Technical Surveillance Counter-Measures

TSCM (Technical Surveillance Counter-Measures) is the original Unites States military abbreviation denoting the process of bug-sweeping or electronic countersurveillance. It is related to ELINT, SIGINT and Electronic countermeasures (ECM).

The United States Department of Defense defines a TSCM survey as a service provided by qualified personnel to detect the presence of technical surveillance devices and hazards and to identify technical security weaknesses that could aid in the conduct of a technical penetration of the surveyed facility. A TSCM survey will provide a professional evaluation of the facility's technical security posture and normally will consist of a thorough visual, electronic, and physical examination in and about the surveyed facility.

This definition is however lacking some of the technical scope involved. COMSEC (Communications Security), ITSEC (Information Technology Security) and physical security are also a major part of the work in the modern environment. The advent of multimedia devices and remote control technologies allow huge scope for removal of massive amounts of data in very secure environments by the staff employed within, with or without their knowledge.

Methodology

Radio Frequencies

Most bugs transmit information, whether data, video, or voice, through the air by using radio waves. The standard counter-measure for bugs of this nature is to search for such an attack with a radio frequency (RF) receiver. Lab and even field quality receivers are very expensive and a good, working knowledge of RF theory is needed to operate the equipment effectively.

Devices that do not emit radio waves

Instead of transmitting conversations, bugs may record them. Bugs that do not emit radio waves are very difficult to detect, though there are a number of options for detecting such bugs.

Very sensitive equipment could be used to look for magnetic fields, or for the characteristic electrical noise emitted by the computerized technology in digital tape recorders; however, if the place being monitored has many computers, photocopiers, or other pieces of electrical equipment installed, it may become very difficult. Older analog equipment is even more difficult to detect.

Another method is using very sensitive infrared cameras to detect waste heat of a bug, or different thermal conductivity of a place where it is hidden after briefly chilling the surface of the object with, for instance, liquid nitrogen.

Technology used

Technology used for a bug sweep includes but is not limited to:
* Multimeters for general measurements
* Time-domain reflectometer (TDR) for testing integrity of telephone lines and other communication cables
* Frequency scanner with a range of antennas and filters for checking the electromagnetic spectrum for signals that should not be there
* Oscilloscope for visualisation of signals
* Spectrum analyzer and vector signal analyzer for more advanced analysis of signals
* Nonlinear junction detector (NLJD) for detection of hidden electronics
* Portable x-ray machine for checking the inside of objects and walls.
* Computer security devices and tools for computer-related threats
* Tools for manual disassembling of objects and walls in order to visually check their content. This is the most important, most laborious, least glamorous and hence most neglected part of a check.

Cautions

* Due to the esoteric nature of the intelligence field, there are many spy shops offering both low-quality bugs and low-quality bug sweeps. Without at least rudimentary knowledge of the problematics it is easy to become victim of a scam.
* Never order a sweep from a telephone or other comm channel that can be bugged. Some bugs can be switched off remotely, which makes them even more difficult to find.
* There is a continuous spectrum of adversaries and technologies they use; from a repurposed baby monitor that can be found with a $100 scanner to the most sophisticated toys of National Security Agency operating on almost-terahertz frequencies. Every measure has a countermeasure, which usually requires an adequately expensive equipment.
* In some cases a security threat is only in the mind of the victim.
* In some countries it is illegal to tamper with bugs planted by law enforcement agencies.
* Some threats, eg. optical microphones or cavity bugs, are very difficult to find by electronics means.
* Some equipment that is not a threat on itself may exhibit microphonics.
* More sophisticated bugs, including "burst bugs" and "frequency hoppers", can defeat low-quality sweeps by shifting frequencies, storing information, and releasing information in short bursts. [cite web |url=http://tscm.onesmartpi.com |title=Technical Surveillance Counter Measures |accessdate=2008-04-13 |last=Moore |first=Denver |date=2008-04-11 |work=OneSmartPI.com |publisher=Denver B. Moore Investigations |quote=...the very latest sophisticated eavesdropping devices including "Frequency Hoppers" and "Burst Bugs" [...] are specifically designed to defeat detection by shifting frequencies, storing information and then releasing it in brief bursts.]

ee also

* Telephone tapping
* Bugs
* Espionage
* Privacy
* Military intelligence
* Communications security
* Secure telephone
* Security engineering

References

External links

* [http://www.tscm-101.com] ; TSCM Equipment
* [http://dbugman.com/handbook/index.html TSCM Handbook] ; A Valuable TSCM Reference
* [http://www.tscm.com/booksandtraining.html TSCM Measure Training] ; Gives a list of trainings and courses you need to break into the TSCM field
* [http://www.ocean-research.net/modules.php?name=Content&pa=showpage&pid=3 TSCM Products - Ocean Group] – Description of TSCM Equipment
* [http://www.tscm.org.uk ATSCP] – a non-profit association representing professionals in the European TSCM industry