Technical Surveillance Counter-Measures
From Wikipedia, the free encyclopedia
TSCM (Technical Surveillance Counter-Measures) is the original military abbreviation provided to the trade of bug-sweeping or electronic counter-surveillance. It is related to ELINT, SIGINT and ECM.
The United States Department of Defense defines a TSCM survey as a service provided by qualified personnel to detect the presence of technical surveillance devices and hazards and to identify technical security weaknesses that could aid in the conduct of a technical penetration of the surveyed facility. A TSCM survey will provide a professional evaluation of the facility's technical security posture and normally will consist of a thorough visual, electronic, and physical examination in and about the surveyed facility.
This definition is however lacking some of the technical scope involved. COMSEC (Communications Security), ITSEC (Information Technology Security) and physical security are also a major part of the work in the modern environment, the advent of multimedia devices and remote control technologies allow huge scope for removal of massive amounts of data in very secure environments by the staff employed within, with or without their knowledge. Even PlayStation Portables (PSPs) have wireless connectivity and optional storage capacity, therefore connection and forward on receive over 54Mbps wireless for hundreds of meters is achievable. This is only the tip of the iceberg. What are iPods other than 60 Gigabyte tools of espionage?
Contents |
[edit] Technology used
Technology used for a bug sweep includes but is not limited to:
- Multimeters for general measurements
- Time-domain reflectometer (TDR) for testing integrity of telephone lines and other communication cables
- Frequency scanner with a range of antennas and filters for checking the electromagnetic spectrum for signals that should not be there
- Oscilloscope for visualisation of signals
- Spectrum analyzer and vector signal analyzer for more advanced analysis of signals
- Nonlinear junction detector (NLJD) for detection of hidden electronics
- Portable x-ray machine for checking the inside of objects and walls.
- Computer security devices and tools for computer-related threats
- Tools for manual disassembling of objects and walls in order to visually check their content. This is the most important, most laborious, least glamorous and hence most neglected part of a check.
[edit] Cautions
- Due to the esoteric nature of the intelligence field, there are many spy shops offering both low-quality bugs and low-quality bug sweeps. Without at least rudimentary knowledge of the problematics it is easy to become victim of a scam.
- Never order a sweep from a telephone or other comm channel that can be bugged. Some bugs can be switched off remotely, which makes them even more difficult to find.
- There is a continuous spectrum of adversaries and technologies they use; from a repurposed baby monitor that can be found with a $100 scanner to the most sophisticated toys of National Security Agency operating on almost-terahertz frequencies. Every measure has a countermeasure, which usually requires an adequately expensive equipment.
- In some cases a security threat is only in the mind of the victim.
- In some countries it is illegal to tamper with bugs planted by law enforcement agencies.
- Some threats, eg. optical microphones or cavity bugs, are very difficult to find by electronics means.
- Some equipment that is not a threat on itself may exhibit microphonics.
[edit] See also
- Telephone tapping
- Bugs
- Espionage
- Privacy
- Military intelligence
- Law enforcement agency
- Communications security
- Secure telephone
[edit] External links
- TSCM Handbook; A Valuable TSCM Reference
- TSCM Meausre Training; Gives a list of trainings and courses you need to break into the the TSCM field
- TSCM and CST Technologists – UK Specialists in TSCM & CST
- TSCM Products - Ocean Group – Description of TSCM Equipment
- ATSCP – The ATSCP is a non-profit association representing professionals in the European TSCM industry
- Diversified Risk Management, Inc. TSCM Information
- Communication Security Inc.: Technical Surveillance Countermeasures