Technical surveillance is widely thought of as the stuff of spy novels and James Bond movies. Listening devices are cleverly concealed in a shoe or a lamp, video cameras hidden behind a mirror or in a lapel pin. And while that’s thrilling to the popcorn-eating crowd, companies and governments know that security breaches caused by technical surveillance can be devastating to an operation. Pinkertons Scott Spencer and Steve Ringhofer provide their insight regarding a hot trend in security right now: Technical Surveillance Countermeasures (TSCM).
Simply, TSCM is a sweep of an office, boardroom, vehicle or other facilities in an attempt to discover devices or bugs that can hear, see or record what is going on. Using technology and manpower, security personnel investigate a space thoroughly. Many companies have become aware that using TSCM are an important way to ensure the protection of vital information such as new product specifications or merger/acquisition discussions.
“More companies are asking us about TSCM than I’ve ever experienced before,” Ringhofer says. “It’s mostly because of education. They see stories all the time about private company information getting out to the public. They want to make sure that they cover all their bases when it comes to protecting their information from competitors or those who might be looking to harm the company in some way.”
There are many reasons why a surveillance device might be used against a company or other entity. Most common is obtaining competitive information. A 2016 study by two European researchers looked at industrial espionage by East Germany against West Germany and found that the tactics were significantly more beneficial than normal research and development. Mergers and acquisition information, financial details and timing are also strongly enough desired by outsiders that they could resort to surveillance methods. Board meeting details, including staffing information, are also ripe for espionage tactics.
And while to most companies it seems far-fetched that anyone would practice such tactics, that laissez-faire attitude is quite misguided.
Companies have several misconceptions about technical surveillance, which can lead to a “that couldn’t happen to us” attitude. One of them is that it is far too expensive and complex to be considered by competitors or other entities.
“Today, it’s very easy and quite cheap for anyone who wants to bug your facility,” explains Ringhofer. “Go on eBay or Google and you’ll find devices that are about $10 that can be concealed easily. Recently, I saw a device that looked exactly like a smart phone charging cube, and yet it was a voice-activated listening device that would likely go undetected by people in the room.”
A quick look on eBay backs up Ringhofer’s claim with more than 125 listening devices listed for less than $10 and nearly 400 video security cameras within that budget.
Spencer goes on further to explain that surveillance is keeping pace with technology advancements, making it easier and more effective than ever. “The emerging trend is the availability of cheap disposable computing power, similar to a Raspberry Pi. These devices run simple ARM processors, a Linux kernel, possess extreme modularity for microphones, SD storage, network attached storage (NAS), Wi-Fi, Bluetooth and powerline transmission. Due to the way these devices operate, they possess the best traits of non-radio frequency emitting devices and cellular devices of today.”
Spencer also explains that a misconception about technical surveillance countermeasures is that they are a catch-all for anything technology-based that you want to find. “Many people think TSCM can identify vulnerabilities in an IT Network. Ultimately, TSCM should supplement an IT network security assessment or network penetration testing, but a TSCM sweep is not the same as an IT network security assessment or network penetration test.”
He also stresses that relying too much on technology can result in devices and bugs being missed.
“In the past several years, with the adoption of inexpensive and readily available LED light bulbs, the ability to modulate the bulbs light and convert it into a surveillance device has been used in Europe for some time, and is beginning to emerge in North America. Currently, there is no readily available TSCM equipment available to combat this threat, and the only way to mitigate the concern is through the removal of the bulbs and/or the use of incandescent or fluorescent bulbs. You have to have a trained, experienced security professional who knows that in the room or your sweep effort is for naught.”
Pinkerton takes a holistic view of security so, technical surveillance countermeasures are just one method and technique that helps a company create a plan to minimize risks. “Prior to any sweep, a general understanding of why the sweep is being requested is important,” says Spencer. “During this discovery phase, Pinkerton will make the determination if a TSCM sweep is advisable or another solution would be more effective. It could be that the request triggers a look at other security issues that reveal a larger potential breach.”
A TSCM effort takes time, patience and discipline, according to Ringhofer, and should not end with the completion of a sweep. “You have to have a plan and stick to it if you are going to do a sweep. You can’t be distracted or you will miss something. Discipline and training are key. You have to know what to look for while also investigating everything even if you think it’s something like a false reading on your countermeasure device.
But then you have to be ready after the sweep is complete. Many times I’ve experienced situations where we completed a sweep but the company had no plan for securing the room or facility until the meeting or event takes place. A very real scenario is that a maintenance, cleaning or catering person could be coerced into placing a device after the sweep.”
Surveillance methods and techniques will continue to advance. TCSM will, too. Staying one step ahead so that companies can have peace of mind when conducting important business is a critical goal of our TCSM service line. Because you just never know who’s listening!Tweet