Technical Surveillance Counter Measures (TSCM) post lockdown
The Covid-19 situation (lockdown) has created a variety of security challenges, this includes Privacy and information security. Companies have been forced to scale back on employees, operations, and expenses. Security is likely one of those areas suffering both budget and manpower cuts. Company offices have been left empty operating only with a skeleton team, and access being granted to maintenance staff or a few lone workers who may still be carrying out basic operations or an employee who may have just needed to return to pick up something from their desk to help them work better from home. This means employees, cleaners, and other staff will have largely been unsupervised and may have had easy access to areas not normally permitted. This all creates increased opportunity for an adversary or rogue employee to breach security and potentially install a listening device or surveillance camera, waiting to be used in the future when business gets back to normal. In addition, Employees who have been laid off or furloughed may not have had their access credentials terminated. They might find themselves in difficult financial situations where an improper offer from a competitor could entice them to act as spies, returning to the office to ‘pick up some belongings’ but in reality, they are actually stealing data or leaving an eavesdropping device behind. We can also assume that during this time, there has been less manpower available resulting in fewer security guards, fewer patrols, as well as a lowered response level where priority would be given to major, more obvious problems. Also of note less significant incidents may have been overlooked such as an employee in an unauthorised area, a door left ajar for a prolonged time, an alarm considered a nuisance where no cause was noted – these incidents should be recognised as serious concerns.
Valkyrie TSCM solutions/offerings include:
1. Eavesdropping/TSCM services threat briefings for company employees & security teams
2. Eavesdropping risk assessments/TSCM services gap analysis
3. Strategic advice on setup of TSCM services/counter-eavesdropping programmes
4. TSCM inspections of offices, homes, hotels, vehicles, jets & yachts
5. TSCM inspection & live monitoring services of important meetings
6. Permanently installed TSCM live monitoring systems
Eavesdropping/TSCM services threat briefings: Valkyrie delivers eavesdropping/TSCM services threat briefings to government officials, company directors, executives/CSO’s/CIO’s, or Security Managers. These briefings will enable the audience to clearly understand the modern threat of eavesdropping/espionage, where it comes from, how it applies to their organisation, what can be done to mitigate or manage the associate risk with the implementation of TSCM services/sweeping. The briefings also dispel any myths about how ‘bugs’ work and how they really can and can’t be detected.
Eavesdropping risk assessments: Valkyrie can conduct a risk assessment to see if your organisation is at risk from unauthorised eavesdropping attack and if yes to what level. The results from the risk assessment can then be used to plan a targeted, risk-based approach to any counter-eavesdropping/TSCM services/sweeping programme which needs to be implemented. This ensures that any TSCM services supplied are appropriate, targeted and what the Client requires.
TSCM services programme strategic advice: Valkyrie can advise Clients on the setting up and running of their own TSCM team and the internal provision of TSCM services including providing all equipment, training and ongoing support including perpetual eavesdropping threat update training to keep the inhouse TSCM services team completely current. Valkyrie can advise on TSCM programme strategy and scope and then act as the provider of the capability as a fully managed TSCM services solution.
TSCM inspections/sweeping: Valkyrie provides a full range of TSCM services to suite all Client requirements. We have global experience in all types of TSCM services including the following:
- Buildings: Valkyrie conduct counter surveillance inspections of all types of buildings including offices, data centres, homes, hotels rooms, conference centres, exhibition chalets, factories, laboratories, industrial sites, nuclear sites and Supervisory Control and Data Acquisition (SCADA) controlled sites.
- Vehicles: Valkyrie regularly conducts counter surveillance inspections of cars & other vehicles. This type of TSCM inspection is becoming increasingly important as executives often make sensitive phone calls while traveling in their cars. This type of inspection will also identify any hostile tracking device fitted to a car which is often a precursor to a kidnapping attempt on the principle or a clear indicator that a covert surveillance operation is in progress.
- Aircraft: Valkyrie frequently conduct TSCM inspections of corporate and government jets. This type of inspection is becoming increasingly popular as jets are often used to host confidential meetings & discussions and are often leased or left unsecured leaving them vulnerable to technical eavesdropping attack. Very specialist skills and equipment are required to conduct a TSCM inspection/sweep of a jet. Valkyrie TSCM inspection teams have the required expertise and equipment to deliver these specialist aircraft inspections to the highest standard.
- Maritime: Valkyrie regularly provides TSCM services of privately-owned yachts, chartered yachts, and their respective tenders, launches and support vessels. TSCM inspections of these types of vessels are common practice for Valkyrie counter surveillance teams as superyachts are routinely used to hold sensitive discussions, negotiations and contract signing events.
TSCM live monitoring of meetings & events: In addition to our pure TSCM services Valkyrie also provides counter eavesdropping live monitoring of meetings or other sensitive events for their duration. These TSCM services consist of a counter surveillance inspection/sweep followed by live monitoring of the radio spectrum to ensure the highest possible assurance that no localised eavesdropping occurs during the sensitive meeting or call.
Permanent live monitoring systems: When permanent live monitoring TSCM services are required, Valkyrie liaise with the Client to understand the requirements and aim of the project and then provide the relevant technical advice, assist the decision process, site survey and design & install the best solution to meet the Client requirements.
In Summary: When reviewing your security during this period, here are some important points to consider:
- How secure was your facility during lockdown?
- Note what areas were weakened, where was less manpower deployed?
- Who continued to have access?
- What types of staff were still given access?
- Were employees still allowed back in?
- Were any private or classified areas left open and unattended? – Pay particular attention to board rooms, conference areas, and C-suites. Look for any signs of unauthorised activity
- What incidents may have occurred during the period?
- Review logs of any security incidents look for any correlations that could indicate suspicious activity.
- Were there any areas accessed by unauthorised personnel?
- Investigate thoroughly any reports of employees found in unauthorised areas.
- Did any break-ins or vandalism occur?
Security breaches or other incidents could be used as a cover for actual espionage activity. If a break-in or theft was reported, pay attention to any nearby areas that may have also been accessed. After returning to your offices, pay close attention to anything that has been disturbed, anything that may have been tampered with. Any indication of unauthorised access to offices or secure areas should be investigated thoroughly. Electronic sweeps of critical offices and confidential areas should be scheduled. Just as it is important to fully sanitize your offices for protection from viruses, it’s also necessary to keep them clean from the other type of bugs – illicit transmitters, listening devices, cameras, or any other technical surveillance device. TSCM sweeps should be given a high priority in your security considerations