Bug Sweeping – Technical Surveillance Counter Measures – TSCM

[ Bug Sweeping ] [ Spy Bugs ] [ Red Flags ] [ TSCM ] [ Physical Inspection ] [ Office Inspection ] [ Radio Frequency Detection ] [ Audio Recordings ] [ Surveillance Target ] [ Counter Measures ] [ TSCM Equipment ] [ Inspection of Computers & WiFi ] [ Professional Bug Detection ]

Who is watching?

Who is listening?

Who is recording?

What is Bug Sweeping – Technical Surveillance Counter Measures – TSCM?

Who is listening to your conversations? Who is watching you?

In today’s day and age, we can’t too careful with our information and who has access to it. Once the information has been exfiltrated or extracted via cyber espionage and other techniques, it can and will be used against your own interest.

The phrase “I have nothing to hide” or “I am not important” might be true in some cases, but it does not address the real problem of eavesdropping or corporate espionage and neither does it acquit or absolve you from your responsibility as a company, government or corporation to protect the data that you have collected and stored.

Low-Cost Hidden Surveillance

Hidden surveillance equipment is very easily available at a low cost for anybody. And it can be very small, easy to hide, and hence difficult to find or track.

How to main privacy and secure your premises?

This causes a challenge to maintain the privacy, confidentiality, and security of our premises, offices, and other places. After all, you don’t want to be spied upon or monitored by adversaries, competitors, or corporate spies. Just think about hidden voice recording devices (even smartphones) present at your meeting without your knowledge or consent…

TSCM – Technical Surveillance Counter Measures

Electronic Spy Bugs

TSCM is basically the counter-surveillance specialty called Technical Surveillance Countermeasures or TSCM is referring to a set of countermeasures with as purpose of the detection and/or defeat of technology, spy bugs, and electronic devices which try to obtain intelligence (video, audio, data, etc.. ) of a target (person, location, meeting room).

Eavesdropping on audio, video, location, and Wi-Fi systems.

Also known as eavesdropping by using advanced audio-, video recorders, GPS trackers, logging systems, and electronic transmitting devices using different frequencies. To detect or counter these threats you need to hire a debugging team to do technical sweeps or bug sweeping.


Spy Bugs come in different sizes & shapes


You might also consider awareness training for your staff, so their relevant person is knowledgeable about electronic devices, such as spy-bug, GPS trackers, data loggers, motion-activated sensors, and other methods which adversaries of spies will use to either follow you, record you, track you, monitor your movements or listen into your private and confidential meetings. These types of devices are getting smarter & cheaper:

  • a SIMCARD enabled (GSM) in double plug socket transmitter will work for many years (global)
  • an unregistered or copied sim card could be used in these types of spy devices
  • hardwired RF devices were hidden in an existing and functioning electronic device
  • devices programmed to disable themselves upon scanning
  • devices with masked heat and RF signature
  • nano-technology enabled devices (very small)
  • frequency hopping devices are more difficult to detect

Office Inspection

TSCM Physical Inspection of offices or meeting rooms

Are there spy bugs hidden in our office?


Seeing what could be hidden where, think like a spy, and imagine where to hide the listening device. That is what you need to do in order to find the device. Make a list per room/office of where things could be hidden. This starts with an on-site physical and visual assessment followed by a deeper inspection. Don’t avoid a hard search. Don’t think that you are smarter than the spy. The best way to detect bugs is to think like the spy who is placing the eavesdropping devices. Theory alone does not cut it. Hands-on experience is key.

When should I check for listening devices?


These kinds of inspections will have to be done routinely. Especially before and after the meeting you might want to check the room.

Since bugs are physical devices, they will have been brought into the building or office at a given point in time. People who install bugs or plant covert listening devices will have thought about:

Are my security staffs able to detect hidden recording devices?

  • ROI – Cost vs reward – which type of technology or electronics
  • how to power the device? hardwired or mobile devices?
  • methods of retrieval?
  • can the device be jammed?
  • can the device be detected?
  • is the security staff aware of spy bugs?
  • frequency hopping device or simpler??
  • level of risk to get caught during installation, activation, or operations
  • which type of building is being bugged (steel, concrete, or brick)
  • the exact location of the target room/area?
  • the timescale of the monitoring sequence – when to activate or use the device? what triggers it?
  • monitoring or receiving location (what type of transmission)
  • audio, video, motion sensors, still -images – what type of data was collected?
  • how to gain access to room/area and building

Are you the target of Surveillance?

Are you being followed or spied upon?
Are you a target? Spot the Red Flags or Indicators.

Typical signs of the presence of hidden surveillance or listening/bugging devices (spy bugs) are:

  • random interference in radio and television or other audio/video devices (radio frequency)
  • uncommon noises, beeps, cracks on fixed (PSTN) phone lines
  • mobile phones and smartphones batteries run out fast, even when not in use.
  • unexplained burglary or signs of burglary without theft. Did somebody put a device in your office?
  • traces of holes drilled in walls.
  • check if certain items that you received are not bugged with something.
  • an indication that certain confidential information is leaking out and popping online or in conversations.
  • effective signs that you are losing information or data
  • presence of hidden (undiscovered) eavesdropping and monitoring devices

Risks of Spy Bugs

Risk of spy-bugs doing audio or video surveillance in your organization/company.

