Surveillance Systems, Surveillance Equipment

Surveillance Resources and Information

Surveillance Video Surveillance Surveillance Cameras Surveillance Systems Surveillance Equipment Video Surveillance Cameras Video Surveillance System Surveillance Cam Home Surveillance Wireless Surveillance Camera Remote Surveillance Counter Surveillance Audio Surveillance Digital Surveillance Surveillance Software Home Surveillance Camera Digital Video Surveillance Electronic Surveillance Video Surveillance Equipment CCTV Surveillance System Security Surveillance Spy Surveillance Equipment Home Surveillance System Wireless Surveillance Remote Video Surveillance Hidden Camera Surveillance DVR Surveillance Satellite Surveillance Video Surveillance Software Outdoor Surveillance Camera Infrared Surveillance Camera Audio Surveillance Equipment Wireless Video Surveillance Internet Surveillance Cell Phone Surveillance Surveillance Monitor Casino Surveillance Additional resources

Counter Surveillance: Protecting Your Business From Industrial Espionage

No business in today's highly competitive marketplace is safe from the threat of industrial espionage. When possible, information thieves take the easiest route to a company's information. In those situations, for example, a theif may gain authorized access as a contract employee. In other cases, an agent might enter the building as a member of the cleaning crew or gather information from employees by posing as a vendor, potential client, or headhunter. However, when these avenues have been successfully cut off, spies will turn to surveillance technology. And as surveillance technology improves and becomes more readily available, security professionals must be on the lookout for any hint that the company's proprietary information is being electronically slipped out the door. A counter surveillance action, or technical surveillance countermeasure (TSCM) sweep, can help.

While never 100 percent accurate, these highly specialized counter surveillance searches have become more effective in recent years as the counter surveillance technology used to find microphones, transmitters, and other eavesdropping devices has caught up to the sophistication level of clandestine surveillance equipment. Shopping for a qualified TSCM team can be difficult, though.

Corporate security professionals are often unfamiliar with a counter surveillance sweep and do not know how to determine whether a TSCM technician has the expertise needed to conduct a thorough counter surveillance search. In addition, a TSCM sweep can be expensive, making it difficult to justify to senior management. A typical counter surveillance sweep can cost about $250 an hour, with an additional charge of approximately $200 for each telephone that is examined.

THE TEAM. Unfortunately, no central authority certifies TSCM technicians for the commercial world. Anyone can set up shop and claim to have the counter surveillance skills and equipment to conduct a countermeasure sweep. Several private schools have been established in recent years to train specialists for this work, but these vary widely in the counter surveillance skills they teach.

The security manager should start by calling local law enforcement for a list of references. Many police departments and regional FBI offices can help private security practitioners get in touch with qualified TSCM technicians.

The security manager should check the counter surveillance technicians background and determine what, if any, counter surveillance training they have received. A background check can be conducted on the training center to see what type of material they cover and how many hours of training is required to be certified through the program.

In addition, some TSCM technicians come from the public sector and may in fact have received thorough TSCM training. The U.S. government, for example, requires its TSCM inspectors to be certified through the government-run Interagency Training Center. Although government counter surveillance inspectors cannot be hired by the commercial world while they work for the government, many open private counter surveillance businesses after retiring from the public sector.

The security manager should check with previous clients of the firm and find out if they would use the TSCM team again, whether the team found any listening devices, and what type of counter surveillance report (and recommendations) were provided after the search.

The security manager should ask the TSCM firm how many technicians they will use during the counter surveillance sweep and the specific expertise of each specialist. At a minimum, a good counter surveillance sweep will require two technicians at a time, with three or more required for larger facilities.

In addition, a good TSCM firm should have counter surveillance technicians who specialize in various aspects of the search. One technician might be good at analyzing the radio frequency spectrum while another is good at searching telephone systems for bugs or other intrusions. A TSCM sweep is complex. The security manager should be wary of someone who claims to be a jack of all trades.

