Emergency TSCM Sweeps are called for if you suspect you are a victim of eavesdropping, or there has been suspicious activity.
If you have a sense that something isn’t quite right, trust your instincts, the thought would not have occurred to you if everything was all right. Conduct a TSCM sweep ASAP. Time is of the essence, and you may get only one chance to “do it right.”
Our experience indicates that the need for emergency TSCM sweeps are usually triggered by someone inside your organization. For example:
- Braggarts trying to impress coworkers with “insider” knowledge.
- Hearing feedback that should have been confidential.
- Disgruntled employees are always a threat if valuable information is available to them.
Conduct an Emergency TSCM Sweep First
Even if you are positive a specific person is privy to information they should not have, the best practice is to conduct an emergency bug sweep first. Do not confront the suspect until you are sure electronic surveillance is not a factor.
We find most information losses can be traced back to people. Big mouths and poor information security practices top the list of transgressions. However, the possibility your information was lost via illegal electronic surveillance has to be considered before accusing people.
Emergency TSCM Sweeps Can Answer Many Questions
Emergency TSCM sweeps are commissioned because electronic surveillance always tops the list of suspects. Why? Bugs are easier to get, get smaller everyday, and are incredibly cheap now. Don’t believe me? Try this Ebay search for Surveillance Bug.
We go into an emergency TSCM sweep knowing a real loss has occurred. Almost all of these cases are successfully solved even though electronic surveillance is the sole factor only 2%-5% in any given year. Our high success rate is due to our focus on solving our clients’ problems, not just finding bugs and saying good-bye. The vast majority of our emergency TSCM sweeps find non-electronic surveillance information loss issues too.
Other triggers that require emergency TSCM sweeps come from poor or lapse security practices. Regardless of how well intentioned your security and practices are, if your security plans are poorly designed, improperly implemented, or use outdated hardware – you represent a rich target for employee snooping and industrial espionage.
Fortunately, how your information loss occurred can usually be determined during an emergency TSCM sweep, if it’s conducted quickly and quietly.
Solving emergency TSCM cases requires more evaluation than what you will get from an ordinary bug sweep. A complete and thorough emergency TSCM sweep also takes into consideration:
- general security policies,
- information security safeguards,
- employee implementation of these policies and safeguards,
- physical security design,
- and a review of security hardware to discover decay and inadequacies.
The Murray Associates team has this combination of skills, knowledge and experience.
Sometimes emergency TSCM sweeps are requested
because someone found a bug or a suspicious device.
In these cases, the following steps should be followed to protect the crime scene and help facilitate catching the perpetrator:
“I think I found a bug what should I do?”
Do not disturb the device. It is evidence.
Do not alert the eavesdropper by talking.
Secure the area. It is a crime scene. (Use a non-alerting excuse.)
Document your evidence. Make notes. Take photos.
- Make a mental note of anyone who appears just a little too interested.
Notify only people who have a real need-to-know.
Tell all persons involved to keep it confidential.
Contact us, but remember to use a safe phone or computer, in a secured area.
After the Sweep, our technical specialist will work with you:
to complete the documentation process;
inspect for additional, or supplementary devices;
evaluate the situation; answer your questions;
- make suggestions as to how to identify the eavesdropper;
help you develop an information protection strategy for the future.
Have a Question About TSCM?
If you have any questions about the TSCM or Mobile Device Forensic services provided by Murray Associates, simply fill out the form below, or call us from a safe area and phone.
If you think you are under active electronic surveillance, or believe you have discovered a bug or covert video camera, follow the directions above and visit our post “I think I found a bug. What do I do?” The procedural checklist there will also tell you exactly what you need to do next.