Now Registering For TSCM 101

Extended Online Countersurveillance Training

Class Meets Online Every Wednesday

2:00 p.m. - 3:00 p.m. Central U.S. Time

August 4 – September 29, 2010

August 4, 2010 Course Outline & Mail-In Registration 

  Save $100 Now -- Use Our Convenient Online Registration Form  

What's Bugging You?

 Revised July 16, 2010

Overview

For Consumers

We live at a time when privacy and proprietary information are coming under increasing attack. Activities once considered private are subject to compromise by individuals with access to covert monitoring instruments. Protecting ones privacy and safeguarding confidential information and intellectual property have become a necessary security consideration not just for the government and military, but also for private business and private citizens.

A substantial civilian demand for covert audio and video monitoring devices have spurred the marketing efforts of covert devices beyond government, military, and law enforcement agencies. Furthermore, the cost of small, sophisticated surveillance devices continues to drop with prices well below $100. The act of electronic eavesdropping has become exceedingly simple and may be accomplished by untrained individuals.

While it is difficult to categorize surveillance threats into clearly delineated categories, consumers of TSCM equipment and services are best served if they possess the ability to:

• accurately define the potential threat;
• understand countermeasure capabilities and limitations, and;
• take reasonable and appropriate actions to identify and mitigate the threat

The industry responsible for detecting illegally deployed eavesdropping instruments is commonly referred to as

TSCM, an acronym for Technical Surveillance Counter Measures or ECM, an acronym for Electronic Counter

Measures. The TSCM/ECM industry consists of equipment manufacturers, counter-surveillance firms,

technicians and educators; it is an industry that is highly fragmented with some segments of the industry being well-trained, honest and professional, while other industry segments rely on deceptive practices and misleading business and marketing tactics.

The inevitable from analog to digital information processing has created a significant gap in countersurveillance capabilities even for individuals who may have had many years of training and experience. A military-trained countersurveillance technician, for example, who may have retired ten years ago may not be capable of addressing modern digital surveillance threats including VOIP, fiber optic and computer based. A significant portion of today’s countersurveillance firms may not be qualified to adequately detect of advanced digital threats. This raises a number of consumer protection concerns.

Prices for countersurveillance instruments whose primary design was for analog signal processing have declined dramatically. An industry staple, a new time domain reflectometer that cost $2,000 ten years ago can be purchased for less than $200. Spectrum analyzers which may have cost over $25,000 are now on the market for less than $2,000 and prices are continuing to decline. The softening of equipment costs may create a competitive advantage for new firms, which can enter the market with less capital outlay.

While cost of analog-based equipment is declining so is the cost of instruments to detect modern digital and computer threats. The move toward computer-based spectrum analyzers, for example, that run on software and utilize the existing capabilities of a laptop will also reduce the cost of some equipment.  

Like decision processes made when acquiring common security products or services, deciding how to manage privacy threats should be based on:

•        an accurate assessment of the threat;
•        a fundamental understanding of the capabilities and limitations of countermeasures;
•        establishing reasonable and appropriate actions to mitigate the threat within one’s financial parameters.

Choosing a TSCM company can be a challenging task for civilians. First, many states do not require any licensing to offer TSCM sweeps. Hiring an unqualified sweep team may only give you a false sense of security. Second,

to maintain professional confidentiality, TSCM companies generally do not reveal names of their clients. This makes checking references problematic.

To evaluate a TSCM company, potential clients should ask questions including, certifications of training, equipment capabilities and professional experience. Professional TSCM teams should at minimum possess equipment and expertise specified under Category B threats outlined later in this paper.

Considerations For Assessing Threat Levels

& Choosing A TSCM Company

(Draft: Subject To Review & Modification)

The assessment of threat levels is subject to considerable debate and individual interpretation. It should be noted, however, that the threat levels categorized herein are in no manner correlated to a potential loss, be it of privacy or of intellectual property. A glass held against a wall or a conversation overheard in the hallway can gather as much information as a high-tech laser listening device that cost tens of thousands of dollars.

Threat Category A

Scope: Civilians that are subject primarily to voyeuristic attacks and audio threats posed by common devices that are readily available to civilians through retail and online establishments.

Threats in this category consist of low-cost devices that can be purchased at consumer electronics or mart-type stores. These devices include digital recorders (which can be tucked away in a couch or taped to the bottom of furniture), FRS radios, some of which have transmission ranges exceeding twenty miles. These units can also be easily hidden or taped beneath furniture. Other consumer devices that can be adapted for surveillance include wireless microphones, intercoms, and inexpensive wired or unwired video cameras. We may also include hardware-based keyloggers in this category.

