• Skip to primary sidebar
  • Skip to content
  • Skip to footer
  • Home
  • Subscription
  • The Magazine
  • Podcast
  • Contribute
  • Advertise
  • Contact Us

Circuit Magazine

For Security & Protection Specialists

Introducing TSCM

The art of technically and physically searching for illicit bugs, and/or devices, is generally referred to as a Technical Surveillance Counter Measures (TSCM) inspection. This was agreed by a committee of TSCM specialists who provided Skills for Security their public and private sector knowledge in order to establish the first UK National Occupational Standards (NOS) for TSCM. The NOS are submitted and then approved by UK government regulators, and to this day, still establish a good foundation to build UK governance for TSCM in the security industry.

Unfortunately, the TSCM industry still can’t agree on the correct name for TSCM, nevermind industry licensing! The UK National Authority for Counter Eavesdropping (UK NACE) is managed by FCO Services but still refers to ‘Technical Security Countermeasures’. The stalwarts of the industry still affectionately refer to a ‘Technical Sweep’. In theory, it references two aspects of a TSCM inspection. 1. The ‘sweep’ of a frequency range and 2. The ‘sweeping’ motion when using a particular type of equipment. TSCM is also referred to as a ‘Technical Search’ inspection, or ‘Electronic Counter Measures’ (ECM).


Definitions

For the purposes of this article, the following definitions are used by the author:

  • Eavesdropping.  Interception of information transfer, including conversations by bugging, tapping, or other technical and non-technical means without the knowledge of the individuals.
  • Tapping.  Illicitly connecting to conversations and communications media for the purposes of gathering information.
  • Bugging.  The planting of suitable transducers in order to gather information.
  • Bug.   An eavesdropping device.
  • Device.   A piece of hardware made or adapted for a particular purpose, especially for a piece of mechanical or electronic equipment.
  • Information Security (InfoSec). Managing policy and process to protect and prevent information loss to digital and non-digital information (data) and to secure against unauthorised use of this data.

Eavesdropping

The Bible refers to acts of espionage, but only hints that individuals covertly listened to conversations, evidently without the sophisticated technical equipment that supports a modern-day eavesdropper. Research has not confirmed exactly where or when the word ‘eavesdrop’ was introduced into the English language, but it is believed to have originated in the 17th century.

It won’t surprise the reader that the word eavesdrop derives from two words, eaves and drop. It is believed that eavesdrop originated from when a single storey dwelling had a thatched roof; long before guttering and drainage pipes were designed. The constant dripping of rainwater from the thatched roof produced a noticeable line in the ground called the eavesdrop line. It was then said that if an individual stood inside this line, under the eaves, and stood next to a window opening (shutters), they would, in theory, be able to listen into [eavesdrop] the conversation held within the building, and without the knowledge of the occupants. The phrase ‘the walls have ears’ is recognised to support this theory.

Espionage

The act of espionage is one of the oldest professions in the world. It is alleged that espionage comes in second only behind the ubiquitous, profession of prostitution! Espionage (and possibly prostitution) continues to dominate the thoughts of leaders, executive boards, and VIPs within all businesses and sectors. Often the risks associated with business espionage and eavesdropping can be mitigated by taking simple preventative action. Business espionage quite rightly remains high on all government and commercial organisational agendas, and the need for effective counter-measures seems endless.

Threat

The main InfoSec threat is unequivocally from cyber-related actors; this may include cyber-related eavesdropping which is conceivably an IT Security concern. A conventional TSCM inspection does not cover cyberspace but could detect illicit cyber devices attached to hardware or cabling infrastructure.

Not dissimilar to Personal Protection, a professional TSCM inspection team will consider the threat. The threat of business or corporate espionage is considered to be of particular relevance to sensitive industry conversations where competition is high; in particular, between similar companies providing the same services. This, however, does not suggest that espionage is conducted by these companies, but any sensitive information loss to a rival or the impact caused by any security incident could have serious implications.

