Notes
Slide Show
Outline
1
Presentation to ISACA

 Technical Surveillance
Counter-Measures
(TSCM)
  • Presented by : Robert Southworth
    PCCW Limited
  • 22 July 2003
2
Agenda
  • What is Technical Surveillance?
  • Potential Targets
  • Detection and Prevention - The Sweep
  • Legal Aspects
3
What is Technical Surveillance?
  • Technical surveillance is eavesdropping using technical or electronic methods.
  • TSCM refers to measures taken to detect and protect against electronic eavesdropping.
4
Potential Targets
  • Business Targets
    • Company is in a competitive industry
    • Company is involved in litigation/lawsuits
    • Company stock is (or will be) publicly traded
    • Company is involved in sensitive negotiations
    • Company is having labour/union/layoff problems
    • Company is involved in bidding for tenders
5
Potential Targets
  • Personal Situations
    • Running for elected public office/political activities
    • Involved in divorce, extramarital affairs
    • Involved in lawsuit/litigation
    • Recently filed an insurance claim
    • Anyone with Money, Power or Influence
6
Examples
  • A HK company suspected that their competitors were quickly aware of their strategies.  They employed an international security company to conduct a sweep, which revealed:
    • a calculator with built-in RF transmitter
    • two A/C carrier current devices
  • Subsequent investigations revealed that the devices had been purchased and installed by
    ex-employees.
  • About HK$5M of electronic spying devices are purchased each year in Hong Kong.
7
Examples
  • PCCW technician discovered a RF bug installed in the telephone Distribution Point (DP) of the Hongkong Jockey Club trainer’s quarters at Shatin racecourse and informed Corporate Security.
  • CSFM deactivated the device and left it in place, with a secret alarm fitted to the DP box door, in order to catch the eavesdropper retrieving the bug.
8
Eavesdropping Devices (1)
  • Types of Bugs
    • Wiretapping
      • The preferred method of obtaining intelligence (for quality reasons).
      • Involves a physical connection to the targets communication wires (e.g. telephone line, PABX cable, LAN cable, video system, etc).
9
Eavesdropping Devices (2)
  • Types of Wiretaps
    • Direct connection to headphones/recorder.
    • RF wiretap using either over-the-air transmission or carrier current via the wire.
10
Eavesdropping Devices (3)
  • Radio Frequency (RF) bugs
    • Radio transmitter plus microphone placed within the target area
    • May be disguised as calculator, pen, etc or inside telephone handset
    • May use battery power or AC power
    • Advantages - cheap, easily available
    • May be remotely activated/deactivated (to save power)
11
Eavesdropping Devices (4)
  • Concealed video camera with video transmitter
  • External laser
12
Bugging Devices
13
Surveillance Devices
14
Counter-measures (1)
  • Objectives of the Sweep
    • Detection of eavesdropping devices (active or dormant).
    • Identifying vulnerabilities/high-risk areas.
    • Real-time detection during meetings, etc.
15
Counter-measures (2)
  • Sweep Procedures
    • Preliminary
      • identify contact person
      • obtain floor plans
      • initial visit/photographs
      • advise on security/discretion
16
Counter-measures (3)
  • Sweep Procedures
    • Detection includes:
      • RF spectrum search
      • power line search
      • check telephone system and sets
      • check LANs
      • physical search (e.g. walls, ceiling, aircons, etc)
      • non-linear junction detection
      • metal detector
      • portable X-Ray
17
Counter-measures (4)
  • Completion
    • verbal discussion of sweep result/ recommendations
    • if bug found, options:
      • remove bug/analyse it
      • leave bug in place and investigate/provide disinformation
      • damage assessment
    • final report
18
Legal Aspects (1)
  • The following laws of Hong Kong prohibit or limit eavesdropping:
    • The Basic Law (Article 30)
      • no department or individual may, on any grounds, infringe upon the privacy of communication of residents except …… relevant authorities …… in accordance with legal procedures …… for public security or investigation of criminal offences.
    • The Bill of Rights Ordinance (Article 14)
      • no-one shall be subjected to arbitrary or unlawful interference with privacy ……
19
Legal Aspects (2)
    • The Telecommunications Ordinance (S.23)
      • prohibits transmitting or receiving messages by an unlicensed means of telecommunication
    • Interception of Communications Ordinance
      • passed by Legco in 1997 but not yet Gazetted by the Chief Executive
      • makes it an offence to “intentionally intercept a communication in the course of its transmission ……”
      • “interception” means the “aural or other acquisition of the contents of any postal communication, telecommunication …… through the use of any electromagnetic, acoustic, mechanical or other device”.
20
Corporate Security - TSCM Team