LOSS PREVENTION

Demystifying
TSCM

072 SECURITY SOLUTIONS

072-075.SSM94.Loss Prevention.indd 72 12/02/2015 12:16 pm

 By Michael Dever

Industrial and economic espionage are protected against compromise by technical Technical surveillance attacks on individuals
serious threats to the security of information means. and organisations are becoming increasing
for individuals, business and government. Other protective security measures are only a complex, and are evolving to take advantage
Countering the new corporate spy is no longer part of the information security solution. of massive technological changes that have
a matter of simply ‘sweeping for bugs’. In this The relationship between technical security occurred in the past two decades.
three-part series of articles, I will explore the and other protective measures is illustrated in Technical surveillance attacks take many
issues associated with technical surveillance figure one. Whilst overlap of functions exists, forms and can be characterised depending on
counter measures (TSCM), and provide an technical security is not the same as ICT the methods used, namely:
update on contemporary threats and solutions. security.
In this first article, I will describe TSCM and • Acoustic surveillance – which relies on
its relationship with information security, and A different paradigm weaknesses in the sound proofing of an area
provide a summary of contemporary threats. A counterintelligence program is basically or the use of mechanical devices to pick up
Future articles will cover: designing counter the protocols designed to prevent the hostile conversations.
measures and selecting a service provider. intelligence gathering efforts of other parties. • Optical surveillance – which utilises
Information in all its forms is the lifeblood of The counterintelligence paradigm requires binoculars, telescopes, cameras or bore scopes
business and governments, and is the second differentiating between information security and to observe documents or conversations from a
most valuable asset of organisations, after protective security. It requires an understanding vantage point.
people. of what information is valuable, who are • Electronic surveillance – which involves the
“Information has become the new currency your adversaries and their capabilities, how use of listening devices of all kinds (bugging),
of business, and its portability and accessibility vulnerable you are, and what counterintelligence interception of wired (wiretapping) and wireless
are crucial components of a collaborative, means to the organisation. communications, covert or overt use of video
interconnected business world” The traditional methods of hostile covert cameras, tracking devices, and many other
- Price Waterhouse Coopers 2010 intelligence gathering – such as suborning techniques.
people, copying documents, etc. – have been Technical surveillance may employ hidden
Maintaining information security in this joined by a wide range of technical devices and microphones, miniature radio transmitters,
environment is complex, and protection methods for collecting information. concealed cameras, or vehicle tracking devices
of information is an overall business To understand technical security and to glean information relating to sensitive
management issue, not just an information counterintelligence, a professional TSCM activities or conversations such as those
and communications technology (ICT) security practitioner must have an understanding of relating to commercially sensitive discussions,
issue. the aims of technical surveillance and possess private matters relating to celebrities and other
There is a growing body of evidence that a strong technical understanding of the high profile individuals, or may be a component
businesses around the world lose millions of contemporary technical intelligence collection of industrial or economic espionage activities.
dollars every year through hostile intelligence methods in order to understand how to counter
gathering activities by state and non-state those threats.
actors where all that is stolen is information.
This is serious business and countering Personal Security
these threats requires obtaining advice about
Physical Security
protecting your valuable information (particularly
conversations) from a qualified, accredited and Protective Security ICT Security
Data Security Domain
experienced TSCM security professional.
Technical Security
Information Security Domain
What are Technical Surveillance Counter
Measures? Figure one – The relationship between technical security
and other protective security measures
TSCM is the term used to describe a range
of counterintelligence activities implemented The threat of technical surveillance Is the threat real or am I just being paranoid?
by an organisation to counter the threat of Technical surveillance is defined as the use The extent of covert technical surveillance is
technical surveillance. of technological devices to extend the human difficult to quantify for a variety of reasons,
Strictly speaking, TSCM is a defensive senses of sight and/or hearing. For example, including the inherent secrecy of the activity,
counterintelligence activity and part of technical using a telephone extends the human sense the unwillingness of organisations to discuss
security. of hearing; intercepting or monitoring this incidents due to fear of embarrassment or
Technical security is the branch of communication thereby extends the adversary’s recriminations, and the difficulty of prosecuting
information security which concerns itself sense of hearing. offences.
with the assurance that information remains