Low cost and ease of availability makes Category ‘A’ devices popular with amateurs, which does not mean that one should underestimate the efficacy of these devices. Consider the threat posed by a twenty-mile range FRS/GMRS radio, which can be purchased at any mart or electronics store for about $50 U.S. With a small extension microphone plugged in, an FRS radio can be hidden in any number of places, leaving just a small microphone clipped somewhere inconspicuous (tucked away between a couch or sandwiched between a mattress). Now consider that many such radios have voice-activated transmission capabilities. All of these add up to a very effective listening device that is inexpensive, has a tremendous transmitting range and can remain active for a week or longer.

Threat Category A Countermeasures

Surveillance threats in Category A may be successfully identified and neutralized by civilians using a basic broadband detector, an optical camera locator and following manufacturer instructions on how to conduct a safe, physical search for covert devices. Category A specifically excludes the search of any wires or cables that could be energized by electrical voltage and that includes telephone lines. The ability to visually identify hardware-based keyloggers may also be included in this category

Minimum equipment requirements to identify Category A devices include:

• A Sensitive Broadband Receiver with Adjustable RF Gain Control Capable of Detecting Analog and Digital Signals of up to 5.8 GHz.
• An Optical-Based Camera Locator Capable of Identifying Pinhole Camera Lenses.
• An understanding of how to conduct a cursory physical search of the location that excludes any energized cables.
• Equipment to Detect GPS & Cell Phone Compromises

Threat Category B - (Residential and Small Business Sweeps)

Scope: Civilians and government employees in positions of having access to information of moderate economic or social value. This category also includes individuals that are undergoing significant life-changing events such as a divorce, child custody issues, matters involving attorneys, difficulties in a business partnership, difficulties with a coworker, individuals that are in a dispute with others.

Individuals that are engaged in the private detective field, have prior law-enforcement or related military experience may pose threats in Category B. Also included in this category are private citizens who have researched available resources and are capable of acquiring Category B devices. Surveillance instruments in Category B are generally more expensive and may operate at greater distances, at higher frequency ranges and their method of concealment or transmission is more sophisticated.

Category B devices include high-powered FM radio transmitters, scanners modified to receive analog cellular telephone traffic and low-powered wireless microphones modified to transmit over greater distances. Category B includes devices that: transmit using microwave, infrared, ultrasonic, and carrier current; remotely-activated instruments; video devices that store information on memory media, as well as land-line telephone compromises; and; live, Internet-based surveillance.

Threat Category B also includes the use of repeaters (which amplify weak signals so they can be sent to distant listening posts). A system of repeaters can amplify low-power signals and transmit them over greater distances.

Due to the capabilities of repeaters, security sweeps should include checking the perimeter of the premises. Finally, advanced vehicle trackers, frequency hopping, burst transmitters; digital and spread spectrum devices may also fall within this category, as do infinity devices. This category also includes hardwired telephone threats and compromises such as series and parallel taps and hookswitch bypasses. Category B is generally limited to the discovery of active audio transmitters as well as wired and unwired video instruments. Category B also includes the examination of energized wiring, which requires specific safety precautions.

We may also include software-based keyloggers and the ability to detect common spyware including that which can be remotely installed. In addition, the technician should be able to advise the client on wireless computer threats and have an understanding of packet sniffers, basic VOIP vulnerabilities and the security of wireless access points. .

Detecting devices that fall within Category ‘B’ is within the realm of TSCM technicians who have met the following factors:

• The technician must have completed a formal two- to four-week training program in countersurveillance instrumentation and methodology;
• Technician must have access to a sweep kit capable of identifying all Category B devices, and;
• Technician must be proficient in conducting a competent physical sweep including the ability to safely test energized wiring for compromises.
• This threat category requires a fundamental understanding of personal computer operations, spyware and digital signal processing.
• Ability to detect cellular phone spyware and GPS trackers Including real-time and passive logging.

Minimum Equipment Inventory To Conduct Category B Sweeps

• A sensitive broadband receiver system with adjustable RF gain control and sensitivity at the microwatt level. preferably with AM/FM demodulation capabilities.
• Multimeter (VOM)
• Cable Tone and Tracer Kit
• Carrier-Current Analysis
• Countermeasures Amplifier
• Telephone Line Analyzer capable of identifying series, parallel, infinity and hookswitch bypasses
• Frequency Counter
• Radio Scanner
• Optical Pinhole Camera Detector

Minimum equipment capabilities to identify Category B devices.

