If any of your servers are hacked, then you will surely face serious data contingency issues, maybe even a total infection of your other accounts, password leaks, and a data breach are very likely. These kinds of issues require your instant attention.
Even when your company server is hosted in a data center, you will still need to do a regular safety check and security audit.
Especially when you are running an FTP or Web Server to distribute copyrighted material, you might become a target of hackers or APT groups. A botnet can be running on your servers to perform DDOS attacks on other devices. network flooding users, constant scanning, or hacking other computers can be done from your company server, making it a zombie node in a wider network of command & control centers. Controlled by hackers that is and not by yourself or your IT-admins. Point being: don’t ignore the red flags and do hands-on checks.
[ Bug Sweeping ] [ Spy Bugs ] [ Red Flags ] [ TSCM ] [ Physical Inspection ] [ Office Inspection ] [ Radio Frequency Detection ] [ Audio Recordings ] [ Surveillance Target ] [ Counter Measures ] [ TSCM Equipment ] [ Inspection of Computers & WiFi ] [ Professional Bug Detection ]
Who is watching?
Who is listening?
Who is recording?
In today’s day and age, we can’t too careful with our information and who has access to it. Once the information has been exfiltrated or extracted via cyber espionage and other techniques, it can and will be used against your own interest.
The phrase “I have nothing to hide” or “I am not important” might be true in some cases, but it does not address the real problem of eavesdropping or corporate espionage and neither does it acquit or absolve you from your responsibility as a company, government or corporation to protect the data that you have collected and stored.
Hidden surveillance equipment is very easily available at a low cost for anybody. And it can be very small, easy to hide, and hence difficult to find or track.
This causes a challenge to maintain the privacy, confidentiality, and security of our premises, offices, and other places. After all, you don’t want to be spied upon or monitored by adversaries, competitors, or corporate spies. Just think about hidden voice recording devices (even smartphones) present at your meeting without your knowledge or consent…
TSCM is basically the counter-surveillance specialty called Technical Surveillance Countermeasures or TSCM is referring to a set of countermeasures with as purpose of the detection and/or defeat of technology, spy bugs, and electronic devices which try to obtain intelligence (video, audio, data, etc.. ) of a target (person, location, meeting room).
Also known as eavesdropping by using advanced audio-, video recorders, GPS trackers, logging systems, and electronic transmitting devices using different frequencies. To detect or counter these threats you need to hire a debugging team to do technical sweeps or bug sweeping.
You might also consider awareness training for your staff, so their relevant person is knowledgeable about electronic devices, such as spy-bug, GPS trackers, data loggers, motion-activated sensors, and other methods which adversaries of spies will use to either follow you, record you, track you, monitor your movements or listen into your private and confidential meetings. These types of devices are getting smarter & cheaper:
Seeing what could be hidden where, think like a spy, and imagine where to hide the listening device. That is what you need to do in order to find the device. Make a list per room/office of where things could be hidden. This starts with an on-site physical and visual assessment followed by a deeper inspection. Don’t avoid a hard search. Don’t think that you are smarter than the spy. The best way to detect bugs is to think like the spy who is placing the eavesdropping devices. Theory alone does not cut it. Hands-on experience is key.
These kinds of inspections will have to be done routinely. Especially before and after the meeting you might want to check the room.
Since bugs are physical devices, they will have been brought into the building or office at a given point in time. People who install bugs or plant covert listening devices will have thought about:
Are you the target of Surveillance?
Typical signs of the presence of hidden surveillance or listening/bugging devices (spy bugs) are:
Risks of Spy Bugs
Inspection of Wi-Fi & Computers
It is wise to include a WiFi sweep (hidden and visible WiFi access points) in the TSCM survey. Computers have microphones and are frequently bugged via the operating system or all sorts of apps that might be installed. Most Internet devices are connected online 24 hours per day, 365 days per year. Do you know what is connecting to your network or own device? In many cases even experienced IT admins are aware of this issue of cyber attacks but have not learned in-depth or have not been confronted with the audio-spy-bug technology from hardcore cyber-spies. This is the blind spot, this is the weakness.
It is not enough to just scan for known or current threats. Be aware also of future threats.
