Saturday, October 2, 2010

Why Take a Preventive Approach to TSCM?

Why Take a Preventive Approach to TSCM?
All too often corporations or individuals hire a professional Technical Surveillance Countermeasures (TSCM) or "bug sweep" service provider only after they have a strong suspicion they are a victim of illegal eavesdropping. While it may seem like a logical approach to verify your suspicions first, the choice to delay can be an irresponsible and costly choice. Every minute an illegal eavesdropper maintains access to your information is valuable to the eavesdropper -- and costly to you. The longer you wait, the more opportunity the eavesdropper has to gather enough competition sensitive, company proprietary or damaging personal information to cause your company, or you, irreparable harm.

Why do corporations and/or executives hesitate to hire a TSCM/Bug Sweep provider quickly? Fear is a key reason executives delay hiring a professional TSCM service provider. It could be a fear that competitors or employees will recognize the company, or its executive(s), suspect they are vulnerable to illegal spying. Simply acknowledging the company or its executives are exposed and/or having to obtain authorization from owner(s), Board Members, etc. can be difficult. The need to obtain authorization from corporate counsel and/or financial decision makers is another key reason for delaying. And, the executive(s) who make a decision to proceed with a Bug Sweep may also be discredited as paranoid by coworkers. Who wants their coworkers to think they are paranoid? But, no matter what the motivation for a decision to delay, the perceived vulnerability is not going to "just go away." And, a failure to take action quickly and decisively can be the beginning of the end for the corporation and/or the executive(s). Is it responsible to forego taking action because you are fearful of the ramifications? If indeed your company or your executive(s) are the victim of illegal eavesdropping it is negligent to allow the exposure to continue.

Is this a dramatic statement? What if the illegal eavesdropper planted an audio listening device in the Sales Director's and the Accounting Director's offices? Each word spoken in these two offices, whether by two or more individuals or while these executives are engaged in corporate or personal phone calls, can be heard and/or recorded by the eavesdropper. If the batteries in a small, voice activated listening device work for two weeks or more, how much valuable information would the eavesdropper be able to steal? The eavesdropper could learn the names of existing customers, potential customers, suppliers, financial information, pricing strategies, collections information, confidential product order specifications, marketing plans, etc. How much valuable information is shared in just these two Directors' offices within a two week time span? To an illegal eavesdropper, it's a gold mine! And, if you work in a highly competitive industry, or manage valuable or highly regulated technology the ramifications can be escalated dramatically. Now consider that the illegal eavesdropper may have hacked into the executives email account(s) and/or installed key loggers on the executive(s) computers. The potential exists for simply devastating results! And, if these executives manage customer confidential or proprietary information that they are bound to hold confidential (i.e. via a Confidentiality Agreement), or if they handle information subject to strict government control (i.e. munitions list products, other highly regulated industries/products, patent pending technology, etc.) you have a duty and obligation to ensure your corporate information is not shared with restricted companies, countries and/or person(s).

Isn't electronic eavesdropping a federal crime? Yes! 18 USC Sec. 2512 states the manufacture, distribution, possession, and advertising of wire, oral, or electronic communication intercepting devices is prohibited. And, it does not matter whether the illegal eavesdropping activity is perpetrated on a company, an executive, an inventor or an individual. It's all illegal. Unfortunately, the likelihood that an eavesdropper can be identified and prosecuted effectively may be lower than you would think.

What do I do if I discover illegal electronic devices? One of the most important things you can do once you suspect you are bugged, is to act as "normal" as possible in the area of concern, so the eavesdropper is not "tipped off". Then, contact a professional TSCM provider outside your physical area of concern using a phone that you believe is not bugged! This means making contact with the TSCM provider from an area outside of your office, car or home. A professional eavesdropper will target locations/places where he/she expects you will feel comfortable to discuss information freely. That means your office, elevator, car, cell phone; purse, wallet, bedroom, etc. are all choice bugging targets for an eavesdropper. Where you feel comfortable, you will discuss confidential, proprietary or personal information that is valuable to an eavesdropper. You must also consider that the eavesdropper may expect a local TSCM company will be called in to handle your assignment. So, hiring a TSCM service provider who is located outside of your geographical area, who operates in a covert manner, may be your best option. And, you must consider that if an illegal eavesdropper has your company or executives under electronic audio surveillance, they may also be performing some degree of visual surveillance of your company or executives as well. Nothing can sound an alarm to an illegal eavesdropper like a van with a TSCM company logo arriving at your office or home. Discreet is best!

Why not let the eavesdropper know you are onto them?If the eavesdropper suspects you are aware of the illegal activity, they are likely to remove the spying devices at the first perceived "safe" opportunity -- particularly if the perpetrator is an employee, part of the cleaning crew, etc. who has routine access to the office(s) and/or executive(s) home. Sure, you want the device(s) removed so the surveillance stops, but your goal should be to learn who bugged you, who authorized the bugging operation and/or what potential damage they can do with the information they have taken. The best case scenario would be that the illegal eavesdropper(s) are prosecuted, but the odds this will occur are lower than you may think. Damage control is most important for any company or individual who has been the subject of an illegal eavesdropping attack. That must be your focus!

What motivates an illegal eavesdropper?It is really a matter of how valuable your information is! An illegal eavesdropper is a risk taker who is willing to risk being discovered when they install the devices and/or after their bugging operation is in progress. Their goal is to get access to the right kind of information, and to steal as much of this valuable information as possible. They are your adversary and will do what is necessary to win. The more damaging the information, the more useful it is to the illegal eavesdropper and/or the company or person who hired them to put you under surveillance.

Why hire a professional TSCM provider? When you begin to price your professional bug sweep assignment, you may be surprised by the cost. It's not a minor expense, but it is a very necessary expense. Bargain shopping for a professional TSCM bug sweep is not the best approach. With a TSCM bug sweep, you get what you pay for! Don't be fooled by a private investigator who provides you with the low quote; it's not the bargain you think it is. A TSCM Bug Sweep performed by a competent, skilled, trained and well equipped TSCM professional is what you need. Most have decades of experience developing their interviewing, visual inspection and electronic detection skills, and they are knowledgeable of the most common and new, emerging threats and proper detection methods. They live and breathe TSCM and their opponent is the illegal eavesdropper. Private investigators have their talents and skills, and with the exception of a very few, TSCM most often is not their area of expertise. Hire a professional TSCM service provider!

Why leave your very valuable corporate information exposed? Take a proactive approach to corporate security by hiring ComSec LLC to perform preventive TSCM bug sweeps today!

ComSec, LLc. provides professional Technical Surveillance & Eavesdropping Countermeasures services to Fortune 500 corporations to small businesses, non-profits, celebrities, executives and select individuals. Headquartered in Virginia Beach, VA | Northern VA-DC-MD. Serving the Continental United States, and select International clients abroad.

Copyright 2010 To The Present By ComSec, LLc. All Rights Reserved

http://www.ComSecLLc.com

2 comments:

Anonymous said...

This is an excellent article! I'm going to contact you!

Ben

focusoninfinity said...

Here in the Southport-Wilmington, North Carolina area; a local newspaper reported that a legally separated husband hid several pen-like camera recorders about his separated wife's house to record her and her friends undressing.

How was the privacy-invader spouse caught? Her female friend got her own pencil cameras and hid them.

I think that is were that new sage saying, "Videoed on his own petard", comes in?