SECURITY SOLUTIONS 073

072-075.SSM94.Loss Prevention.indd 73 12/02/2015 12:16 pm

 LOSS PREVENTION

Nevertheless, the Australian Security embarrassment to the organisation if lost – e.g. are successful in gaining access to highly
Intelligence Organisation (ASIO) consistently details of a police investigation. sensitive information, proving there is a need for
warns Australian business of evidence of hostile The type of information that could be targeted enhancing existing security controls.”
intelligence gathering activities directed at includes any information that could give one - Price Waterhouse Coopers 2010
Australian entities. party an advantage over another.
If ethical hackers can gain access to the highly
Espionage is an enduring security threat to Australia.
The traditional methods of espionage – suborning Should I be concerned? sensitive information of Australian business in
Australians and others to obtain information or With the high tempo of life for most security this way, then covert technical surveillance by
provide support for foreign intelligence agencies
and using technology to access communications professionals, technical security barely rates a the same means is a real threat.
or conversations – continue to be the backbone of mention, unless there is an incident. However, The consequences of a successful technical
the threat. But they have been joined by additional
capabilities exploiting new technologies and by the by the time an incident has occurred it is too surveillance attack by an adversary range
new vulnerabilities that they bring with them. late to implement protective measures. from loss of life to very serious monetary and
- ASIO Report to Parliament 2011
Technical surveillance devices are reputational loss.
inexpensive, small and can be bought by This is managements’ dilemma.
Technical surveillance receives a lot of anyone online or from retail ‘spy shops’.
attention from the media whenever a case They require very little technical knowledge What can be done to counter these threats?
involving the use of technical surveillance and can be installed in minutes. It is easy to A range of general and specific TSCM are
comes to light. However, a lack of credible find instructions on the internet about how to available to significantly reduce or even eliminate
technical knowledge by reporters can create construct and use devices, and this is leading technical surveillance. A comprehensive
misconceptions or misleading myths about to more widespread use of surveillance devices information security plan should include a
technical surveillance. and activities. number of co-ordinated and complementary
Recent incidents in Australia involving the Recent Australian Case Study
layers of protection designed to provide ‘security
use of covert closed circuit television cameras in depth’.
in inappropriate situations have highlighted Concern: A TSCM Survey (often called bug-sweeping)
It was suspected that an insider subjected a
community concerns about the invasion of senior public servant to audio surveillance in the is the combination of people, process and
privacy by technical means. workplace. equipment designed to detect and respond to
Location: Capital city.
Action taken: attempts to undertake hostile covert technical
Who is at risk of technical surveillance? The organisation commissioned a TSCM surveillance.
professional to conduct a covert inspection of the
Anyone can be the target of technical target areas. The good news:
surveillance. Some people are at greater risk Result: Successful technical surveillance attacks can be
An over-the-counter ‘baby monitor’ was discovered prevented!
because of their occupation, financial position,
operating under the desk of the targeted individual.
or their fame. Subsequent investigations and searches uncovered The technical surveillance threat is constantly
Some organisations are at risk because of a number of these devices on the premises still evolving and changing along with technological
in their original packaging. Fortunately for the
the nature of their activities. To some extent, investigators the boxes also had an invoice with the advancements is electronics. Genuine TSCM
the risk of loss is dependent on the nature and name of the buyer. professionals are involved in their craft as
This situation highlights a major issue for
value of information that they possess. employers when technical surveillance enters the
a full time occupation and regularly attend
The types of information that a competitor or workplace. What is the employer’s duty of care? conferences, seminars and workshops around
adversary may be interested in depends on the It also highlights the threat posed by trusted the world to keep abreast of developments in
insiders and the need to conduct investigations in
normal daily functioning of the organisation and secret so as not to forewarn the adversary. technical surveillance and TSCM methods.
during special events such as board meetings or In the next article in this series, I will further
‘think tank’ strategy meetings. This information Whilst illegal in many jurisdictions, the explore TSCM by discussing TSCM technology,
could include: motivation, cheap cost, ready access to reliable how to design an information security program,
• Commercially valuable information – e.g. devices and components, together with the and how to select a TSCM provider.
tender information, contract negotiations, expectance that detection is unlikely, leads
pricing, trade secrets, marketing plans, client many people to be more than prepared and
lists, and customer information. willing to use eavesdropping and technical Michael Dever CPP is a Canberra based
• Organisational valuable information – e.g. surveillance techniques to obtain private and independent consulting security adviser who
labour negotiations, legal matters, or political sensitive information. specialises in TSCM. Michael is an internationally
strategies. In a recent report, Price Waterhouse Coopers recognised subject matter expert on TSCM. He
• It may involve issues of public trust indicated that: can be contacted via Michael@edpsolutions.
or confidence and which would cause “Nearly 90% of our ethical hacking tests com.au