Many countries, businesses, and individuals actively seek privileged and proprietary information to advance their own political, economic, technological, and personal aspirations. The need for an action plan to cater to all Information Security (InfoSec) incidents is critical for those who have an interest in protecting some of the most valuable assets, reputation, proprietary information, and personal data.

There is a real and credible eavesdropping threat. London’s premier spy shop sold approximately 1500 covert units (covert video, audio recording, and GSM audio) from their London shop in their last financial year. This figure only includes actual units sold over the counter and does not include online sales, not to mention the number of general enquiries. In theory, if this shop remains open for 6 days a week, this equates to 5 covert sales a day. My assumption, therefore, is these people are purchasing this type of equipment to conduct a form of espionage or eavesdropping into other people’s conversations. Admittedly, a percentage will end up in the domestic world, but I have no doubts that some of this equipment will make its’ way into the corporate world.

With technological advances in recent years, in particular in the GSM industry (mobile phone/SIM card), the most capable commercial or state-sponsored eavesdropper has the capability to operate on a global scale.

Suffice it to say the technology in the eavesdropping industry means that smaller and more sophisticated technical devices are available and are easier to acquire than ever before, in particular, devices using SIM cards. The availability of these eavesdropping devices on the commercial market, and the internet, plus the additional ease of installation to a permanent power source is indicative of a significant eavesdropping threat to businesses and individuals.

The Argument

The threat from business espionage remains relevant but is on the decrease due to:
• Better awareness of the threat.
• In general, improved layers of security and procedures with the overlapping of technology and human in a corporate building.
• Improvements in employee and sub-contractor vetting.

The threat from individuals, private espionage and voyeurism (covert camera installations) is on the increase due to:
• GSM technology.
• The ease of searching for spy products on the www, the ease of purchase and installation.
• Technology advances – products are easier to use, smaller and available to purchase with no due diligence.

The Trigger

A TSCM inspection may be ‘triggered’ or requested for several reasons. Most requests received are following a confirmed or suspected leak of confidential information. Some requests are as part of good business practice and as a precautionary, proactive measure to ensure the integrity and conversational security in the areas of interest.

No matter what the trigger for the TSCM inspection is, the credible threat should be considered and a task planned accordingly.

Circumstances in which to consider an inspection can be:
• Prior to any confidential meeting/function. For example: an AGM.
• Prior to a temporary move into a location. For example: VIP into hotel room.
• Following a confirmed or suspected physical security breach.
• Following a confirmed or suspected leak of confidential information.
• Supporting an investigation to confirm/deny facts.
• Supporting other search/inspection regimes (i.e. physical, explosive/drug dogs).
• Following the introduction of new equipment/furniture/fittings.
• Following a period where third party sub-contractors have completed construction work, cabling work, or renovation.
• Periodically (as required).

UK Governance

Apart from the NOS and UK NACE, the lack of UK government direction, and private security industry governance or licensing, is commonly flaunted by poorly trained, inefficient, and maverick TSCM teams. Anyone can purchase equipment and purport to deliver TSCM in the commercial sector. This is not uncommon in any other sector or security capability that struggles with regulation and standards. The advocates of the Skills for Security NOS committee formed the concept of a TSCM institute (TSCMi), a trade body established to create an ethical culture, draft legislation, best practice, and guidance for TSCM practitioners. However, the TSCMi remains self-governing and to date, has no formal UK government support.

Health & Safety

A minimum two-person team, working in tandem, is generally accepted. I do not concur with the counter-argument from the solo practitioners. Working with, and close to 240v ac electricity, working at height, plus an inspection is normally conducted in unsociable hours when a building is on minimal manning, not to mention the overlapping, complementing techniques of a two-person team, concludes me to endorse my argument, based on health and safety and procedures, that a minimum of two persons is always recommended.

Legalities

A TSCM inspection capability should not deliberately interfere with or prevent the operation of third-party communication equipment; specifically, the transmission of, or the receiving of, licensed communications equipment and frequencies. In particular, from the main threat vector, GSM signals and the omnipresent SIM card.