• RF spectrum detection from 10 KHz to - 2400 MHz.
• Infrared & laser detection capabilities.
• Microwave detection up to 5.8 GHz.
• FM RF detection & demodulation.
• Carrier current detection from 20-400 KHz.
• Ability to locate transmitting and non-transmitting video cameras.
• Ability to detect analog and digital signals
• Ability to detect GPS/GSM devices.
• Ability to detect civilian room and vehicle transmitters
• Ability to locate sound-activated transmitters
• Ability to detect room and vehicle transmitters

Minimum telephone compromise detection capabilities:

• Series RF tap detection.
• Parallel RF Tap detection.
• Parallel Recorder Activator detection.
• Infinity Device Transmission detection.
• Hook Switch Bypasses detection.
• Carrier Current Detection Capabilities

Minimum computer-based capabilities

Visual identification of hardward-based keyloggers

Installation and operation of spyware detection software

Ability to use a packet sniffer to advise clients of computer security compromises

Equipment that possesses these minimum capabilities when used in conjunction with a thorough physical inspection can provide reasonable protection against the most prevalent illegal surveillance threats in a home or small-business environment.

Minimum Training/Education To Conduct Category B Sweeps

• Completion of a Formal Two- to Four Week Countersurveillance Training Program
• Completion of a Military or Government TSCM Training Program
• Understanding of POTS Telephone Systems
• Ability to Check Cables For AC/DC Current
• Proficiency In The Safe Operation of a Multimeter
• Proficiency in the Safe Operation of a Cable Tracer and LAN Meter
• Ability to Operate an Optical Pinhole Camera Locator
• Ability to Safely Test Electrical Cables For The Presence of AC/DC Current
• Capability of Conducting A Line Balance Test
• Capability of identifying RF transmissions at telephone junction points located off the client premises.
• Ability to identify hardware and software keyloggers and use a packet sniffer to detect computer and VOIP   vulnerabilities

Threat Category C

Section Under Construction

(Draft: Subject To Review & Modification)

Prospective clients in this category face a professional and well-financed adversary. Devices in Category C may include laser listening devices, passive radiators, deployment of professional spies who may work as teams, compromise of a private branch exchange telephone system. Listening devices planted inside walls, remotely activated devices, ultrasonic devices, and devices that transmit in the higher Gigahertz ranges.

If you determine your threat level to fall within this category, then the services of a professional countersurveillance team must be considered.

Minimum Equipment Requirements

• Broadband Diode Detector System
• Tuned Receiver System
• Spectrum Analyzer
• Non-Linear Junction Detector
• Infrared Detection System
• Thermal Imaging
• Advanced Telephone Analyzer
• Time Domain Reflectometer
• Oscilloscope
• Countermeasures Amplifier
• Radio Direction Finder
• Cable Tracer
• LAN Meter
• X-Ray Machine
• Specialized Antenna Collection
• Advanced Physical Inspection Tools

Note: As with other security considerations there are no perfect solutions. Even professional sweep teams don’t grant ironclad guarantees that all eavesdropping devices have been identified and neutralized. Surveillance threats do not cease after the completion of a sweep. Therefore, a good TSCM team will suggest additional security measures. You must take some responsibility for ongoing countersurveillance.

Threat Level C

(Draft: Subject To Review & Modification)

Section Under Construction

Here you are facing a professional and well-financed adversary. Devices in Category C may include laser listening devices, passive radiators, deployment of professional spies who may work as teams, compromise of a private branch exchange telephone system. Listening devices planted inside walls, remotely activated devices, ultrasonic devices, and devices that transmit in the higher Gigahertz ranges.

If you determine your threat level to fall within this category, then the services of a professional countersurveillance team must be considered.

As with other security considerations there are no perfect solutions. Even professional sweep teams don’t grant ironclad guarantees that all eavesdropping devices have been identified and neutralized. Surveillance threats do not cease after the completion of a sweep. Therefore, a good TSCM team will suggest additional security measures. You must take some responsibility for ongoing countersurveillance.

Consumers should remember that a countersurveillance sweep only provides a snapshot of the day(s) during which the survey is taken. Even the most extensive sweep cannot protect against threats after the sweep team has left. Consumers should therefore consider taking personal responsibility for ongoing counter-surveillance or your risk of being a target of surveillance continues.

