Threats

Modern surveillance technologies are highly discreet, highly capable and very difficult to locate; they are often able to evade the methods of traditional TSCM sweeps. Devices which only transmit in short infrequent bursts or are 'hidden' close to a high power signal are just a couple of examples of how eavesdropping devices can be placed to avoid detection by your sweep teams.

Video surveillance

Video may be gathered for any number of reasons. For example, identifying people, observing security measures, capturing passwords on air gapped devices or for use as leverage in blackmail or social engineering.

Data exfiltration

Data may be targeted by interception keystrokes or installation of devices that give remote ‘at desk’ access to a compromised computer, allowing for transmission of files, network alteration or data destruction.

Audio surveillance

Audio intelligence can reveal a lot of information in a short time. It is generally immediate and context based. Audio eavesdropping is not just limited to the transmission or buffer-transmission of sound files. Modern devices allow for speech recognition meaning only small text files need to be transmitted, very quickly, and at intervals which may be weeks, or longer.

Wireless Advanced Persistent Threats

The idea of an Advanced Persistent Threat (APT) is by no means a new one. An APT is the infiltration of networking systems by a specific threat actor over a sustained period of time. This type of attack originates chiefly from state sponsored, or high end entities and is designed to extract information slowly and carefully without detection and with minimal risk of exposure. APT can make use of social conditioning tactics or supply chain vulnerability for example to gain a foothold into internal systems and security. The wireless vector takes advantage of unsecured wireless communications to exfiltrate data. This could be "war-driving" passing Bluetooth devices, exploiting WiFi networks, or using a custom frequency range to connect with the threat actor.

Download a brochure