Cyveillance is a company involved in the cyber intelligence industry. Cyveillance uses a propriety technology platform and support from expert analysts to identify risks early for effective prevention and mitigation.
The company’s subscription-based product, the Cyveillance Intelligence Center, is a hosted solution. Companies hire Cyveillance to monitor for Internet risks such as information leaks; phishing and malware attacks and other online fraud schemes; sale of stolen credit and debit card numbers; threats to executives and events; counterfeiting; and trademark and brand abuse.
The United States Secret Service contracts Cyveillance to search available information related to the Secret Service and its missions. Information obtained through Cyveillance is incorporated into the Protective Research Information Management System PRISM (surveillance program), an existing Secret Service system.
Cyveillance was bought in May 2009 by the UK firm QinetiQ for an initial cash consideration of $40 million. Current management was also entitled to an additional $40 million at the anniversary of the closing dependent on hitting certain performance numbers.
Cyveillance's clients include firms from the financial services, energy, technology, retail, and pharmaceutical industries. Cyveillance provides open source internet intelligence to over 400 clients, including half of the Fortune 100.
Cyveillance was founded in 1997 by Brandy Thomas, Christopher Young, Mark Bildner, and Jason Thomas. It was originally called Online Monitoring Services but was renamed in 1998 to Cyveillance. From 1997 to 2009, Cyveillance was privately held until QinetiQ North America, a provider of information technology and engineering solutions to the U.S. government, acquired Cyveillance in May 2009. In 2013 QinetiQ North America expanded the Cyveillance management team with appointment of technical and marketing executives.
QinetiQ Senior Management:
- Leo Quinn, Chief Executive Officer.
Cyveillance Management Team:
- Scott Kaine, President.
- James Carnall, Vice President, Cyber Intelligence Division.
- Doug Dangremond, Vice President, Sales.
- Michael Mullen, Vice President, Security Services
- Chris O'Ferrell, Chief Technical Officer.
- Eric Olson, Vice President of Product Strategy.
- Joan Schwartz, Vice President, Human Resources
- Tempy Wright, Vice President of Marketing and Communications.
Numerous websites have complained about Cyveillance's traffic for the following reasons:
- Their robots access many pages, and thus use a comparatively large amount of bandwidth.
- Their robots send many fake HTTP attacks which are a cover channel for deadly (accept, read, write) timeout attacks which easily disrupt Apache and IIS servers.
- They ignore the robots.txt exclusion standard, which specifies pages that should not be accessed by robots.
- They use a falsified user-agent string, usually pretending to be some version of Microsoft Internet Explorer on some version of Windows, which is deceptive and can throw off log analysis. (Interestingly, this is one way to identify the crawler, as it often lists 'Windows XP' in the user-agent. A real Windows XP system actually identifies itself as 'Windows NT 5.1'. This method should not be depended on for positive identification, however, as Cyveillance has been known to change its user-agent strings from time to time. It actually has changed it to "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2)", and "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)" has also been seen. Ironically, although Cyveillance is in the business of protecting the intellectual property of its clients, its falsified user-agent string could be violating one or more trademarks.) Below is a sample of an actual Apache HTTP Server log file sample showing IP address that belongs to Cyveillance, and faked User-Agent browser identification string:
126.96.36.199 - - [05/Jan/2013:17:31:19 -0500] "GET / HTTP/1.1" 200 6163 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2)" 188.8.131.52 - - [05/Jan/2013:17:31:19 -0500] "GET /styles.css HTTP/1.1" 200 5092 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2)"
- The company does not always respond to cease and desist letters.
- Because they falsify their string agent and otherwise obscure their identity, (they may also appear in weblogs as PSINet), Individuals may not be aware of the existence of Cyveillance and the data its collects and reports to the Secret Service.
- Cyveillance company website
- ACLU article: "Secret Service farms out its internet monitoring to a private British firm"
- Department of Homeland Security's Privacy Impact Statement on the United States Secret Service Cyber Awareness Program (Cyveillance)
- CNET article on Microsoft-Cyveillance partnership
- EWeek article on Intersections-Cyveillance partnership
- BusinessWeek corporate overview
- BusinessWeek article
- Chris Gulker - What to think about Cyveillance?
- Who Is Cyveillance And Why Should You Care?
- Cyveillance activity on Judicial corruption site
- Corporate web abuse: The worst offenders from Cyveillance to PicScout includes Cyveillance' netblocks
- "Cyveillance in Action." Cyveillance Blog The Cyber Intelligence Blog RSS. N.p., n.d. Web. 27 June 2013. <https://www.cyveillance.com/web/corporate/>.
- ["McLean-based QinetiQ NA Closes on Cyveillance Buy | TechJournal." TechJournal RSS. N.p., 7 July 2009. Web. <http://www.techjournal.org/2009/07/mclean-based-qinetiq-na-closes-on-cyveillance-buy/>.]
- ["Sponsors." QinetiQ North America Expands Cyveillance Management Team with Appointment of Technical and Marketing Executives. N.p., 6 June 2013. Web. <http://roboticstomorrow.com/news/2013/06/11/qinetiq- north-america-expands-cyveillance-management-team-with-appointment- of-technical-and-marketing-executives/21868>.]
- "Our Senior Management." Our Senior Management. N.p., n.d. Web. 09 July 2013. <http://www.qinetiq.com/about/leadership/Pages/senior-management.aspx>.
- "Cyveillance Management Team." Cyveillance Blog The Cyber Intelligence Blog RSS. N.p., n.d. Web. 09 July 2013. <https://www.cyveillance.com/web/corporate/mgt_team.php>.