  • company loss of vital commercial information
  • reputational damage
  • bad public relations if exposed in the press
  • loss of profits
  • the leak of intellectual property
  • lack of privacy creates a distinct feeling of insecurity
  • issues of data-leaks
  • unauthorized transmission of confidential info to unknown parties
  • lack of confidentiality, integrity & accessibility of info (CIA)

What can be done with recordings? How can this hurt me?

Inspection of Wi-Fi & Computers

Spying via WiFi devices and computers in your office

It is wise to include a WiFi sweep (hidden and visible WiFi access points) in the TSCM survey. Computers have microphones and are frequently bugged via the operating system or all sorts of apps that might be installed. Most Internet devices are connected online 24 hours per day, 365 days per year. Do you know what is connecting to your network or own device? In many cases even experienced IT admins are aware of this issue of cyber attacks but have not learned in-depth or have not been confronted with the audio-spy-bug technology from hardcore cyber-spies. This is the blind spot, this is the weakness.

It is not enough to just scan for known or current threats. Be aware also of future threats.

Radio Frequency Detection

Detection of Radio Frequency Devices

Are there any unwanted radio frequency devices in your building or office?

It cannot be stressed enough that physical security & building security (on-site, in your premises, your offices) are not enough to secure premises from interfering radio frequency devices. You will also need to look at the latest threat intelligence relevant for your organization and company on data breaches, data leaks, cyber attacks, ransomware attacks, whether your company data is being sold on the dark web, and if your WiFi routers are bugged, hacked or tapped.

Enumerate all devices

Make a list (enumeration) of all office devices which are connected to the internet and your local area network, maybe they are bugged with spyware or simply hiding in plain sight containing hardware spy bugs. There are many types of covert transmitters.

  • 1st we create an RF spectrum footprint of the area
  • 2nd we examine RF spikes (classification: safe / not safe / not authorized / not recognized)
  • 3d check for  hidden hard-wired microphones and covert video cameras (phone handsets and sockets)
  • 4th physical and technical inspection of electrical devices
  • 5th check of telecommunications and Computer systems (routers, devices, cables, etc..)
  • 6th inspection & scanning of walls, floors, ceilings, ducts (hidden, redundant items, or suspicious wiring)

Integrated approach

This will require an integrated approach and this is where TSCM is maybe the start of a much bigger security policy to be put into place…  If you see red flags or symptoms, don’t ignore them.

Do Call our AR INTELL TCSM team and we will start the initial assessment. After our TSCM process is completed a report is made about your security routines, bugs discovered, possible weaknesses in your system, and recommendations are formulated. In some cases, we recommend to re-train your security management team & staff.

Unauthorized Audio Recordings

Counter Measures to jam or avoid Audio Recordings

There are devices on the market that will alert you when new RF signals are activated or detected, or audio-jamming systems that make the recorded sound, appear inaudible. A microphone jammer could be a way to protect your privacy and keep private conversations private.

  • Audio Recording Jammers are a type of white noise generator that can keep your conversation from bugging devices. This device will create random sound waves that desensitize nearby audio surveillance devices. Top confidential P&C meetings should NOT be conducted without a professional audio jammer. These types of jamming devices will generate a signal which jams the microphones of recording devices. Recordings will be inaudible. Audio Recording Jammers will shield your conversation from recording apps on Mobile phones, Laptop Computers, digital recording pens, (hidden) recorders, and any other device for sound recording or acquisition. An audible white noise on a specific audio frequency will disable the microphone’s recording capabilities (if in range). Audio jammers are not wireless RF frequency jammers. Most of this audio jamming technology will desensitize a nearby microphone or tape recorder. They can be an effective countermeasure against microphone-based surveillance devices such as tape recorders, RF transmitters, microphones, and microwave or laser reflection listening technology.
  • Ultrasonic Suppressors use ultrasonic emitters. When turned on the microphones of recording devices will not allow interlocutors to record confidential information. This device works silently and is installed under the table.
  • Audio Signal Generators will generate an audio frequency that interferes with the audio-recording device.

TSCM Bug Sweeping

TSCM Bug Sweep. Detection of Hidden Devices.

