Banking Boardroom Confidentiality

• Apr 24, 2013

While cyber threat is a relatively new phenomenon, and certainly warrants firm security measures, the old fashioned eavesdropping or “spy in the boardroom” is, due to technological advances, more of a threat than ever to our worldwide banks and financial institutions.

A well-placed listening device, hidden in a banking boardroom during a critical decision meeting, is all that is needed to compromise that bank’s integrity and that of its’ clients.

Small spy surveillance devices or “bugs” have been around for many years. In the past, they have been small battery powered devices that were hidden in target areas and monitored by radio from a very short distance, now there is a plethora of technologically-intelligent “spy bugs” available on the Internet for anyone to buy!

GSM technology and the use of mobile based listening devices (Sim Cards) means that the monitoring of a conversation can be carried out in the next room, the next street, the next country, or even the other side of the world. 

A simple GSM audio spy bug can now be built into everyday electronic innocuous looking items: a calculator, a keyboard, a computer mouse, a mains socket, a plug and as long as the item is powered, then it can operate ad infinitum!  Alternatively, self-powered, encrypted devices disguised as cigarette lighters, key fobs, or even pens are ridiculously cheap and readily available to purchase over the Internet.  With the simple press of a button, and the sending of a voice or text message, the bug can be activated or deactivated remotely from any location, recording or even broadcasting every word spoken.

But, unless you know what to look for, how will you find the threat?

Specialist Technical Surveillance Counter Measure (TSCM) teams equipped with the latest equipment are the best form of defense against a threat, and it is imperative that the TSCM team selected is equipped for the challenge, or your security will be compromised.

Gerry Hall, managing director of International Procurement Services (IPS), a company that has been in the business for more than 25 years, has supplied over 100 UK and overseas government departments and trained practically every international law enforcement agency in the world in the use of this type of equipment.

Gerry urges caution when considering the services of a “Sweep Team,” as there are many private detectives that consider themselves a “Sweep Team Specialist,” and this simply is not the case.

As one of the main suppliers of ECM equipment, IPS is one of probably only 15 to 20 genuinely professional sweep teams in the UK. Each of these teams will have invested between 50 to 100 thousand pounds ($76,395 to $152,790 U.S. dollars) in specialist equipment.

The simplest way to identify a genuine sweep team is to establish what equipment they use.

Any good sweep team will always have at least one non-linear junction detector (NLJD). This piece of equipment alone will cost in the region of £11,000 or about $76,000 U.S. dollars. An NLJD looks very much like a metal detector, but instead of detecting metal, it picks up semi conductor junctions. These are used in all electronic equipment and can be detected even when the equipment is turned off or has no power. It works by radiating a signal, and if there are any hidden electronics it will excite those electronics, and they will re-radiate harmonic frequencies. It’s these frequencies that will be detected by the equipment. Any effective sweep team will have at least one of these, an Orion, Locator, Hawk or Broom.

Another fundamental piece of equipment is a spectrum analyzer such as the OSCOR GREEN Spectrum Analyzer that IPS uses. These are designed to scan the electromagnetic spectrum covering a broad range of frequencies. Their job is to identify any signals that are not supposed to be there, indicating the presence of some sort of listening device. Again, the names to look for are Oscor Green, Spectrum ECM, Raptor or Scanlock. 

The Oscor Green is the very latest, third generation, countermeasure receiver with highly-advanced capabilities regarding range and speed, allowing it to more easily identify today’s complex transmitters such as burst, store, forward, etc.

To do this, it is necessary to analyze the ambient signals in the surrounding area first then analyze the target room. This will enable the operator to pick out the illicit signals from listening devices from the legitimate signals.

It is important to note these pieces of equipment are designed to be used in conjunction with one another. The NLJDs are essentially seeking non-transmitting devices such as tape recorders, remote controlled transmitters, GSM and hard wired equipment whereas the latest spectrum analyzers seek out transmitters operational at the time of the sweep.

A word about GSM detectors: taking into account that covert GSM transmitters are the biggest threat today, it is very important to realize a detector will only detect when a cellphone is either registering or actually in use even, then it detects rather than locates. For example, the GSM device could be outside the building or on a different floor. Detectors are cheap, costing anywhere between £100 to £1,000 ($150 to $1,500 U.S. dollars), depending on the quality and extra features. Very expensive equipment is available to detect and locate GSM devices, but the cost is anywhere between £30,000and£50,000 ($45,000 to $76,000 U.S. dollars) and is prohibitive, with only four or five teams having purchased such equipment.

It is also important to realize the higher the stakes the more sophisticated the perpetrator might be. In an attempt to avoid sweep detection, a perpetrator may use a listening device, like a key fob, that can be activated by voice, time or a radio wave signal. This may allow them to avoid detection by the spectrum analyzer. Bugs may be hidden in the floor or ceiling voids or in wall cavities behind plaster board, but using a non-linear junction detector, the bug will be picked up by an experienced sweep team.

Equally important is the physical search by experienced engineers who actually know what they are looking for and, just as important, where devices are likely to be placed by a professional ‘buggist’.  Again, the GSM transmitters are really small and are being hidden in many everyday items such as memory sticks, phone chargers, etc.

The last area of concern in any sweep is the telephone system. For this, it is necessary to use a phone and line analyzer. This equipment will detect any anomalies or compromises on a phone or on the phone line, all the way back to the main switch.

It’s worth remembering that according to statistics from the FBI, “...economic espionage losses to the American economy totaled more than US $13 billion...”

Make sure you are not a victim of industrial espionage.