THE SWEEP. The TSCM sweep is designed to detect the presence of technical surveillance devices. It should also identify security hazards or weaknesses that could leave the company vulnerable to industrial espionage.

Medium and large corporate facilities will take between four to five days to sweep. The team will usually consist of two or three technicians, each with their own counter surveillance specialty. If a counter surveillance inspection is expected to last five days or more, the team should have alternate technicians so that they can relieve each other. If team members have to perform repetitive tasks for too long, they may miss critical clues.

TSCM inspections must not become common knowledge within the company. The security manager should ensure that only a handful of people are aware that a counter surveillance sweep is scheduled. Those in the know must never discuss the sweep while in the company facility or other areas subject to inspection. If the electronic interlopers are alerted to a counter surveillance sweep, they may turn off the device, which then makes it more difficult to discover.

The inspection includes three main elements: a visual, electronic, and physical inspection. The visual and electronic inspections are, for the most part, considered "nonalerting" phases of the counter surveillance sweep because they are unlikely to tip off an eavesdropper. Certain portions of the electronic inspection and the physical inspection will be conducted in the last phase of the counter surveillance sweep because they are much more intrusive and requires the team to take "alerting" actions that could tell a good corporate spy that an inspection is underway.

Visual inspection. The visual inspection is also known as a vulnerability assessment. In this phase, the team walks through the target area and looks for possible weak points that could allow an outsider to listen to private corporate discussions.

The team talks to the security manager about existing security practices. For example, the team will want to know whether the company uses encrypted fax lines to transmit proprietary information or whether a password protection measure is used to secure voice mail systems. The team may also want to know whether the company uses Internet firewalls, has a security policy for the use of cellular telephones, or uses telephone equipment with a "hands free answer" feature - which can turn a telephone into an information-porous loudspeaker. This information helps the team determine whether the company has failed to implement basic security procedures that might make it easier for spies to access proprietary information.

The team checks the type and physical placement of company equipment, including telephones, fax machines, and computers. For example, a telephone wire that runs under a computer, even if it is not touching the machine, will act as an antenna. As proprietary information is entered into the PC, it creates electrical impulses that could travel through the telephone wire and be picked up by an eavesdropper.

Finally, the team checks the location and function of utilities, including the heating, ventilation, and air conditioning (HVAC) system. The team might check the ventilation system of the building to see whether air ducks could carry voices from the boardroom to another office in the facility where a corporate spy might be listening.

Electronic search. Once the visual inspection is completed, the team begins looking for electronic devices that may be transmitting signals (and proprietary information) to a remote listening post. The team uses counter surveillance electronic equipment designed to detect radio frequency (RF) transmitters, carrier current devices, manipulated telephones and switches, infrared devices and interferometers (transmitters that send signals to a listening post via laser beams), and microphones that transmit through copper or fiber-optic wire.

Microphones, video cameras, and other listening devices that transmit signals via RF waves can be easily purchased through the Internet or specialty magazines, mail order catalogs, books, related underground publications, and spy shops around the world. It is critical for the TSCM team to conduct an extensive search of the RF spectrum in the target area through the use of spectrum analyzers and receivers that pick up radio frequencies. The counter surveillance technician must be able to tell the difference between radio waves that belong in the target area and those that might be transmitting signals to a listening post.

A counter surveillance inspection must also include a search of the facility's power lines for "carrier current" devices - wireless intercom systems that plug into electrical outlets and transmit audio through the electrical wiring of the building. A good corporate spy can create an effective carrier current device with baby monitors, telephone extenders, and other intercom-type systems easily purchased in toy stores or other retail establishments. The technicians should use a carrier current detector, which plugs into an outlet and allows the team to analyze the energy waves present on the power line to determine whether the line is being used as a transmission device.

