founded by a retired chiropractor and real estate entrepreneur named Robert Boback in 2004.[1] The company specialized in trawling the deep web, investigating peer to peer networks, and helping businesses counteract data breaches and other cybersecurity risks. Its main product was EagleVision X1, a piece of software that monitored the deep web -- the parts of the Internet that are not easily accessible to general browsers, such as peer-to-peer networks -- for sensitive data.[2]

History

Before entering the cybersecurity field, Boback was a chiropractor and real estate entrepreneur.[2][1] He started Tiversa in 2004 as a two-person shop. Tiversa quickly obtained a high-profile board of advisers, including Maynard Webb (former eBay executive and chairman of Yahoo), Howard Schmidt (Obama-era cybersecurity chief), and Wesley Clark (former Supreme Allied Commander of NATO).[2]

Marine One hack

In 2009, Tiversa claimed to have discovered a major security breach involving then-President Barack Obama's helicopter, Marine One. The breach involved the leak to Iran of sensitive procurement information about the helicopter as well as the helicopter's blueprints. According to Tiversa's CEO, the breach was caused by a defense contractor employee whose daughter downloaded a peer-to-peer file-sharing client onto a disused laptop which contained the sensitive materials.[3] This discovery made national news, but a whistleblower later claimed that the Iranian hack was actually fabricated by Tiversa employees.[4][1] Boback, the CEO of Tiversa, denied the allegation.

LabMD scandal

In May 2008, a Tiversa executive contacted LabMD (a urology testing laboratory) claiming to have discovered evidence of a major data breach and offered to sell LabMD monitoring services to counteract the breach.[1] When the head of LabMD declined to purchase the monitoring services, Tiversa allegedly leaked information about the breach to the U.S. Federal Trade Commission, which pursues cybersecurity issues. The FTC launched a probe into LabMD's practices under section 5 of the Federal Trade Commission Act in 2010, which evolved into a formal administrative complaint in 2013. LabMD's revenues fell and the business itself collapsed in 2014 due to the costs of litigating the case. However, in November 2014, an administrative law judge threw out the complaint against LabMD, citing a lack of reliability in the evidence provided by Tiversa to the FTC. This stemmed from a whistleblower complaint by a former Tiversa employee, Richard Wallace, who claimed that he was the one who breached LabMD's systems and that LabMD's data was never leaked outside of its network. He also alleged that Tiversa was responsible for the FTC complaint against LabMD, which was made in retaliation for LabMD's refusal to purchase Tiversa's monitoring services.[1]

Federal probe

Following Wallace's whistleblower complaint, the federal government began probing Tiversa under allegations that it deliberately provided false information about data breaches to the FTC to retaliate against companies that declined to purchase its data protection services. The Department of Justice launched a criminal investigation in 2015 following the whistleblower complaint and the FTC also launched a probe of whether Tiversa had lied about any among the 80 companies that it had reported to them.[5]

Acquisition by Kroll Inc.

In June 2017, Tiversa was acquired by Kroll Inc. and its employees were hired to maintain the Tiversa investigation systems. In January 2019, the system was still operational and a person in England reported via Twitter: “Care to tell me why you are snooping my I.P. address?.[2]

Prominent clients

References

  1. ^ a b c d e Lawrence, Dune (April 25, 2016). "A Leak Wounded This Company. Fighting the Feds Finished It Off". Bloomberg. online. Retrieved October 31, 2019.
  2. ^ a b c d e f g h Khatchadourian, Raffi (October 28, 2019). "A cybersecurity firm's sharp rise and stunning collapse". The New Yorker. online. Retrieved October 31, 2019.
  3. ^ "Report: Obama helicopter security breached". NBC News. online. March 1, 2009. Retrieved October 30, 2019.
  4. ^ Pagliery, Jose (May 7, 2015). "Whistleblower accused cybersecurity company of exorting clients". CNN. online. Retrieved October 31, 2019.
  5. ^ Schectman, Joel (March 17, 2016). "Exclusive: DOJ probes allegations that Tiversa lied to FTC about data breaches". Reuters. online. Retrieved October 31, 2019.