How to Behave if you Suspect that You Have Been Bugged (original) (raw)

How To Behave Around Bugs and Wiretaps

[Special precautions and behaviors which must be practiced if you suspect that you are a potential victim of bugging or wiretapping]

DO Be Calm, don't panic.... If you panic you will made major mistakes, calm down before you do anything else.

DO immediately contact a TSCM specialist, and be prepared to engage them immediately, during the initial contact.

DO Use E-Mail to contact (but be discreet), most spies target voice communications, but some target computers, use use care.

Do use care when sending E-Mail to a TSCM company, and never use a computer in a suspect area, or any account or network that the eavesdropper might have had access to. If you think you have a spy at home, then send the E-Mail from work, if you think the spy is at work, then send the E-Mail from home.

DO get the entire fee available, BEFORE you contact any TSCM firm, so that you can move quickly once dates are agreed on, and understand that usually this is at least a few thousand dollars, so be prepared.

DO Use the phone, but call from a phone that is away from your office or home. A public pay-phone, or a telephone phone in a hotel room is helpful, but be discrete. Very often an executive will make contact with a TSCM firm via a phone in the clubroom of an airport, or from a telephone in the office of the hotel they are visiting. Try to avoid using your cell phone to make the call. If you do call from a public payphone, be sure to bring at least 10to10 to 10to20 is quarters.

DO Schedule a Vulnerability Analysis or Threat Assessment ASAP if you are not bringing in someone for a TSCM inspection. If you are in need of TSCM services, and you have not had a previous vulnerability analysis performed in the past, then you need to consider firing your security manager (security managers take notice) as a vulnerability analysis is something that should be done on a regular basis.

DO Consider having a Full TSCM Survey or Sweep completed ASAP, time is of the essence. Once the spy suspects that you may be engaging a TSCM firm to come in they will go to extraordinary efforts to remove their bugs, so move quickly and decisively, make fast and strong decisions.

DO Prepare yourself, or your company to pay a retainer in the amount of at least several thousand dollars for even the briefest of sweep services, as soon as you speak to or contact the sweep from you are seeking assistance from. Be in a position to pay the balance at or before the end of the service being provided. For personal sweeps, performed by a company within 150 miles of your location, a good rule is to have at least 2500inhandbeforeyoumakethecall,andatleastanother2500 in hand before you make the call, and at least another 2500inhandbeforeyoumakethecall,andatleastanother2500 payable on the day of the service. A corporate project, or project at a large estate, or in a high risk situation the amount of the initial retainer, and the final payment may easily be three to four times this amount. In a company the key issue is the mechanism by which the funds will be provided, in a way that maintains the lowest level of visibility and confidentiality within your company. If you do pay less then several thousand dollars then you will be paying for a painful lesson, but not actually getting a legitimate bug sweep... a real sweep costs thousands of dollars, not hundreds.

DO Be Very Discreet...

DO NOT Try to find the bug or wiretap yourself

DO NOT Contact the telephone company to help (they will laugh at you)

DO NOT Contact the FBI/Secret Service to help (they will ignore you, and make rude comments about your mental health)

DO NOT Try to get the local police to help (they lack the ability, and much like the above are likely to make rude noises)

DO NOT Use your office telephone to initiate contact (this can not be stated strongly enough)

DO NOT Use your cellular or cordless phone to initiate contact (and use a pre-paid phone when possible). Although it is better to use a modern digital cellular telephone then it is to use the phone in your office to make the call for help

DO NOT Discuss this issue at the office, in your car, or at home

DO NOT Engage a private investigator to find it (they may have planted it)

DO NOT Buy spy shop bug detectors (most are worthless, and a scam)

DO NOT Try to use bug sweeping devices on your own as this will only lead you to great frustration, and you are quite likely to find something that is harmless but which causes you to panic or to start tearing walls and wiring apart needlessly. More dangerously though, is that unless you know what you are doing, and you have the appropriate technical training you are more likely to completely miss a bug that is right in front of you. Ask yourself... do you really know what to look for? More importantly, does the company you hire to perform a sweep know what to look for?

Additional Considerations

It is critical that you get a TSCM specialist out to the area to be inspected as quickly as possible (typically within 120 hours or less, the same day is ideal).

When possible it is important that you keep the area occupied until the TSCM specialist arrives to prevent removal of any possible eavesdropping device.

If you are currently the target of eavesdropping, special steps must be taken to avoid alerting the eavesdroppers that you are seeking professional help to detect the eavesdroppers activities.

