A great many executives are guilty of seriously undervaluing the importance of information within their own organisation. They are wrong to do so. Information is their most important – and, indeed, most valuable – asset, but it’s often the case that the same degree of protection is not afforded to the spoken word as is given to physical assets. Information on prices, competitor organisations, members of staff, future plans, acquisitions, new product developments and technology is always at risk. At risk from industrial and commercial espionage.
Corporate ‘spies’ will always be on the look out for new snippets of information. Typically, they’ll get what they want by way of (often electronic) eavesdropping, which can be defined as “a predetermined attempt to obtain information that would normally be withheld”. True, much of the information gleaned in this manner will be trivial. But isn’t that the nature of espionage activity in any case?
During a company takeover, for instance, it would be perfectly acceptable for a chief executive to ask for a detailed report on the activities and performance of his intended target. Such a request could then be acted upon in several perfectly legitimate ways by enquiries as to previous years’ performance, questions asked of employees, main customers and suppliers and (possibly) some visual surveillance of the premises. None of these activities involve breaking the law, and would be seen as prudent attempts to establish the viability of any prospective takeover.
That said, you can envisage a situation where other techniques might be employed – very often without the prior knowledge or agreement of the person originally authorising the investigation. In today’s world, a competitive playing field has been created by company executives who have commissioned private investigators or consultants to advise or provide information on organisations of particular interest. How that information is obtained is of less importance to the chief executive than its quantity and accuracy.
Judging by the proliferation of reported bugging incidents and rapid growth in the sale of electronic bugging equipment, it’s possible to conclude that more and more investigators are resorting to electronic – and often illegal – means to improve the quality of service to their clients.
Electronic methods add an entirely different dimension to the investigator’s work. They are able to acquire information in real time directly from the source – be it from a meeting, telephone conversation, computer hard disk or any other communication path. Depending on the bugging method used, the quality of intercepted material may be very high indeed. The question then arises as to how security managers can safeguard their company from the threat of bugging?
Many practitioners have assumed that counter-espionage measures are the preserve of the electronics engineer or technician when making a periodic survey of the target area. Nothing could be further from the truth. In reality, this type of inspection forms only a small part of the countermeasures procedure. It makes no sense whatsoever to have a room checked for bugging devices and then leave the same room unguarded. Security professionals are familiar with the need for asset protection – now it’s time to ensure that information is afforded the same degree of security.
Devising the countermeasures
It’s true to say that countermeasures against the threat of eavesdropping are organised in-house as much as possible, with the use of appointed consultants for specialist tasks. It follows, then, that someone from within the host organisation (ie the security manager) should make a concerted effort to familiarise him or herself with surveillance and countermeasures techniques.
Contrary to what you may have read or heard (no pun intended!), prior technical knowledge is not a prerequisite for understanding the basic principles. What the security manager will need to get to grips with, however, is identifying the objectives of a regular countermeasures survey. In other words, which areas and pieces of information are to be protected, and with what periodicity?
As in other areas of security, a high degree of protection is afforded by good physical security and commonsense procedures.
In addition, there’s a wide range of electronic equipment available to forward-thinking security managers looking to extend their organisation’s level of protection.
As a general rule, a minimum equipment level must be available on-site to deal with the prevalent threats of radio bugging and the use of cabling as an alternative transmission path. The type of equipment selected (and any supplementary items) has to be based on the resources available, while the right decision will offer a reasonable assurance that a surveillance attack has not been achieved. A wrong decision may well lead to a false sense of security, and could exacerbate the security leak.
The countermeasures survey should consist of several elements. An initial evaluation and physical check of the area is the first step, followed by a radio frequency spectrum check (for which you’ll need to use a countermeasures receiver). An electronic search should then be performed with a non-linear junction detector, and a critical physical and electronic examination of all wiring, components, appliances and machines conducted as a matter of course.
Last, but not least, the security manager should conduct a detailed physical and electronic examination of the telephone system (including switchboards and junction boxes).
