Cyveillance

Cyveillance is an American cybersecurity company founded in 1997, based in Reston, Virginia. The company provides cybersecurity services including brand protection, social media monitoring and threat investigation, analysis, and response services. Its Cyveillance Intelligence Center subscription-based product monitors for information leaks; phishing and malware attacks and other online fraud schemes; sale of stolen credit and debit card numbers; threats to executives and events; counterfeiting; and trademark and brand abuse.

History

Cyveillance was founded in 1997 by Brandy Thomas, Christopher Young, Mark Bildner, and Jason Thomas. It was originally called Online Monitoring Services but was renamed in 1998 to Cyveillance.

From 1997 to 2009, Cyveillance was privately held. QinetiQ North America, a provider of information technology and engineering solutions to the U.S. government, acquired Cyveillance in May 2009. In 2013 QinetiQ North America expanded the Cyveillance management team by the appointment of technical and marketing executives. The acquisition was made for an initial cash consideration of $40 million. Current management was also entitled to an additional $40 million at the anniversary of the closing dependent on hitting certain performance numbers.

LookingGlass Cyber Solutions purchased Cyveillance in 2015 and re-launched the brand in May 2020.

In October 2020, the Baltimore-based digital risk protection company ZeroFOX acquired Cyveillance.

The company's clients include the United States Secret Service, which contracts Cyveillance to search available information related to the Secret Service and its missions. Information obtained through Cyveillance is incorporated into the Protective Research Information Management System (PRISM), an existing Secret Service system. The company's other clients are in the financial services, energy, technology, retail, and pharmaceutical industries, and it provides open source internet intelligence to over 400 clients, including half of the Fortune 100.

Criticisms

Criticisms of Cyveillance traffic have included the following:
# Their robots send many fake HTTP attacks which are a cover channel for deadly (accept, read, write) timeout attacks that easily disrupt Apache and IIS servers.
# They use a falsified user-agent string, usually pretending to be some version of Microsoft Internet Explorer on some version of Windows, which can throw off log analysis.
# Because they falsify their string agent and otherwise obscure their identity, (they may also appear in weblogs as PSINet), individuals may not be aware of the existence of Cyveillance and the data its collects and reports to the Secret Service.
On 2 July 2014 Cyveillance sent a DMCA takedown notice to GitHub on behalf of Qualcomm which caused 116 files (and the repositories they were in) to be blocked on GitHub. Some of the blocked repositories were owned by CyanogenMod, Sony Mobile and even one of Qualcomm's own repositories leading to speculation that the notices have been automatically generated and poorly checked. On 5 July 2014, Qualcomm retracted all of the takedown notices, apologized and will be reviewing all the files.

References

Further reading

ACLU article: "Secret Service farms out its internet monitoring to a private British firm"

Department of Homeland Security's Privacy Impact Statement on the United States Secret Service Cyber Awareness Program (Cyveillance)



BusinessWeek corporate overview

Who Is Cyveillance And Why Should You Care?




includes Cyveillance' netblocks

External links

Official website

{{Qinetiq

Computer security companies
Companies based in Fairfax County, Virginia
Qinetiq
2009 mergers and acquisitions
American subsidiaries of foreign companies