If such an eavesdropper learns that a team is about to perform a TSCM service they will quickly remove (or turn off) their eavesdropping devices, and re-install or re-activate them after the sweep has been completed (and no bugs will be found by most sweep teams (note: Granite Island Group is very good at finding bugs that the spy has turned off, much to the chagrin of several eavesdroppers).

Many TSCM sweeps have been compromised or ruined by clients who call the TSCM specialist from the suspect facility, or from a suspect phone.

Keep in mind that there are less then a dozen legitimate and competent TSCM specialists and counterintelligence firms in the U.S. private sector, be patient when trying to locate one to help you

Watch out for the "Two-Week Wonders," a number of schools certify students to do TSCM sweeps after only one or two weeks of classroom training. Their typical student has little or no technical background, and rarely any intelligence training or background.

All legitimate TSCM people have extensive background in either electronics or government intelligence operations (often both).

A legitimate TSCM person will also have at least 500 hours of specialized TSCM inspection training on top of their expert technical skills and technical training (don't be bashful about asking about their technical credentials).

Private Investigators are rarely qualified to perform bug sweeps; their training, background, and equipment are for the INSTALLATION of bugging devices, NOT removal. An honest PI will usually bring in an outside TSCM firm as a subcontractor basis, and will not attempt to perform the sweep themselves. If you do engage a PI to look for bugs then you will be paying for a painful lesson, but not actually getting a legitimate bug sweep.

Be suspicious about any TSCM specialist who seems a little too pushy, too enthusiastic, or anyone who wants to play "cloak and dagger games" with you. You do need to exercise due caution, but please... do not buy a trench coat.

Many people pushing bug sweep services wear a good suit well, have just that right combination of absolute sincerity and dishonesty, and have the finely honed ability to completely mesmerize and alarm a potential client who needs bug sweep services but feel that only a "James Bond" type can do the job for them.

For every legitimate TSCM specialist there are 100 con artists, 50 outright crooks, and 99 bumbling fools who will also try to get your business. Many of these people are criminals (usually convicted felons), who also operate businesses which sell and/or install eavesdropping equipment. Remember ask about their technical credentials.

Always ask the TSCM specialist "what else they do", as many firms do TSCM as an arcane, rarely provided extra service, and do not actually specialize in it. Do they list TSCM as something they "also do", but not as one of the top services they offer? Many PI's list TSCM and Bug Sweep services at the bottom of their services list (right underneath polygraph interviews, executive protection, dog walking, grocery shopping, engine maintenance, car detailing, and technical security). However, private investigators actually know very little about bug sweeping; and many of them have not yet realized this truth. Do not engage a PI to do a bug sweep.

Special Precautions for Executives

When you suspect that you may be the victim of covert eavesdropping:

Watch what you say at home or at the office, and never discuss your concerns inside, outside, or near any suspect facility.

If you need to discuss this issue with someone, DON'T do it at the office, your auto, or home.

Never call a TSCM firm from any phone near your office, or your residence. Instead call from a randomly chosen pay phone that is 5-10 miles away for the initial contact (pay phones at hospitals, airports, large hotels, hotels, malls, train stations, and other large public areas are a good choice).

Set up a relationship with a TSCM service provider long before you need them, and try to keep them on some kind of retainer agreement that you are comfortable with.

Private telephones in the homes of senior executives are a popular and valuable targets for an eavesdropper, so please do not call from home.

Never call from any type of cordless phone, cellular telephone, PCS phone, or any other type of wireless device. However, modern cellular telephones can be invaluable in setting up a TSCM project if you cannot use the phone in your office, and you can not get to a safe place to make the call.

Do not trust any type of spread spectrum telephone or fax machine line, as they are very easy to monitor.

You can contact a TSCM specialist by E-mail, but only to set up an appointment for a phone, or face-to-face consultation.

Schedule a Vulnerability Analysis or Threat Assessment (if you have sufficient time), and try to get the TSCM specialist to schedule a visit as soon as possible, and without delay if you suspect eavesdropping is afoot.

Have someone who specializes in technical counterintelligence do a TSCM Survey, and make sure that this person is an expert with computers, telecommunications, and electronics.

Handle the logistics of the inspection away from your office.

Don't wait until you have a problem to contact a TSCM professional.

Work with a TSCM professional to set up a formal corporate TSCM and technical counterintelligence policy.

The most important issue you should start thinking about is: "What are we going to do if a bug is found?" Give this some thought and mediation, and then call someone right away, before it is too late.