The legal way to conduct a TSCM inspection is by employing SIM card detectors that, without transmitting any interfering signal, provide visible and/or audible warnings if an active or passive device is nearby. The ability to determine if a GSM device is in the area of interest should be ascertained by the powers of deduction, technology, and also the overlapping TSCM search techniques.

 


TSCM in the Private Security Industry

By Ben Gunn

Ben is a former member of the British Army spending 29 years out of a 33-year military career in UK Special Forces – 19 years in the Regulars and a further 10 years in the Reserve. He had a unique military career; initially expeditionary and latterly, 4 years seconded to Intelligence and a further 4 years in a Counter-Terrorism liaison role. Ben is a businessman, incorporating a UK Special Forces tenet into his business planning; ‘the unrelenting pursuit of excellence’ and as such, has established under his directorship, a truly global company based in London, offering a multi-service approach to the security of

E: ben.gunn@olchon.co.uk
T: +44 (0)203 1903030

Tweet
Share
Pin
Share276
276 Shares

Buy The Latest Issue

Sign Up For News and Updates

We respect your privacy and will not share your information with anyone.
We will only message you when we have something relevant and of value to share with you.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Latest Issue

Circuit Magazine - Issue 66 - AI Armageddon

Issue 66

Buy Now

Latest Newsletter

Newsletter Sign Up

What you don't know CAN hurt you!

SUBSCRIBE

Latest Industry News

Ugandan Minister Killed by Bodyguard in Apparent Wage Dispute

A Ugandan government minister, Charles Engola, was shot and killed by his bodyguard early Tuesday in an apparent private dispute over wages, according to the army and local media. Engola, a retired army colonel, served as the junior minister in charge of labor in President Yoweri Museveni’s government.

Event

News - Circuit Magazine

Zelenskiy Denies Ukraine’s Involvement in Alleged Kremlin Drone Attack

Ukrainian President Volodymyr Zelenskiy has refuted Russia’s claims that Ukraine was involved in a drone attack on the Kremlin, which was allegedly aimed at killing Russian President Vladimir Putin. Zelenskiy stated that Ukraine fights and defends its territory, not attacking Putin or Moscow. The Kremlin reported that two drones were used in the attack but were disabled by Russian defenses.

News taken from Issue 65 of the Circuit Magazine

Bodyguard Saves Japanese PM from Pipe Bomb Attack

A bodyguard has been hailed as a hero for his quick-thinking actions during a suspected pipe-bomb attack on Japanese Prime Minister Fumio Kishida. Video footage captured the bodyguard kicking away a metal object as it landed near Kishida
before positioning himself between the Prime Minister and the device, shielding him with a collapsible, handheld ballistics shield.

News from Issue 65 of the Circuit Magazine

AlertEnterprise Reveals First-Ever Guardian AI Chatbot Powered by OpenAI ChatGPT

AlertEnterprise has unveiled its first-ever Guardian AI Chatbot powered by OpenAI ChatGPT. The chatbot will make its global debut at the ASIS Europe and ISC West trade events. Built on OpenAI’s GPT-3 platform, the Guardian AI Chatbot aims to provide security operators with instant access to critical physical access and security insights through quick questions and prompts.

Keeping Your Edge By Elijah Shaw

Keeping Your Edge: Listen in Totality

Someone said this quote to me a long time ago and it really resonated. It was one of those things where the more I thought about what it actually meant, the more insight I gained from just those few short words. The quote itself originated from the American poet, Maya Angeolu. And while it’s very unlikely social media was on her mind, or even a thing, when she drafted it, I think it’s very fitting on how it plays into society today.

Is Your Brain Working Against You? How to Train Your Brain to Handle Challenges & Pressures of Executive Protection Work

Is Your Brain Working Against You?

Our brain is constantly processing information. From making our coffee in the morning to dreaming while we sleep, our neurons are always working to figure out what to do with the information they’re receiving. Every scenario is carefully calculated within our brains which then tells us how to respond to certain stimuli. In the field of Close Protection, it’s crucial that we train our brains to respond to stimuli in a quick and calculated way so that we are able to execute our responsibilities and keep people safe.

