Cyveillance
Cyveillance is a company involved in the cyber intelligence industry. Cyveillance uses a proprietary technology platform and human analysts to identify risks early for prevention and mitigation.[1]
Background
Cyveillance was founded in 1997, and is based in Reston, Virginia, United States.
The company’s subscription-based product, the Cyveillance Intelligence Center, is a hosted solution. Companies hire Cyveillance to monitor for Internet risks such as information leaks; phishing and malware attacks and other online fraud schemes; sale of stolen credit and debit card numbers; threats to executives and events; counterfeiting; and trademark and brand abuse.
The United States Secret Service contracts Cyveillance to search available information related to the Secret Service and its missions. Information obtained through Cyveillance is incorporated into the Protective Research Information Management System PRISM (surveillance program), an existing Secret Service system.[2]
Cyveillance was bought in May 2009 by the UK firm QinetiQ for an initial cash consideration of $40 million.[3] Current management was also entitled to an additional $40 million at the anniversary of the closing dependent on hitting certain performance numbers.
Cyveillance's clients include firms from the financial services, energy, technology, retail, and pharmaceutical industries. Cyveillance provides open source internet intelligence to over 400 clients, including half of the Fortune 100.
Timeline
Cyveillance was founded in 1997 by Brandy Thomas, Christopher Young, Mark Bildner, and Jason Thomas. It was originally called Online Monitoring Services but was renamed in 1998 to Cyveillance. From 1997 to 2009, Cyveillance was privately held until QinetiQ North America, a provider of information technology and engineering solutions to the U.S. government, acquired Cyveillance in May 2009.[4] In 2013 QinetiQ North America expanded the Cyveillance management team with appointment of technical and marketing executives.[5]
Management
QinetiQ Senior Management:
- Leo Quinn, Chief Executive Officer.[6]
Cyveillance Management Team:
- Scott Kaine, President.[7]
- James Carnall, Vice President, Cyber Intelligence Division.[7]
- Doug Dangremond, Vice President, Sales.[7]
- Michael Mullen, Vice President, Security Services[7]
- Chris O'Ferrell, Chief Technical Officer.[7]
- Eric Olson, Vice President of Product Strategy.[7]
- Joan Schwartz, Vice President, Human Resources[7]
- Tempy Wright, Vice President of Marketing and Communications.[7]
Criticisms
Numerous websites have complained about Cyveillance's traffic for the following reasons:
- Their robots access many pages, and thus use a comparatively large amount of bandwidth.
- Their robots send many fake HTTP attacks which are a cover channel for deadly (accept, read, write) timeout attacks which easily disrupt Apache and IIS servers.
- They ignore the robots.txt exclusion standard, which specifies pages that should not be accessed by robots.
- They use a falsified user-agent string, usually pretending to be some version of Microsoft Internet Explorer on some version of Windows, which is deceptive and can throw off log analysis. (Interestingly, this is one way to identify the crawler, as it often lists 'Windows XP' in the user-agent. A real Windows XP system actually identifies itself as 'Windows NT 5.1'. This method should not be depended on for positive identification, however, as Cyveillance has been known to change its user-agent strings from time to time. It actually has changed it to "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2)", and "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)" has also been seen.) Below is a sample of an actual Apache HTTP Server log file sample showing IP address that belongs to Cyveillance, and faked User-Agent browser identification string:
38.100.21.65 - - [05/Jan/2013:17:31:19 -0500] "GET / HTTP/1.1" 200 6163 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2)"
38.100.21.65 - - [05/Jan/2013:17:31:19 -0500] "GET /styles.css HTTP/1.1" 200 5092 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2)"
- The company does not always respond to cease and desist letters.
- Because they falsify their string agent and otherwise obscure their identity, (they may also appear in weblogs as PSINet), Individuals may not be aware of the existence of Cyveillance and the data its collects and reports to the Secret Service.[2]
On 2 July 2014 Cyveillance sent a DMCA takedown notice to GitHub on behalf of Qualcomm which caused 116 files (and the repositories they were in) to be blocked on GitHub.[8] Some of the blocked repositories were owned by CyanogenMod, Sony Mobile and even one of Qualcomms own repositories leading to speculation that the notices have been automatically generated and poorly checked.[9] On 5 July 2014 Qualcomm retracted all of the takedown notices, apologized and will be reviewing all the files.[10]
External links
- Cyveillance company website
- ACLU article: "Secret Service farms out its internet monitoring to a private British firm"
- Department of Homeland Security's Privacy Impact Statement on the United States Secret Service Cyber Awareness Program (Cyveillance)
- CNET article on Microsoft-Cyveillance partnership
- EWeek article on Intersections-Cyveillance partnership
- BusinessWeek corporate overview
- BusinessWeek article
- Chris Gulker - What to think about Cyveillance?
- Who Is Cyveillance And Why Should You Care?
- Cyveillance activity on Judicial corruption site
- Corporate web abuse: The worst offenders from Cyveillance to PicScout includes Cyveillance' netblocks
References
- ↑ "Cyveillance in Action." Cyveillance Blog The Cyber Intelligence Blog RSS. N.p., n.d. Web. 27 June 2013. <https://www.cyveillance.com/web/corporate/>.
- 1 2 http://www.dhs.gov/sites/default/files/publications/privacy/PIAs/dhsprivacy_pia_usss_cyveillance_12272012.pdf
- ↑
- ↑ ["McLean-based QinetiQ NA Closes on Cyveillance Buy | TechJournal." TechJournal RSS. N.p., 7 July 2009. Web. <http://www.techjournal.org/2009/07/mclean-based-qinetiq-na-closes-on-cyveillance-buy/>.]
- ↑ ["Sponsors." QinetiQ North America Expands Cyveillance Management Team with Appointment of Technical and Marketing Executives. N.p., 6 June 2013. Web. <http://roboticstomorrow.com/news/2013/06/11/qinetiq- north-america-expands-cyveillance-management-team-with-appointment- of-technical-and-marketing-executives/21868>.]
- ↑ "Our Senior Management." Our Senior Management. N.p., n.d. Web. 09 July 2013. <http://www.qinetiq.com/about/leadership/Pages/senior-management.aspx>.
- 1 2 3 4 5 6 7 8 "Cyveillance Management Team." Cyveillance Blog The Cyber Intelligence Blog RSS. N.p., n.d. Web. 09 July 2013. <https://www.cyveillance.com/web/corporate/mgt_team.php>.
- ↑ "Cyveillance DMCA notice sent to GitHub".
- ↑ "Qualcomm issues DMCA takedown notices for 116 GitHub repositories – including their own". Ausdroid.
- ↑ "Qualcomm retracts DMCA takedown request and apologises to those involved". Ausdroid.
|