Found a bug? Now what should you do?
Common Voice Recorder
This week, one of our clients frantically called us and said, “I think I have found a bug! What should I do now?”
This happened in between our scheduled inspections for them. The device was a small digital voice recorder, with voice activation capability, taped inside a tall metal wastepaper can in the Board Room. The Board Meeting was scheduled for the following morning. We responded on an emergency basis with an emergency TSCM sweep.
Unfortunately, the eavesdropping device was removed before they called us for help.
This brings up an important point. If you find a bug, what should you do?
The “I think I found a bug” procedural checklist is:
- Do not disturb the device, as it is evidence.
- Do not alert the eavesdropper by talking near the device.
- Secure the area, as it is a crime scene. (Use a non-alerting excuse.)
- Document your evidence: make notes and take photos.
- Notify only the people who have a real need to know.
- Tell all persons involved to keep the information confidential.
- Contact an independent information security consultant who specializes in Technical Surveillance Countermeasures (TSCM).
- Make your call from a safe area, using a safe phone, of course.
The Technical Surveillance Countermeasures specialist will work with you to:
- Complete the documentation process;
- Inspect for additional or supplementary devices;
- Evaluate the situation and answer your questions;
- Make suggestions on how to identify the eavesdropper;
- And help you develop an information protection strategy for the future.
Our client was fortunate. The tape used to attach the voice recorder to the inside of the wastepaper can failed. A resounding thud was heard as the recorder hit the bottom of the can. That startled them, so they checked.
Naïve organizations that do not conduct Technical Surveillance Countermeasures (TSCM) inspections are not so lucky. When they are bugged, they don’t know it because Spy Rule #1 is “Be covert, don’t get caught.”
As a best practice, organizations conduct these inspections quarterly or semi-annually. If you have any questions, or would like to schedule an inspection of your location, please contact us directly.
###
Murray Associates is an independent security consulting firm, providing eavesdropping detection and counterespionage services to business, government and at-risk individuals.
Headquartered in the New York metropolitan area, Murray Associates can assist you quickly anywhere in the United States and internationally.
EXTRAS:
• More security tips, spy and privacy news at spybusters.blogspot.com. Be sure to sign up for the free email updates.
• Concerned about Spy Cameras? Learn how to detect them.