  • electronic and physical check
  • inspection of a room (+ content)
  • check building security, perimeter area
  • check vehicles in which targets are moving (GPS trackers, audio bugs, “forgotten” phones)
  • inspection of common areas, toilets, and restrooms. lifts and refreshment areas, kitchen
  • FM & UHF device’s radio signal
  • GSM, smartphone device usage (3G,4G)
  • differentiate legit/authorized mobile phones/smartphones and 2G/3G/4G or GSM bugging devices
  • detection of burst transmission
  • presence of encrypted devices
  • cyber attacks on computer systems
  • presence of spyware, malware in desktop/laptop computers and other mobile devices
  • look at the electrical systems
  • check the telephone systems, communication-systems
  • video & audio-conferencing systems
  • information desk telephones, telephones on reception-desk could be listening devices
  • provide training and education to the management team and/or key security personnel
  • check electrical systems, lights
  • check thermostats or aircon-remote controller
  • check how many power sockets, power plugs, workstations, laptops, computers are in a room
  • check ducting (HVAC systems), fans, air-cons, remote controls, etc.
  • check electrical fittings and sockets
  • check topography, the layout of the building & office
  • perimeter & access security
  • devices embedded within walls, behind wallpaper
  • devices embedded in the structural elements of a room
  • bugs embedded in soft furnishings, couches, and other furniture
  • inspection of laptops, tablets & smartphones that executives & directors use (including home devices)
    • could be bugged
    • could be tracked
    • could be infected with spyware, malware, ransomware, etc.
  • inspection of computer-case, laptop-case (ideal for putting bugs & trackers)
  • check pc motherboards, wiring & electronics of computer internals (desktop cases should be locked)
a man touching an electronic equipment with electronic signal

Look for hidden recording devices and transmitters. Contact professional bug-sweepers.

Is bug-sweeping an intrusive service?

You should also be aware that a TSCM sweep can be a very intrusive service so it needs to be done correctly. One simply cannot trust just any sub-contractor to conduct this kind of service. After all meeting rooms and offices of all employees, executive directors, partners, and personal assistants will be swept for bugs. Some preparation is required here.

Sometimes the nature of the environment will require the bug sweep to be done covertly, at night, or during off-peak times of office usage. TSCM teams could enter the building at night when there are no or fewer office workers/employees in the building or office.

TSCM Methodology

TSCM Equipment

What type of TSCM Equipment is used? Which TSCM methodology? And for what purpose?

Depending on the assignment and scope of work, different types of sophisticated Radio Frequency enabled scanning/detection equipment and other systems will be used to detect suspicious transmissions. When inspecting a room, office, or specific area, devices that scan RF in the NEAR field are required. We are not looking for phantom signals or RF reflections from far away emitting sources. Any signal detected is considered a suspect, until it is identified for what it is (strength of RF, frequency, source, benign, or something else). RF Devices-list:

  • Spectrum analyzer
  • Oscilloscope
  • RF device sweepers for RF range from 10 kHz to 24GHz
  • Handheld close-inspection devices
  • GPS signal scanners
  • Walkie talkies give some idea of certain UHF, VHF chatter nearby
  • Physical and technical inspection devices and hands-on feeling and looking
  • Non-Linear Junction Detector (scans for passive devices)
  • Thermal imaging cameras
  • Infrared detection devices
  • GSM/UMTS/3G/4G detection and location system to identify the IMEI of the SIM card (IMSI scanner)
  • Detection of active SIM-based surveillance devices
  • Endoscopes with cameras
  • Frequency Domain Reflectometer (FDR) to check the integrity of the cables (any splits or wiretaps?)
  • Counter Surveillance Probes
  • Radio Microphone Detector to detect clandestine radio microphones
  • UV-light to detect excessive fingerprints on windows and other smooth surfaces
  • Different equipment to check for tampering with legit installations
radio frequency spectrum

What type of signals to look for in the radio-frequency spectrum?

Drop devices (drop & retrieve method) or burst devices (gathers intelligence, does audio/video recording + does a scheduled transmission of these data) require a different method of detection (thermal imaging, XRAY-scan) since they are not always transmitting but do have a battery, electronics, and an antenna. Burst transmissions are mostly done during off-peak times. Signals can be analog, digital, or burst signals.

professional radio frequency detection

Professional Bug Detection

Cheap Solutions don’t really work…

Take note that a cheaper radio frequency detector (detect RF presence close, but also far and wide..) is not the same as a professional bug detector (detects RF bugs in a specific area).

There are many radio signals and RF-enabled devices surrounding us. Such as FM, AM radio, UHF, VHF walkie talkies, Bluetooth devices, Wi-Fi (routers running on 2.4 GHz, 5.8 GHz), (2G, 3G, 4G, 5G, IoT-frequency, GPS signals in phones or cars, utility meters, telecom towers, laptops, smartphones, baby-monitors, IoT-devices, Tablets, Bluetooth headset/speakers, smart-watches, electric motors of vacuum cleaners, metal curtain-rods, automatic curtain systems, projectors installed in ceilings, conference systems on tables… Sometimes you will detect these signals and some of them are false positives (phantom signals).

The summary is that there are radio signals everywhere. Detecting a radio frequency is one thing, but in TSCM it is key to know where the emitting signal is coming from. Meaning, you need to locate the source; find the location. Radio signals tend to bounce off surfaces and reflect or simply come from different directions. So with basic RF detectors, it is not easy to know what is what and where the signal is coming from.

Contact us to do a hands-on, eyes-on, comprehensive search.