TSCM – Technical Surveillance Counter Measures
The threats are real
The quest for illicit intelligence is a never-ending threat; from criminals trying to obtain information for financial gain, to sophisticated state-sponsored adversaries looking for political and military gains. While we do not always know what kind of threats are around us, a robust security policy encompassing physical security, cyber security and protection from electronic surveillance is needed to ensure secrets remain secret. The security of your building, your Sensitive Compartmented Information Facility (SCIF), your private conversations, your plans and secrets can all be compromised by small, inexpensive surveillance devices (GSM bugging devices are available today from well-known online retailers for less than $50).
Devices can be difficult to locate
Modern surveillance technologies are highly discreet, highly capable and very difficult to locate. Even the smallest device can pack a considerable amount of technology. These devices can be integrated into USB cables, light bulbs or any number of other common objects. When not in use, such a device can lie dormant. If connected to a mobile network, it may only need to “shake hands” momentarily once every 8 hours (network defined); at other times it remains RF invisible.
Without good OPSEC (Operational Security), undetected RF surveillance and data transmissions can allow an adversary to:
- Conduct ISR operations against the organization
- Collect and disclose classified information
- Hijack critical C2 signals that can cause loss of finances, assets, or even life
- Obtain money and financial data
- Compromise law enforcement and intelligence agency operations
Beyond bug sweeping
The traditional approach to detecting electronic surveillance devices (or bugs) is to use a hand-held bug sweeping tool. This tool is moved through a room to scan for the presence of a bug. However, bugs are often able to evade these sweeps. Devices that only transmit in short, infrequent bursts or frequency hop, or devices that are “hidden” close to a high-power signal are just a few of examples of how eavesdropping devices can avoid detection by sweep teams. And of course, a device can be switched off during a sweep or placed after a sweep is conducted.
To provide complete assurance against RF surveillance, there is a need for continuous real-time TSCM in the form of an In-Place Monitoring System. This is where the RFeye Guard system comes in.
In-place monitoring system
The RFeye Guard continuous TSCM monitoring system is a cost-effective alternative to bug sweeping strategies with guaranteed detection 24 hours, 365 days a year. RFeye Guard continuously monitors the RF environment to instantly detect suspect signals in real time. Even if a device transmits at 2am for less than a second, RFeye Guard will be able to detect it.
Fast sweep speeds and exceptionally low noise figures allow our RFeye sensors to detect even the lowest-power and shortest-duration signals. These intelligent sensors, combined with the Guard software suite, operate autonomously and when a signal is detected, the RFeye Guard system can provide a real-time alert and location to a security guard.
Secure facilities & SCIFs
When matters of state and national security are being discussed, secrets need to remain secret. Often, these discussions will take place in a Sensitive Compartmented Information Facility (SCIF). A SCIF is an enclosed area (could be a room or an entire building) that is designed to protect occupants from surveillance. They are acoustically and electronically shielded and often guarded. Electronic devices such as phones or laptops are not permitted in these areas and have to be left outside.
Why In-Place Monitoring?
If a phone or surveillance device was taken into a SCIF, by accident or maliciously, a previous TSCM sweep wouldn’t be effective. Security breaches need to be picked up the instant they happen, not hours or days later. An in-place monitoring system like RFeye Guard would be able to detect any device transmitting inside the SCIF the instance it happened, regardless of whether the device was brought in before or during the meeting. With RFeye Guard the security team can be immediately alerted, and the exact room the security breach occured pinpointed. The meeting could be stopped before conversations are potentially compromised.
Companies win commercial business through their employees’ ability to talk, develop, design and plan. From board rooms to engineering labs, critical tactical and strategic decisions are made and discussed in great detail. This is why, in modern business, security has to be a key area of focus. We are all familiar with the need for network security to keep intrusions out, which is perhaps why so many security breaches take place inside the organization.
Why In-Place Monitoring?
With IP crime related to theft of trade secrets costing the US economy alone $180 billion a year, there is a growing need for organizations to protect themselves against state-sponsored and competitor-instigated industrial espionage.
In a busy work environment, the traditional method of carrying out TSCM sweeps on a periodic basis is not feasible. The level of activity around the office means that a sweep is only really valid for the time it takes place. It is far too easy for an employee to reactivate an electronic surveillance or data exfiltration device after the sweep team has left or, indeed, for the evening cleaners to place devices at the request of a competitor or foreign government. TSCM sweeps are also highly disruptive to work and will usually require equipment to be switched off.
RFeye Guard can monitor your facility or secure meeting room 24/7 and in real time to detect RF transmissions that may compromise office security. This system works autonomously in the background with an alert and location provided to security guards if/when a suspect device is detected. The system can be integrated with third-party security systems to provide an overall security picture. Often, this will allow RFeye Guard location data to be cross-referenced with other sources such as CCTV to identify the employees responsible for placing covert devices.