Technical surveillance is widely thought of as the stuff of spy novels and James Bond movies. Listening devices are cleverly concealed in a shoe or a lamp, video cameras hidden behind a mirror or in a lapel pin. And while that’s thrilling to the popcorn-eating crowd, organizations and government agencies know that security breaches caused by technical surveillance can be devastating to an operation. Pinkerton Director Steve Ringhofer provides insight regarding a hot trend in security right now: Technical Surveillance Countermeasures (TSCM).
What are technical surveillance countermeasures?
Simply, TSCM is a sweep of an office, boardroom, vehicle, or other facilities in an attempt to discover devices or bugs that can hear, see, or record what is going on. Using technology and manpower, security personnel investigate a space thoroughly. Many companies realize that TSCM is an important tool to ensure the protection of vital information.
“More companies are asking us about TSCM than I’ve ever experienced before,” Ringhofer says. “It’s mostly because of education. They see stories all the time about private company information getting out to the public. They want to make sure that they cover all their bases when it comes to protecting their information from competitors or those who might be looking to harm the company in some way.”
There are many reasons why a surveillance device might be used against a company or other entity, most commonly to obtain competitive information about new products or for mergers and acquisitions. And while to most organizations it seems far-fetched that anyone would practice such tactics, that laissez-faire attitude is quite misguided.
A 2016 study by two European researchers looked at industrial espionage by East Germany against West Germany and found that the tactics were significantly more beneficial than traditional research and development. Financial and board meeting details, including staffing information, are also desired enough by rivals that they could resort to espionage tactics. (Read more about Technical Surveillance Countermeasures to Prevent Corporate Espionage.)
Common misconceptions about surveillance
Companies have several misconceptions about technical surveillance, which can lead to a “that couldn’t happen to us” attitude. Many believe that it is far too expensive and complex to be considered by competitors or other entities.
“Today, it’s very easy and quite cheap for anyone who wants to bug your facility,” explains Ringhofer. “Go on eBay or Google and you’ll find devices that cost about $10 that can be concealed easily. Recently, I saw a device that looked exactly like a smartphone charging cube, and yet it was a voice-activated listening device that would likely go undetected by people in the room.”
Surveillance equipment is keeping pace with technological advancements, making it easier and more effective than ever. A quick search on eBay backs up Ringhofer’s claim with more than 500 listening devices listed for less than $20 and more than 16,000 video security cameras within that same budget.
Technical surveillance market trends
The emerging trend is the availability of cheap disposable computing power. These devices run simple ARM processors and a Linux kernel and possess extreme modularity for microphones, SD storage, network-attached storage (NAS), Wi-Fi, Bluetooth, and powerline transmission. Due to the way these devices operate, they possess the best traits of non-radio frequency emitting devices and cellular devices of today.
Ringhofer also explains that a misconception about technical surveillance countermeasures is that they are a catch-all for anything technology-based that you want to find.
“Many people think TSCM can identify vulnerabilities in an IT Network. Ultimately, TSCM should supplement an IT network security assessment or network penetration testing, but a TSCM sweep is not the same as an IT network security assessment or network penetration test.”
He also stresses that relying too much on technology can result in devices and bugs being missed.
“In the past several years, with the adoption of inexpensive and readily available LED light bulbs, the ability to modulate the bulbs light and convert it into a surveillance device has been used in Europe for some time and has emerged in North America,” he said. “Currently, there is no readily available TSCM equipment available to combat this threat, and the only way to mitigate the concern is through the removal of the bulbs and/or the use of incandescent or fluorescent bulbs. You have to have a trained, experienced security professional who knows that in the room or your sweep effort is for naught.”
TSCM methods and your comprehensive security plan
Pinkerton takes a holistic view of security, so technical surveillance countermeasures are just one method and technique that helps a company create a plan to minimize risks.
“Prior to any sweep, a general understanding of why the sweep is being requested is important,” said Ringhofer, who has directed Pinkerton’s TSCM team since 2014. “During this discovery phase, Pinkerton will determine if a TSCM sweep is advisable or if another solution would be more effective. It could be that the request triggers a look at other security issues that reveal a larger potential breach.”
A TSCM effort takes time, patience, and discipline, according to Ringhofer, and should not end with the completion of a sweep.
“You have to have a plan and stick to it if you are going to do a sweep. You can’t be distracted, or you will miss something. Discipline and training are key. You have to know what to look for while also investigating everything, even if you think it’s something like a false reading on your countermeasure device. But then you have to be ready after the sweep is complete. I’ve experienced situations where we completed a sweep, but the company had no plan for securing the room or facility until the meeting or event takes place. A very real scenario is that a maintenance, cleaning, or catering person could be coerced into placing a device after the sweep.”
Surveillance methods and techniques will continue to advance. TCSM will, too. Staying one step ahead so that organizations can have peace of mind when conducting important business is a critical goal of our TCSM service line. Because you just never know who’s listening!
This post was originally published February 20, 2017 and has been updated.