A counter surveillance team will usually conduct an inspection for "esoteric" devices such as infrared transmitters or interferometers (lasers). Both listening devices transmit information with the use of invisible light. TSCM equipment is currently available that allows counter surveillance sweep teams to "see" infrared light or laser beams moving through the target area. Special equipment can then be used to determine whether the infrared or laser beam is carrying information from the target area.

In addition to checking light sources, the TSCM team should check the target area with a thermal-imager to uncover any unexplained heat sources in the room that might be caused by listening devices. For example, the thermal-imager could be run over a wall. If a microphone is hidden behind the wall, it will generate a higher amount of heat in one spot on the wall.

Telephone lines and other telecommunication equipment (Internet connections and fax machines, for example) will also be searched thoroughly for listening devices. The team should have the equipment and expertise to inspect all telephone instruments, frame rooms, PBX systems, and telephone wiring. The team should be somewhat familiar with the methods hackers and "phreakers" (phone breakers) use to break into a corporate communication system. (Many of these methods are passed along from one hacker to another through social networks, the Internet, or hacker magazines such as 2600 and Blacklist.)

Searching phones is difficult because as each telephone system is checked it must be physically disconnected and tested with a telephone analyzer and an oscilloscope. This equipment tells the technicians whether the phone has been tampered with. However, a corporate spy who is monitoring telephone taps may notice that one system after another is being shut down, tipping him or her off to the search.

The counter surveillance team may also use a nonlinear junction detector (NLJD) designed to find man-made junctions, such as found with transistors or diodes. Most current models of NLJDs are adequate for the job. (The newest NLJD products should be on the market before year's end.)

Physical inspection. The last part of the site inspection incorporates a thorough physical search of furniture, wire and cable runs, equipment connections, false ceilings, computer flooring, and the HVAC system within the target facility. This search helps ensure that the team finds listening devices that may have been turned off by the intruders and thus missed during the electronic search. Because a physical search is the hardest part of the process to conduct covertly, it should be done only after the visual and electronic sweep have been completed.

X-ray machines are a valuable tool during this phase. X-ray equipment may be used to determine any anomalies in equipment or furniture before disassembling them.

Taking x-rays of materials used to require much time and film to get the right shot. With the introduction of a new back-plane that allows the x-rays to be collected and sent as a digital representation to a PC, this time factor has been cut down to seconds per shot.

The TSCM counter surveillance team must take safety precautions when using any counter surveillance equipment that emits high intensity energy. This equipment should only be used when employees have left for the day.

REPORT. When the inspection is completed, the TSCM team should conduct a thorough "out-brief," or report, for the security manager and other top executives. The report identifies the vulnerable locations, targeted areas, or recovered devices. A meeting to discuss the findings should include a discussion of concise, workable recommendations and the benefits and costs for the facility. For continued security reasons, the meeting should be held away from the facility where the TSCM inspection was conducted.

EMPLOYEE TRAINING. The TSCM should be only one of the measures management uses to protect the company against industrial espionage. Equally important is awareness training for security staff, other executives, department heads, and other employees.

The education process should include much more than a long-forgotten nondisclosure/noncompete agreement or some dusty policy about information protection. Security education for the protection of information must be constant and meaningful.

In addition, the security manager should keep in close contact with supervisors in the information systems and telecommunications departments. It's important for the security manager to know, for example, if an executive has been given remote access to the company's computer system that could leave it open to hackers.

TSCM inspections are no guarantee of information protection. But when combined with proper security measures, they can make the difference between a close call and a porous wall the next time a would-be spy targets corporate data.

Disclaimer: The information provided on this website is for general discussion of matters of interest only. The owners of this site do not represent that the information contained herein is accurate, verified, current, comprehensive, or complete. For this reason, you should neither rely nor act upon any of the information contained in these pages and, if you do so, it will be entirely at your own risk. In no event will the owners of this site, their related partnerships or corporations, or the partners, agents or employees thereof be liable to you or anyone else for any decision made or action taken in reliance on the information in this site.

Email: info@surveillance-source.com