074 SECURITY SOLUTIONS

072-075.SSM94.Loss Prevention.indd 74 12/02/2015 12:16 pm

 Demystifying
Technical
Surveillance
Countermeasures
Part Two

By Michael Dever
Goal:
In the first article it was demonstrated that the technical surveillance threat to to provide a secure environment for
information security is real, serious and evolving. Part two explores solutions people, information & other assets
to technical surveillance threats, how to design countermeasures and Technical Security
considerations when selecting a TSCM service provider. COMSEC, TSCM
Whilst most organisations have protective security measures in place to
Information Security Policies & Procedures
Risk Management Policies & Procedures

protect people, cyber and physical assets, the protection of conversations

Vetting Policies & Security Awareness

and other forms of confidential communication are generally not of concern

Security Management

Personal Security

to senior executives and therefore are given little or no priority. This lack
ICT Security

of concern is due in part to a general lack of awareness of the threats and

the appropriate risk management strategies that could be implemented to
prevent an attack in the first instance.
Another factor is the relaxed Australian attitude towards certain security
risks, which is best expressed by the phrase ‘that wouldn’t happen here’,
despite mounting evidence of the rapidly growing threat that technical
surveillance poses to an organisation’s privacy.
The goal of a protective security programme is to provide a secure Physical Security
Barriers, locks, containers, alarms, EAC, guards
environment for people, information and other assets. The interrelationship
between protective security measures is shown in Figure One. Figure One – Protective security goal

SECURITY SOLUTIONS 075

074-077.SSM95.Article 3.indd 75 30/03/2015 4:58 pm

 FEATURE ARTICLE

A comprehensive information security plan to detect technical surveillance devices and In-house vs Outsourced Services
will include implementation of relevant technical attacks). The high cost of maintaining up-to-date TSCM
surveillance countermeasures (TSCM). The A TSCM inspection is basically a technical equipment and training means that most
question facing most security directors is how investigation with an emphasis on detection. organisations will use outsourced solutions rather
to decide what TSCM are required to protect the Depending on the identified scope of work, there than establish their own TSCM capability.
confidentiality of an organisation’s information. are different types of TSCM inspections that Each solution has relative advantages and
The need for TSCM can only be determined can be provided. A professional baseline TSCM disadvantages that need to be weighed up by the
by a systematic analysis of individual situations. inspection should, as a minimum, include the individual organisation.
The first step is to recognise the potential to be following activities: In-house solutions:
a target. The second is to assess the threat of • TSCM inspection plan, involving discussions • Advantages:
technical surveillance and the third is to assess with the client to determine the client’s concerns o secrecy (no need to involve outsiders)
how vulnerable the organisation is to technical and logistical issues, such as access and timing o may be able to use existing staff and
attacks. The final step is to develop a risk of survey therefore reduce overall costs
management strategy. • radio frequency analysis, involving the use of • Disadvantages
Depending on the threat level that an a spectrum analyser to check the radio frequency o cost of equipment and training
organisation is exposed to, effective TSCM can spectrum for unauthorised transmissions (>$500k)
be very expensive to implement and, therefore, • conducted emissions analysis to ensure that o complacency of own staff
before deciding which measures are needed, a no room conversations are being carried out of
detailed threat, vulnerability and risk assessment the premises by telephone, intercom, public Outsourced solutions:
should be conducted by a recognised professional address, fire or security alarm wiring • Advantages:
TSCM specialist. The assessment should consist • search of electromagnetic spectrum for o more cost effective for most
of a detailed review of existing countermeasures infrared transmissions organisations
and of technical security weaknesses that • detailed physical search of the target area(s) • Disadvantages:
could facilitate a technical surveillance attack. to ensure that no surveillance devices are present; o involvement of outsiders
The findings of the TSCM risk assessment and conducted using specialised tools as required o no national standards, therefore, it
recommendations for improvements should be • assessment of oversight can be difficult to judge the
contained in a written report for consideration by • evaluation of the audio security environment competency of providers
the senior management of the organisation. and sound dampening measures
• written report outlining the work done and any Inspection Protocols
Inspections findings and recommendations. A best-practice TSCM inspection methodology is
One solution to the threat of technical In-conference monitoring is similar to a full necessary to ensure that inspections are effective
surveillance is a TSCM inspection. Governments TSCM inspection with the addition of real- and implemented without alerting those seeking
and businesses conduct TSCM inspections time monitoring of an important event. Some to obtain information by covert means. Activities
because they need privacy to operate effectively. organisations may even have a need to protect should be covert so as not to alert a potential
This becomes more relevant when there are themselves against technical surveillance 24 adversary. The inspection work itself is highly
important board meetings, outside meetings, hours per day. dependent on strict operational security being
strategy planning sessions or offices at executive It cannot be overemphasised that the type of observed.
residences that are used for sensitive discussions. TSCM inspection needed should be guided by For maximum effectiveness, TSCM inspections
The principal objective of a TSCM inspection is the TSCM risk assessment. should be conducted in two phases, namely the
to provide the client with a high level of assurance non-alerting and alerting phases:
that those conversations, images or other data 1 Non-alerting phase
contained within the nominated secure areas The question facing most During the non-alerting phase of a TSCM
remain private.
security directors is how inspection, every effort is made to conceal
To counter contemporary technical surveillance the TSCM activities so as not to alert potential
threats to the security of people and information, to decide what TSCM eavesdroppers. The importance of the non-
a TSCM inspection of sensitive areas requires the are required to protect alerting phase cannot be overemphasised and
combination of: failure to observe this practice could lead to
• people (vetted, TSCM trained and
the confidentiality a false sense of security and negation of other
experienced) of an organisation’s TSCM procedures.
• TSCM tradecraft
information. 2 Alerting phase
• specialised TSCM equipment (designed The physical search of the target areas is
conducted during the alerting phase.

