Overview
Confidentiality
Contact Us
Web Resources
Home
 

 

Eavesdropping Countermeasures (DeBugging) An Overview

INFORMATION SECURITY

Privacy and the confidentiality of information are becoming some of the most important political, social and commercial security issues of the new millennium.  Overseas trends and our own experience here in New Zealand indicate that the level of threat to the security of proprietary information is on the increase.

Information is one of the most important  assets of any business and the need to prevent the unauthorised disclosure or interception of confidential information cannot be overstated.

The techniques used to obtain such information are many and varied and senior executives need to be aware of the real and potential dangers  of allowing important information to fall into the hands of unauthorised persons.


EAVESDROPPING

Eavesdropping and illicit information gathering are big business overseas and our own experience has shown that the New Zealand business sector is far from immune to such practices. Competitors, industrial and commercial spies, disgruntled and disaffected employees, activists and many others with a wide range of purpose have a large diversity of easily obtained  devices and techniques at their disposal.

CSL defines eavesdropping as the illegitimate interception of audio and visual information.  This includes the use of electronic and physical devices to obtain or intercept communications, exploitation of procedural weaknesses and a variety of other information gathering methods that do not necessarily always fall into the traditionally perceived realm of "bugging".

Many of the modern methods of information gathering are nearly impossible to detect without the use of sophisticated electronic detection equipment employed by trained personnel.  In order to keep up to date with current devices and techniques, CSL invests in new and updated equipment on a regular basis.
 

  • Short and long range radio transmission
  • Battery and permanently (mains) powered devices
  • Mains frequency level (FM intercom or baby monitor type devices)
  • Voice or presence activated operation

Direct attack methods:

  • Hard wired microphones
  • Spike mikes
  • Hidden recording devices
  • Contact (resonance) type mikes

Remote attack methods:

  • Laser microphones
  • Long range directional microphones
  • Long range video surveillance
  • And many others.

 
NON-TECHNICAL THREATS

Apart from the technical surveillance threats, some of which are described above, there are many other potential threats consisting weaknesses in procedure or practice or general security that threaten the security of information within an organisation.  During an ECM survey, CSL staff note such situations as they become apparent and these are advised in the comprehensive report that is presented following completion of the survey.

 
ORGANISING A SWEEP

You must first determine the area that you wish to have the eavesdropping countermeasures survey conducted in.  To do this, think about where the information that might be targeted is likely to be discussed or viewed.  This will generally be the offices of senior executives,  boardrooms,  meeting rooms,  executive dining rooms etc.   General office areas are unlikely to be targeted.

Once the area has been determined work out the number of rooms (single offices or meeting rooms) this represents and contact us for a quote.  Please note that if an open plan office are is to be swept the number of rooms equivalent can be roughly determined by counting the number of desks and dividing by 2.

If at all possible avoid contacting us by phone from within the area to be swept as the phone may be compromised.

Surveys are generally carried out after hours. We prefer a company representative to be present during the survey to oversee the operation and to provide access to the areas to be swept and to any wiring cupboards,  rooms and PABX facilities.

The survey is conducted utilising a variety of specialist electronic sweep equipment.  During the survey a number of actions are carried out to help ensure that the risk of future attack is much reduced.  This involves sealing of telephone instruments and electrical/ communications outlets to indicate future tampering.
 
Following the survey a comprehensive written report is provided covering the tests carried out, our findings and recommendations on  relevant Information Security issues.