There’s a Ghost in my House

The increased threat from technical surveillance

Technology tends to bring opportunity and risk in equal measure, better defence and detection systems but at the same time a wider range of technical surveillance options available to those that might wish to eavesdrop on us. So how has the threat changed over the past few years?

Firstly device technology, microphones and cameras are smaller, better quality and commercially available and at high street prices. This means that technical surveillance options are available to all not just to security and intelligence organisations, law enforcement and high end commercial espionage providers. Today they can be easily obtained by the man in the street, on-line or from a commercial spy shop. So the opportunistic competitor, disgruntled employee or a clandestine voyeur can all easily obtain technical surveillance equipment.

Secondly it’s much easier to transmit the, audio or video product. Back in the nineties when I was an intelligence officer overseeing covert technical operations the options were limited and the norm was to use a Radio Frequency (RF) signal which sent the product to a nearby listening post or LP. This was technically complex, required a physical LP of some kind and was therefore beyond the amateur.

However this is no longer the case. Now there are more options available for egressing a signal using commercially available networks and technologies, GSM, Bluetooth, Wi Fi can all be used. Webcams are now commonly used to monitor babysitters and empty residences for instance. So it’s much easier to egress the product and conversely much harder to identify the method being used to do so. You can’t simply look for RF transmissions but must also look for ghost Wi Fi networks and GSM signals.

The third factor is our increased use of technology. Everyone has a GSM phone as well as landlines, tablets, laptops, office based IT systems and video conference facilities. All these technologies create additional vulnerabilities, not only from software based cyber-attacks but hardware compromises too. Readers inside keyboards for instance or listening devices concealed within telephone handsets. Another vulnerability is the interception of GSM signals between the handset and the cell site. Hence the number of ways in which we can be compromised has increased.

So what are the implications? Firstly organisations need to make sure they understand the specific nature of the threat that they might face.  Secondly what security measures need to be put in place to counter this threat in terms of Protective Security and thirdly what level of inspection regime is required in order to ensure that the organisations facilities and communications systems have not been compromised.

Counter measures and inspection techniques need to take into account the full panoply of technical surveillance techniques now available which means ensuring that the right counter measure and inspection technologies are deployed.

David Curran MA FCIPD MSyl