Eavesdropping operations generally have three principal elements:
Eavesdropping equipment varies greatly in level of sophistication. Many off-the-shelf spy shop devices are generally low-cost consumer electronic devices that have been modified for covert surveillance. They are easy to use against unsuspecting targets but can be detected by elementary electronic countermeasures. Devices produced for law enforcement and industrial espionage are more expensive, more sophisticated, and more difficult to find during a technical security countermeasures (TSCM) inspection. Devices designed and built for intelligence services are still more expensive and very difficult to find.
Some of the more sophisticated bugs have a "burst" transmission. A device about the size of a fingernail can record several hours of ordinary conversation and then transmit it to a remote receiver in a burst that lasts only two seconds. An hour of speech can be stored on a single chip. This is a passive system that records information but emits signals only when interrogated.1 This makes detection very difficult. Of course, some countermeasures systems are designed to try to activate such systems so they can be detected.
Some eavesdropping operations, as discussed below, don't require anything at all to be planted in the target room. The eavesdropping can be done without ever having direct physical access to the target area. Such operations exploit weaknesses in the the telephone system or computer system already in the target room, or they use a laser beam aimed at the target room.1
The type of bug installed in a home or office setting depends in part upon the length of time and the circumstances, if any, under which the installer has physical access to the site.
A visitor seated in front of your desk may bend down to pick up a dropped pen, using the few seconds when his hand is out of your sight to stick a bug under his chair or under your desk. Or he may "forget" and leave behind a workable pen that has a concealed microphone and transmitter. Any gift intended to be kept on your desk or elsewhere in the open in your office is a potential concealment device for a bug.
More than half of all eavesdropping attacks on U.S. offices, both foreign and domestic, have exploited the common telephone.2 Telephones offer a variety of eavesdropping options, as the telephone instrument has electrical power, a built-in microphone, a speaker that can serve dual purposes, and ample room for hiding bugs or taps.
Another type of telephone bug will pick up conversations in the room and transmit them down the telephone line while your telephone remains on the hook. The eavesdropper can monitor your room conversations from another telephone anywhere in the world. Such telephone bugs are usually easy to detect by a professional countermeasures technician who knows what to look for.
With some of today's computerized phone systems, it is possible to manipulate a telephone electronically without ever having direct, physical access to the telephone instrument. Signals can be sent down the telephone line to turn the handset into a microphone that picks up and transmits conversations in the room even when the handset is hung up. This risk can be greatly reduced by the selection of an appropriate telephone system and implementation of available technical security countermeasures. This type of penetration of telephone systems is discussed in greater detail under Telephones in the Intercepting Your Communications module.
Computers are similar to telephones, in that they have the essential parts for a sophisticated surveillance system -- a microphone and a means of communicating information outside the area in which they are located. Computers are vulnerable to several types of eavesdropping operations. For example, a bug in your keyboard could transmit every keystroke so that everything you write can be reproduced.
Standard computers emit faint electromagnetic radiation that a very sophisticated eavesdropper can use to reconstruct the contents of the computer screen. These signals can carry a distance of several hundred feet, and even further if exposed cables or telephone lines act as inadvertent antennas. Security measures and shielding are available to reduce the risk of such eavesdropping. It is possible to buy TEMPEST-protected computers that block the unintended radiation.
Even public areas are not immune to technical surveillance. Whenever your presence in a public area is known or predictable in advance, an adversary or competitor has time to plan the best way to exploit that knowledge.
Outdoors in a park, in a hotel lobby, or while sitting around a hotel swimming pool, conversations may be monitored with a shotgun microphone. This is a directional microphone (parabolic reflector) that may be concealed in a sleeve or a folded newspaper and aimed at the target. Clarity of the recording may be improved by programs that cancel out extraneous noise and that employ neural net analysis to learn the targets speech patterns.
Individuals who habitually frequent the same restaurant or café and hold sensitive conversations over lunch or dinner are also vulnerable, especially if they usually sit at the same table or the restaurant manager cooperates with the eavesdropper. A short-term bug can simply be attached to the underside of the table. Longer term, one could build the bug into the table or into a vase or other item on the table. Although probably very rare, at least one highly-competitive, high-class restaurant is known to have bugged its own tables to obtain unfiltered feedback on customer reactions to the service and food.
Related Topic: Intercepting Your Communications.
Link back to the Western Region Security Office home page.