Indeed, protection of telephone lines is one area where countermeasures equipment will not provide you with a complete solution. Bugging devices are now available that make a negligible difference to line conditions and, as such, they’re not traceable by voltage or current measurement techniques. With this in mind, checks – including physical search – can and should be carried out. Users of the telephone system should always be alert to the open nature of the telephone network and the ease with which it may be tapped.
In this case, effective countermeasures would be achieved by the use of high quality scrambling equipment at both ends of the conversation. If that isn’t possible then the instigation of codewords and telephones used at random outside of the sensitive areas will afford you a reasonable level of protection.
The time taken to carry out a survey for bugging devices may be wasted if measures are not then taken after the event to preclude the installation of such devices, and countermeasures equipment is not on site on a regular basis. Good procedures for the in-house security manager to adopt would include keeping sensitive areas locked at all times, maintaining a high degree of document security and the careful use of telephones.
Remember, too, that information can be lost through careless photocopying and the theft of paperwork, the theft of unshredded waste paper and an employee passing on information for money, either under duress or for ideological reasons.
Combating the spies
There are five basic countermeasures techniques. In practice, the particular set of countermeasures used at a site reconciles the various types of threat with on-site circumstances, and will draw on the five techniques to differing extents.
The five techniques centre on: preventing installation, constructing a safe room, physically searching for eavesdropping devices, interfering with the operation of a device (or making information unintelligible) and using special countermeasures equipment to detect and locate bugging devices.
Since some eavesdropping techniques demand the installation of a bugging device in or near the target area (ie in an individual office or suite of offices, an executive’s home or conference room), denying access eliminates the threat. In an active business environment it’s usually possible to prevent any unauthorised access without creating an unworkable environment. Sensible physical security measures can reduce the threat to a particular target area substantially, forcing the eavesdropper to take greater risks or switch to a less successful eavesdropping method.
Safe rooms are used extensively within embassies. They will usually be surrounded by sound/vibration-absorbing material and metal shielding to prevent the passage of sounds and radio signals respectively. Any cabling linking the safe room to its surrounds is either disconnected during occupation or filtered and monitored to remove/check any signals passing along. Given that these rooms are compact and totally enclosed, physical security measures to prevent any unauthorised access are easier to implement.
A complete physical search of a target area is very time consuming and generally impractical. If, for instance, a microphone and cable were buried in a wall during rebuilding or decoration work then it would have a very high degree of immunity to discovery by physical search. Likewise, it’s just not practical to check a telephone line along its length to the local telephone exchange.
Physical search is really useful if restricted to areas that are more easily accessed. For example, a suspended ceiling offers an excellent hiding place for microphones and tape recorders, etc. Such areas can be searched quite easily. Ducting that carries power and telecommunications cabling is also usually accessible. Checking on any building work during lunch breaks and in the evening should also help to ensure that no illicit equipment is being installed.
‘Interference methods’ describe any technique that either renders the bugging device inoperable (jamming equipment is used) or renders information gathered as unintelligible (in which case scrambling or encryption devices would be employed).
Jamming equipment designed to counter specific types of eavesdropping device is offered by certain suppliers. Security managers ought to be wary, though. In general, such equipment is often ineffective or dangerous in its operation.
By way of an example, some equipment for tracing telephone taps and microphones incorporates a high voltage pulse generator.
The principle of operation is that a high energy pulse will destroy any eavesdropping device attached some distance away on the pair of wires. Use on public and private telephone networks is potentially damaging and dangerous to personnel. In addition, it’s relatively simple to include high voltage protection within an eavesdropping device.
Optical jamming is a good, practical measure. The simple precaution of closing curtains during a meeting, for instance, prevents any optical signal from passing through the window. Similarly, the use of scrambling/encryption equipment to protect both speech and data communications is the only really effective way of countering many speech and machine interception methods.
At the end of the day, ALL senior personnel within an organisation must appreciate the need for electronic countermeasures. One only need think about the financial and strategic damage that could well be sustained if the threat is ignored.