Comms Planning - Part I

Does Everyone on Your Team Speak the Same Language?

It’s an anomaly then that so little importance seems to be attached to ‘comms’ both during planning and training. Having a competent ‘signaller’ on the team, who is well-trained and well-versed in multiple forms of communication has to be an advantage, right? Think back to the military example I gave earlier, the signaller clearly forms a vital part in any unit, whether on the frontline or back in the Ops Room. But most security-related courses only pay lip-service to the importance of communications, if it is ever mentioned at all.

Global Risk Updates

Global Situation Report - November 2021

Global Situation Report – November 2021

Each issue our global geopolitical partner, Stratfor, provides an in-depth analysis of global incidents via in-house experts, cutting edge technology and through a comprehensive globally sourced network. Here is your summary from the last 30 days.

Popular Tags

armed attack Bodyguard business Celebrity client clients Close Protection Communication cp Elijah Shaw EP Executive Executive Protection firearm firearms government gun Intelligence Law Enforcement Media Medical military News online Orlando Wilson police Prevention professional protect protection Risk Safety Security SIA Social Media Surveillance Technology terror Terrorism terrorist Threat Training VIP weapon

On The Frontline

in summary is practice your drills and SOP's (Standard Operating Procedures)

Evacuating and Moving Through Buildings Tactically

If you find yourself in a scenario where you need to evacuate a building with a real threat or danger posed to your safety, then you need to do so tactically. We are not interested in conventional SWAT tactics as it is not our job to apprehend, or even nullify, the threat; your job is to look after yourself, your family, or your client. follow these basic, lifesaving, procedures.

Commercial Security Courses

Commercial Security Courses

Having dug around in the last year to see what’s going on with security training courses at home and overseas, it would appear that there is a gap between what’s acceptable, to what’s a complete rip off, and that gap is as wide as the Grand Canyon.

Are you neglecting the planning for a serious threat?

Fire Safety in Executive Protection

When discussing executive protection topics with somebody not working in this field of expertise, the threats to the principal are often expected to come from rare incidents such as stalkers, snipers, explosions and so on. As professionals we know that the most significant and likely threats come from car accidents and health issues, then, next in line are serious fire emergencies. Don’t just take my word for it, a quick look at the statistics show just how frequent and deadly fires are in US.

Follow us

  • Email
  • Facebook
  • Twitter

From The Archives

Security Industry Authority

SIA ends paper-based licence applications

    On 24 March, the Security Industry Authority will stop issuing paper-based licence …

Continue Reading about SIA ends paper-based licence applications

Nigeria – Country Risk Assessment

Significant Events On December 9, university lecturers defied a government ultimatum to return …

Continue Reading about Nigeria – Country Risk Assessment

Covert Protective Details – The Invisible Shield

For new Close Protection professionals entering this industry or those considering it, a protection …

Continue Reading about Covert Protective Details – The Invisible Shield

Security Industry Authority

Unlicensed security director ordered to pay £2,400 after guilty plea

News From the SIA - 20 March 2013   A Northamptonshire security director has been order to pay …

Continue Reading about Unlicensed security director ordered to pay £2,400 after guilty plea

Promoted Event

International Security Expo

Latest Podcast Episode

Latest Issue

Circuit Magazine - Issue 66 - AI Armageddon

Issue 66

As AI armageddon comes closer, the global challenge is discerning the line between innovation and oversight, particularly concerning decision-making biases and security implications.

Buy Now

Follow us

  • Email
  • Facebook
  • Instagram
  • LinkedIn
  • Twitter
  • Home
  • Subscription
  • The Magazine
  • Podcast
  • Contribute
  • Advertise
  • Contact Us

© 2023 Circuit Magazine · Rainmaker Platform

This website or its third-party tools use cookies which are necessary to its functioning and required to improve your experience. By clicking the consent button, you agree to allow the site to use, collect and/or store cookies.
I accept