The problem that arises is how to establish and implement an appropriate level of protection. An effective counter-surveillance equipment package and sweep strategy must include access to (and gaining proficiency in) the use of counter-surveillance instruments capable of detecting the most prevalent eavesdropping devices including telephone taps placed along the lines up to and including what is commonly referred to as the demarcation point (place where phone company lines are connected to the premises) and farther.

Desirable Instrument Capabilities & Training For Ongoing Protection

• Carrier current detection, which transmits information along AC wiring and other cables.
• Detection and location of wired (CCTV) and transmitting pinhole cameras.
• Infinity transmitters that can monitor telephone conversation while the phone is down ‘on-the-hook’.
• Detection of infrared and laser transmissions.
• Detection of devices that transmit in the microwave range up to 5.8 GHz or higher
• To achieve a minimum level of security, a basic counter-surveillance kit is highly desirable. At the very minimum, this kit should have the following capabilities.
• A sensitive broadband receiver with adjustable RF gain control.
• RF spectrum detection from 10 KHz to 2400 MHz.
• Infrared & laser detection.
• Microwave detection up to 5.8 GHz.
• Digital & analog signal detection & differentiation
• AM/FM detection & demodulation.
• RF (Radio Frequency) sensitivity to microwatt levels.
• Carrier current detection from 20-400 KHz.
• Ability to locate transmitting and non-transmitting video cameras.
• Ability to detect wide band frequency Hoppers.
• Ability to locate pulsed tracking Transmitters.
• Ability to locate room, body, and vehicle transmitters
• Ability to locate burst transmitters
• Easy to use to facilitate periodic sweeps by individuals or in-house security staff.
•  

Desirable telephone detection features should include

• Direct hardwire tap detection.
• Series RF tap detection.
• Parallel RF Tap detection.
• Parallel Recorder Activator detection.
• Infinity Device Transmission detection.
• Hook Switch Bypasses detection.
• Drop In Transmitter detection.

Summary: A trained person with access to equipment that possesses the minimum capabilities outlined above when used in conjunction with a thorough physical inspection can provide reasonable protection against the most prevalent illegal surveillance threats.

Disclaimer

What's Bugging You?

**ACSS Professional TSCM Countersurveillance, Bug Sweeps,

Electronic Eavesdropping Detection Throughout The U.S.A.**

ACSS Sweep Quotes

info@countersurveillance.info

NEBRASKA, NE...IOWA, IA...Wyoming, WY...COLORADO, CO...NORTH DAKOTA, ND...SOUTH DAKOTS, SD...COLORADO, CO...District of Columbia ... Washington DC ... Baltimore, MD ... Ft. Meade, MD ... ALABAMA, AL ... ALASKA, AK ... AS ... ARIZONA, AZ ... ARKANSAS, AR ... NORTHERN CALIFORNIA, CA ... SACRAMENTO, CA... SAN FRANCISCO, CA...OAKLAND, CA...VALLEJO, CA...SONOMA, CA...MARIN COUNTY, CA...SAN RAFEAL, CA...CONNECTICUT, CT ... DELAWARE, DE ... DISTRICT OF COLUMBIA, DC ... FLORIDA, FL ... GEORGIA, GA ... HAWAII, HI ... IDAHO, ID ... ILLINOIS, IL ... INDIANA, IN ... IOWA, IA ... KANSAS, KS ... KENTUCKY, KY ... LOUISIANA, LA ... MAINE, ME ... MARSHALL ISLANDS, MH ... MARYLAND, MD ... MASSACHUSETTS, MA ... MICHIGAN, MI ... MINNESOTA, MN ... MISSISSIPPI, MS ... MISSOURI, MO ... MONTANA, MT ... NEBRASKA, NE ... NEVADA, NV ... NEW HAMPSHIRE, NH ... NEW JERSEY, NJ ... NEW MEXICO, NM ... NEW YORK, NY ... NORTH CAROLINA, NC ...OHIO, OH ... OKLAHOMA, OK ... OREGON, OR ... PALAU, PW ... PENNSYLVANIA, PA ... PUERTO RICO, PR ... RHODE ISLAND, RI ... SOUTH CAROLINA, SC ... SOUTH DAKOTA, SD ... TENNESSEE, TN ... TEXAS, TX ... UTAH, UT ... VERMONT, VT ... VIRGIN ISLANDS, VI ... VIRGINIA, VA ... WASHINGTON, WA ... WEST VIRGINIA, WV ... WISCONSIN, WI