TSCM SERVICES

Verrimus offer a full range of critical information defence services. Our specialism is TSCM (technical surveillance counter measures). We’re obviously surprised when approached by security professionals who are unaware of what a TSCM survey is (and what it is not!). So, what is TSCM? Why is TSCM required?

What Is TSCM?

TSCM surveys are often referred to as; bug sweeping, TSCM inspections, electronic counter-surveillance operations, debugging services. The terms all refer to one common service, an electronic and physical check of an area (road vehicle, hotel, office, theatre, conference facility, residence, yacht, aircraft, etc) to establish if a technical surveillance attack is present. We at Verrimus refer to these services as providing a TSCM survey.

Why Is Technical Surveillance Counter Measures Required?

There are always privacy threats in all environments. There will always be someone who wants to compromise your personal, professional or organisational privacy. That’s not alarmist speak, that’s just how it is! Compromising privacy is an age-old human attack strategy. Take a look through history, it’s littered with the consequences of eavesdropping and espionage, of gossip about private lives and stolen information. The old saying ‘knowledge is power’ is absolutely true. Naivety, ignorance or lack of knowledge is a disadvantage in most professional situations. Being able to obtain and exploit information, which the target/victim assumes is unknown, is as sought after today as it has ever been.

Who Uses Technical Surveillance?

A technical surveillance attack could be mounted by a number of different sources, such as;

  • an organised criminal gang, targeting individuals to gain access to money,
  • a voyeur who wants to compromise personal privacy for their own gratification or widely sharing imagery,
  • a business competitor whom wishes to damage the reputation of your personnel and brand,
  • a business competitor who wishes to copy an aspect of your business or product,
  • a disgruntled colleague who wishes to ruin your reputation,
  • a state-sponsored privacy attack seeking political gains
  • an ex or current partner who exhibits ‘stalker’ type behaviour 

Range of Technical Surveillance Attacks

There is a range of technical surveillance attacks and devices available. Some are small, inexpensive, easily obtained, easily installed privacy compromising devices and techniques. Some are bespoke devices and techniques created by professional FIS (foreign intelligence services). The opportunities to compromise privacy are numerous, and always evolving.

Every security director, with any degree of competence, understands that a holistic approach to security is necessary. A holistic approach ensures that all risks are identified and effectively mitigated. The security landscape of physical, cyber and technical security threat domains must all be included in any robust organisational security strategy.

Technical Surveillance Is A Constantly Evolving Threat

Privacy compromising attacks are constantly developing. There’s a constant historical dance between those who attack privacy and those who mitigate privacy threats. Privacy attackers are evolving and adapting. TSCM specialists are constantly researching and developing new countermeasures for new attacks and attack methods as they emerge. If you aren’t a TSCM specialist, how do you ensure you are aware of the emerging privacy protection threats and methodologies?

What Does a TSCM Survey Involve?– Measurement, Analysis, Interpretation, Mitigation

The Hollywood myth of a TSCM survey, usually referred to in movies as a bug sweep, continues to depict what we at Verrimus refer to as a ‘wandwaver’. That is, an individual (usually male) waving a handheld piece of electronic equipment around a room and either declaring ‘all clear’ or ‘finding’ a little black box or wired microphone. The reality (for any competent TSCM operator) is wildly different! Seriously, any competent TSCM operator would love to rock up to a task with one little handheld beeping device and be able to declare the space attack free or compromised in a short time! The reality, for a competent TSCM operator, involves transporting lots of pelicases of varied measurement equipment and tools, multi-layered threat domain examinations, crawling and climbing to conduct physical non-destructive searches of small and difficult spaces and analysis of the results using their experience and knowledge of attack methods.

There are a number of technical surveillance threat domains and each must be examined, analysed and mitigated. THERE IS NO SINGLE PIECE OF TSCM EQUIPMENT THAT COVERS ALL THREAT DOMAINS! Whatever an equipment manufacturer may tell you! Remember that TSCM equipment manufacturers and resellers have sales targets.

A competent TSCM operator has a suite of measurement tools, to assist them to take accurate measurements of a threat domain in order for them to interpret and analyse. An experienced TSCM operator knows what combination of tools are required, in what order those tools need to be used, how to analyse results, how to recognise anomalies in the task environment, how to investigate anomalies, how to mitigate all TSCM risks.

If you want to know more about us, our specialism and how we assist our clients to protect their personal, professional and organisational privacy from technical surveillance, contact info@verrimus.com