Cyveillance
Cyveillance is an American cybersecurity company founded in 1997, based in Reston, Virginia. The company provides cybersecurity services including brand protection, social media monitoring and threat investigation, analysis, and response services. Its Cyveillance Intelligence Center subscription-based product monitors for information leaks; phishing and malware attacks and other online fraud schemes; sale of stolen credit and debit card numbers; threats to executives and events; counterfeiting; and trademark and brand abuse.
Formerly | Online Monitoring Services (1997-1998) |
---|---|
Industry | Information security |
Founded | 1997 |
Founders |
|
Headquarters | , United States |
Parent |
|
History
Cyveillance was founded in 1997 by Brandy Thomas, Christopher Young, Mark Bildner, and Jason Thomas. It was originally called Online Monitoring Services but was renamed in 1998 to Cyveillance.
From 1997 to 2009, Cyveillance was privately held. QinetiQ North America, a provider of information technology and engineering solutions to the U.S. government, acquired Cyveillance in May 2009.[1] In 2013 QinetiQ North America expanded the Cyveillance management team by the appointment of technical and marketing executives.[2] The acquisition was made for an initial cash consideration of $40 million.[3] Current management was also entitled to an additional $40 million at the anniversary of the closing dependent on hitting certain performance numbers.
LookingGlass Cyber Solutions purchased Cyveillance in 2015 and re-launched the brand in May 2020.[4]
In October 2020, the Baltimore-based digital risk protection company ZeroFOX acquired Cyveillance.[5]
The company's clients include the United States Secret Service, which contracts Cyveillance to search available information related to the Secret Service and its missions. Information obtained through Cyveillance is incorporated into the Protective Research Information Management System (PRISM), an existing Secret Service system.[6] The company's other clients are in the financial services, energy, technology, retail, and pharmaceutical industries, and it provides open source internet intelligence to over 400 clients, including half of the Fortune 100.
Criticisms
Criticisms of Cyveillance traffic have included the following:
- Their robots send many fake HTTP attacks which are a cover channel for deadly (accept, read, write) timeout attacks that easily disrupt Apache and IIS servers.
- They use a falsified user-agent string, usually pretending to be some version of Microsoft Internet Explorer on some version of Windows, which can throw off log analysis.
- Because they falsify their string agent and otherwise obscure their identity, (they may also appear in weblogs as PSINet), individuals may not be aware of the existence of Cyveillance and the data its collects and reports to the Secret Service.[6]
On 2 July 2014 Cyveillance sent a DMCA takedown notice to GitHub on behalf of Qualcomm which caused 116 files (and the repositories they were in) to be blocked on GitHub.[7] Some of the blocked repositories were owned by CyanogenMod, Sony Mobile and even one of Qualcomm's own repositories leading to speculation that the notices have been automatically generated and poorly checked.[8] On 5 July 2014, Qualcomm retracted all of the takedown notices, apologized and will be reviewing all the files.[9]
References
- "McLean-based QinetiQ NA closes on Cyveillance buy". Tech Journal. 7 July 2009. Retrieved 17 October 2023.
- "QinetiQ North America Expands Cyveillance Management Team with Appointment of Technical and Marketing Executives". RoboticsTomorrow. 6 November 2013. Retrieved 17 October 2023.
- "QinetiQ strengthens presence in US cyber security market through the acquisition of Cyveillance, Inc". Archived from the original on 2009-05-09. Retrieved 2009-07-10.
- Panettieri, Joe (2020-10-06). "ZeroFOX Acquires Managed Threat Intelligence Provider Cyveillance -". MSSP Alert. Retrieved 2023-09-19.
- "ZeroFOX Acquires Cyveillance, Strengthening Global Leadership in Digital Risk Protection". 6 October 2020. Retrieved 7 October 2020.
- "Privacy Impact Assessment for the U.S. Secret Service Cyber Awareness Program (Cyveillance)" (PDF). 14 December 2021. Archived from the original (PDF) on 2016-03-08. Retrieved 2016-07-29.
- "Cyveillance DMCA notice sent to GitHub". GitHub. Archived from the original on 2014-07-09.
- "Qualcomm issues DMCA takedown notices for 116 GitHub repositories – including their own". Ausdroid. 3 July 2014.
- "Qualcomm retracts DMCA takedown request and apologises to those involved". Ausdroid. 5 July 2014.
Further reading
- ACLU article: "Secret Service farms out its internet monitoring to a private British firm"
- Department of Homeland Security's Privacy Impact Statement on the United States Secret Service Cyber Awareness Program (Cyveillance)
- CNET article on Microsoft-Cyveillance partnership
- BusinessWeek corporate overview
- Who Is Cyveillance And Why Should You Care?
- Cyveillance activity on Judicial corruption site
- Corporate web abuse: The worst offenders from Cyveillance to PicScout includes Cyveillance' netblocks