Radio Frequency Detection
It cannot be stressed enough that physical security & building security (on-site, in your premises, your offices) are not enough to secure premises from interfering radio frequency devices. You will also need to look at the latest threat intelligence relevant for your organization and company on data breaches, data leaks, cyber attacks, ransomware attacks, whether your company data is being sold on the dark web, and if your WiFi routers are bugged, hacked or tapped.
Make a list (enumeration) of all office devices which are connected to the internet and your local area network, maybe they are bugged with spyware or simply hiding in plain sight containing hardware spy bugs. There are many types of covert transmitters.
This will require an integrated approach and this is where TSCM is maybe the start of a much bigger security policy to be put into place… If you see red flags or symptoms, don’t ignore them.
Do Call our AR INTELL TCSM team and we will start the initial assessment. After our TSCM process is completed a report is made about your security routines, bugs discovered, possible weaknesses in your system, and recommendations are formulated. In some cases, we recommend to re-train your security management team & staff.
Unauthorized Audio Recordings
There are devices on the market that will alert you when new RF signals are activated or detected, or audio-jamming systems that make the recorded sound, appear inaudible. A microphone jammer could be a way to protect your privacy and keep private conversations private.
TSCM Bug Sweeping
Look for hidden recording devices and transmitters. Contact professional bug-sweepers.
You should also be aware that a TSCM sweep can be a very intrusive service so it needs to be done correctly. One simply cannot trust just any sub-contractor to conduct this kind of service. After all meeting rooms and offices of all employees, executive directors, partners, and personal assistants will be swept for bugs. Some preparation is required here.
Sometimes the nature of the environment will require the bug sweep to be done covertly, at night, or during off-peak times of office usage. TSCM teams could enter the building at night when there are no or fewer office workers/employees in the building or office.
Depending on the assignment and scope of work, different types of sophisticated Radio Frequency enabled scanning/detection equipment and other systems will be used to detect suspicious transmissions. When inspecting a room, office, or specific area, devices that scan RF in the NEAR field are required. We are not looking for phantom signals or RF reflections from far away emitting sources. Any signal detected is considered a suspect, until it is identified for what it is (strength of RF, frequency, source, benign, or something else). RF Devices-list:
What type of signals to look for in the radio-frequency spectrum?
Drop devices (drop & retrieve method) or burst devices (gathers intelligence, does audio/video recording + does a scheduled transmission of these data) require a different method of detection (thermal imaging, XRAY-scan) since they are not always transmitting but do have a battery, electronics, and an antenna. Burst transmissions are mostly done during off-peak times. Signals can be analog, digital, or burst signals.
Professional Bug Detection
Take note that a cheaper radio frequency detector (detect RF presence close, but also far and wide..) is not the same as a professional bug detector (detects RF bugs in a specific area).
There are many radio signals and RF-enabled devices surrounding us. Such as FM, AM radio, UHF, VHF walkie talkies, Bluetooth devices, Wi-Fi (routers running on 2.4 GHz, 5.8 GHz), (2G, 3G, 4G, 5G, IoT-frequency, GPS signals in phones or cars, utility meters, telecom towers, laptops, smartphones, baby-monitors, IoT-devices, Tablets, Bluetooth headset/speakers, smart-watches, electric motors of vacuum cleaners, metal curtain-rods, automatic curtain systems, projectors installed in ceilings, conference systems on tables… Sometimes you will detect these signals and some of them are false positives (phantom signals).
The summary is that there are radio signals everywhere. Detecting a radio frequency is one thing, but in TSCM it is key to know where the emitting signal is coming from. Meaning, you need to locate the source; find the location. Radio signals tend to bounce off surfaces and reflect or simply come from different directions. So with basic RF detectors, it is not easy to know what is what and where the signal is coming from.
Contact us to do a hands-on, eyes-on, comprehensive search.
DIGITAL CRIME SCENE INVESTIGATION
Cyber Crime and crimes which use electronic means or digital platforms require new types of crime investigation methods. Digital Forensics & the extensive use of OSINT are some of these methods.
We all have limited time and resources. This is why when AR INTELL zooms in on cybercrime investigations. Our digital forensics team’s target is to get it all done in time.
In our cybercrime investigations, we go beyond the capabilities. We are not limited to the constraints of existing traditional forensic tools.
What might be the reason behind this thinking? By using artificial intelligence systems, big data, and digital forensics intelligence in our digital investigations. Consequently, we can better understand and address huge problems in the very complex domains of cybercrime.