The Process of Bug Detection and Elimination

Since there many companies claiming to be "bug detectors", we provide this list to you, not only as a checklist by which to question the expertise of another. One quick question to ask them is to explain to you what the meaning of "TSCM" is. It's actually Technical Surveillance Counter Measures. Any truly qualified firm will understand what this term means. Our checklist is something you can use to compare services not costs. Remember, you don't want the cheapest service, you want the best. 

• Contact is made away from suspect facility (from a pay phone at airport, etc...)
• Contact is not to be made via a suspect telephone or cordless telephone
• Initial arrangements are made for a secure face-to-face meeting

2. Initial Meeting and Commissioning

• Initial and secure face-to-face meeting (if requested)
• Initial meeting at a known safe location away from any suspect location
• Discussion regarding clients concerns, and possible vulnerabilities
• Arrange for contracting of TSCM services, if appropriate

3. Pre-Inspection Survey, Research, and Facility Surveillance

• Review of facility building plans/maps
• External RF survey (9 kHz to 60 GHz)
• Facility exterior surveillance and report findings

4. Vulnerability Analysis

• Threat assessment
• Physical security evaluation
• Electronic security evaluation
• Internal RF survey (9Khz to 60Ghz)
• Audit of communications systems and facilities
• Inventory of furnishings, fixtures, and artifacts
• Assessment  of structural elements (walls, ceilings, floors)
• Drawing  of suspect area and facilities
• Identification of sensitive areas and locations
• Identification of intercept areas
• Identification of probable listening positions
• Development of a threat model
• Preferably performed during normal business hours (with appropriate cover)

5. Silent/Passive Walk-Thru

• Silent, non alerting activities only
• Automated bug and wireless microphone detection (9 kHz to 11GHz)
• Initial Carrier Current Frequency inspection of all power lines 
• Detection of infrared devices and laser surveillance devices
• Video camera, tape recorder, VLF, and ultrasonic detection
• Initial inspection  of physical security, locks, alarms, etc.

6. Passive Inspection - RF Spectrum Monitoring

• Silent and non alerting activities only, nothing to alert the eavesdropper
• Full passive RF spectrum sweep (20 Hz to above 20 GHz)

7. Active Inspection - Non Alerting

• VLF/RF check - AC mains (all electrical outlets)
• VLF/RF check - AC mains (all light switches/fixtures)
• VLF/RF check - HVAC controls
• VLF/RF check - Alarm and access control sensors
• VLF/RF check - Fire and safety sensors/alarms
• All phone lines evaluated and traced back to central office
• All artifacts documented, recorded, and inspected
• Oblique lighting inspection of all walls and artifacts
• Initial inspection of baseboards, windows frames, and door jambs
• Initial inspection of all wallplates (electrical, PBX, LAN)
• UV lighting sweep (below 400nm / 100THz)
• IR lighting sweep (above 700nm / 180THz)
• Check for telephone set modifications
• Check for PBX software and hardware abnormalities
• Check for voice mail modifications
• Inspection of all computer and LAN connections
• Inspection of all laser printers and computer output devices

8. Active Scan - Alerting

• Chirp detection of hidden microphones and other transducers
• IR, audio, and ultrasonic jamming 
• Inspection of all furniture (desks, chairs, plants, etc)
• Open ceilings and walls (move ceiling tiles and panels)
• Thermal inspection
• HVAC and ductwork inspection
• Acoustical leakage inspection
• Detailed inspection of all electrical fixtures
• Inventory of all conductors, conduits, wall studs, etc...
• Detailed electromagnetic energy search (above 26.5 GHz)

9. Active Scan - Alerting/Evaluation

• Verify and TDR/FEXT/NEXT trace all conductors
• TDR trace - Telephone System Wiring
• TDR trace - Computer Network Wiring
• TDR trace - Cable Television and CCTV
• TDR trace - AC mains (all electrical wiring)
• TDR trace - AC mains (all electrical fixtures)
• TDR trace - HVAC controls
• TDR trace - Alarm and access control sensors
• TDR trace - Fire and safety sensors/alarms
• TDR trace - Other
• PBX, ESS, and SN translation evaluated (as available)
• Voice mail system evaluation
• Xerox machine inspection
• Fax machine inspection
• Verify security of PBX, alarm, HVAC, audio systems
• Evaluate all artifacts (ie: furniture, books, computers, etc...)
• Wall, floor, and ceiling cavity inspections
• Detailed physical inspection 

10. Preventive Actions (available only by special request)

• Seal and dust all cavities, wallplates, artifacts, etc...
• Install acoustic, ultrasonic, IR, and RF "cloak" as needed
• Install IPM alarms and associated security system
• Installation of encryption devices
• Installation of high security locks, doors, and hinges
• Installation of physical security devices
• Client education and training

11. Post Inspection Activities

• Verbal presentation of findings before leaving
• Presentation of hard copy report (if requested)
• Corrective actions
• Follow up actions
• Recurring TSCM services (if appropriate)

14. If an Eavesdropping Device or Activity is Detected

• Collection of documentation regarding device or activity
• Notification of Law Enforcement Agencies (if appropriate)
• Forensic Identification and Analysis of Device
• Counter-surveillance activities
• Counter-intelligence activities

General Parameters:

Eagle Investigative Services always includes at least the following (except for brief "Walk Though Inspections"):

• Analysis of all RF/electromagnetic emanations from 10 Hz to above 21 GHz
• Active and passive light spectra examined from 250 nm to 1750 nm
• Inspection of all outlets, switches, and lighting for VLF/RF devices
• Inspection of all PBX, LAN, and WAN connections and equipment
• All computers audited and checked for security anomalies
• Evaluation of all computers network facilities and associated cabling
• Inspection of all Xerox, fax, and other imaging equipment
• Inspection of all fiber optic connections and cabling
• All phone lines inspected and verified back to the central office
• Evaluation of all locks, safes, and physical security devices
• Most activities will overlap to provide complete coverage

If you think you are being bugged, watched, or monitored, click on What to do if you suspect a bug?  Since all cases are unique, the design and procedure of the investigation can be discussed without obligation or charge. All consultations are free and considered with strict confidentiality.

For more information about how our service can be helpful in determining if your privacy has been invaded, click on Request For Information and provide us with as much information as you can about your situation.