TSCM Bug Sweeps: When and When Not To Part I
- November 26, 2012
- by Kevin Murray
- Business Tips
Editor's note: This article was written by an industry professional and guest contributor. The views and opinions in this article are of the author and do not reflect the views of PInow. If you are a blogging investigator and you have a story to share, send an email to [email protected].
Technical Surveillance Countermeasures (TSCM), or bug sweep, is an analysis of an area to detect illegal covert electronic surveillance. In addition to listening devices, sweeps also take into account optical, data, and GPS tracking devices.
A typical case involving a private individual...
Someone contacts you to “find a bug”. They are sure their: significant other, landlord, neighbor, or the amorphous “they” know their every thought and move. What do you do? Is a bug sweep really the best first step?
Probably not.
Step 1. Make sure they are not contacting you from the area they fear is bugged.
Step 2. Can you do some good?
Evaluate the situation. Is there a suspect, and a plausible motive? If you hear, “It has been happening for years. They know everything,” your efforts are not likely to help. Avoid accepting these cases unless referred to you by a responsible party (family, legal counsel or doctor) who feels the effort is worthwhile to provide peace of mind.
Step 3. Plan your investigation.
Collect the evidence to date. Ask your client what they would like to see as the outcome of their case. Do they want the snoop to permanently stop the illegal eavesdropping and/or GPS tracking? Is so, hold off on the bug sweep. Even if you find a device, all you have is a hand full of hardware. You also have an alerted snoop who is free to strike again, next time more covertly. If the situation is not ongoing, a sweep to clear out previously planted devices might be warranted.
Step 4. Tie the criminal to the crime.
The quickest way to stop a snoop is to legally stomp on their toes. Tie the criminal to the crime. Work with your client to develop circumstantial evidence; a sting operation. Have your client selectively drop bits of specific information, or with GPS tracking, visit unique locations. This activity should be crafted to trigger a reaction by the snoop, only if they were conducting electronic surveillance. Log dates, times, information floated, and reactions observed. Don’t stop after the first positive reaction. You want to log at least three or more reactions to counter any “coincidence defense” the snoop raises later.
Step 5. Bring your findings to an attorney.
Work with an attorney to determine the best way to proceed. Is there enough evidence? Should the case be filed as criminal or civil, or both? Let the attorney determine when a bug sweep should be conducted and who should do it. You may be capable, but will your qualifications hold up in court? Success may hinge on having the testimony of an independent specialist.
Step 6. Conducting a TSCM bug sweep.
Partner with a competent specialist. You or the attorney may already have someone you know and trust. If so, great. If not, conduct a search using terms like “eavesdropping detection”, or simply “TSCM”. Once you have found specialists to vet, ask plenty of questions. If you are not sure of what to ask, search “TSCM compare” for a list of questions. Qualify your specialist with questions, but be sure to note their professionalism, too. Their presentation and demeanor will reflect on you.
A typical case involving a business client...
Word about something has leaked out. “Check everything!”, barks the boss. What do you do? Is an inspection for bugs and wiretaps the best first step? Yes.
Step 1. Make sure they are not contacting you from the area they fear is bugged.
Step 2. Can you do some good?
Yes. Although a vast majority of leaks are caused by employees with big mouths and sloppy security habits, an inspection for surveillance devices is an important first step. Rule out electronic spying before investigating and accusing people. Of all business espionage tricks, electronic surveillance is one of the most popular, and the easiest to discover.
Step 3. Plan your investigation.
Calm your client. Ask: what raised their suspicions; where the missing information was discussed. Also, ask for a list of the most sensitive areas; it is rarely necessary to “check everything”. Initially, inspect no more than the top third of the list to conserve the budget, and focus your specialist’s talents.
Create a plan to deal with the situation should a device be found. This is important. Without a plan, a found device will come as an emotional shock to your client. Decisions made under these conditions are usually poor decisions.
Partner with a specialist. As good as you may be, the average PI is no match against a concerted business espionage effort. Besides, you will be busy following up on the specialist’s recommendations for additional investigation and security implementations.
Step 4. Conducting the investigation.
Although the chances of finding an active surveillance device are increased during work hours, a well-equipped specialist will not be impeded by conducting the inspection during off-hours. In fact, there are definite advantages, such as no disruption of business or alerting employees (one of whom may be in on the spying) and it affords a better opportunity to evaluate current security effectiveness.
Work your way down the priority list. At some point, you will be able to say, “If nothing was found at the high sensitivity levels, lower level snooping is unlikely.” If a device is found, keep searching. Sometimes multiple devices are planted, with some ‘planted to be found’. Expand the search as necessary.
If a device is found don’t touch it. It’s evidence. Document it with photography, safeguard it, and follow the advice of your specialist. It may be possible to determine who planted it just by keeping an eye (covert video eye) on it. See who comes to change the batteries, if any. Place a fan near it to make noise. See who comes to move the fan. Selectively feeding the device false information might help ferret out the spy as well.
Step 5. Bring your findings to the company’s attorney.
Ultimately, the client will want to control things from this point on. Be available to help them, but don’t count on being asked. If not going to court, many of these cases go under the carpet.
In Part II, we’ll discuss how to help your current business clients.
About the Author:
Kevin D. Murray, CPP, CISM, founded Murray Associates in 1978. It is an independent consultancy providing electronic surveillance detection (TSCM) and counterespionage consulting services to businesses, governments, and at-risk individuals. The firm also partners directly with security organizations, PIs and attorneys on behalf of their clients. He is the author of “Is My Cell Phone Bugged?” and Kevin’s Security Scrapbook - Spy News from New York. Free information and movies about TSCM can be found at the Murray Associates web site, http://www.spybusters.com
Top Private Investigator Blogs
Kevin's Security Scrapbook is #10 on the PInow list of Top Private Investigator Blogs. If you are a blogging investigator and have a story to share or would like to be considered for inclusion on the list, please contact us.