076 SECURITY SOLUTIONS

074-077.SSM95.Article 3.indd 76 30/03/2015 4:58 pm

 who could ruin your reputation.

Service Providers any prospective client should not assume that these people?
The provision of TSCM services in Australia providers are trustworthy without conducting • Are the team members aware of their
is completely unregulated in the commercial these background checks. obligations under Work Health and Safety
sector, therefore, clients for these services should Unfortunately there are currently no recognised law and possess training to carry out the
perform the same sort of due diligence that competency standards or codes of practice in inspection work in a safe manner?
they would apply to the provision of professional Australia for this highly specialised work. So how • What is included in the TSCM inspection?
services in general. do consumers determine whether the company • Can the company provide preconstruction
There are many different types of entities or individual offering these services is competent advice?
offering TSCM services in Australia. Unfortunately, and trustworthy? • Can the company offer training and
there are two tiers of providers – professional Genuine TSCM practitioners will always be education to management/key personnel?
TSCM providers and the rest. Currently in happy to discuss their particular qualifications,
Australia there are probably fewer than five accreditations and experience. TSCM specialists Technical security is a highly specialised
professional TSCM providers. The rest consist must have a background in electronic engineering technical field that requires a professional
of wannabes, such as private investigators, (an advanced diploma or undergraduate degree) TSCM specialist possess a detailed knowledge
retirees from government service, part-timers, with an emphasis on radio frequency and of modern radio and communication systems,
moonlighters, hobbyists, amateurs and downright communications systems, as well as a minimum building construction techniques and physical
frauds. For a relatively small amount of money, of three years relevant TSCM experience. No security.

The principal objective of a TSCM inspection is to provide the client with

a high level of assurance that those conversations, images or other data
contained within the nominated secure areas remain private.
anyone can purchase a ‘bug detector’ from the matter how sophisticated or expensive the Conclusion
internet and hang out their shingle as a TSCM piece of electronic hardware being used, the TSCM inspections used alone are of limited value
expert. Impressive websites do not tell the whole operator should have training in electronics and unless the other protective security domains are
story about who can and who cannot provide a communications to fully understand the readings also effective.
professional TSCM service to a high level. and signals given by the machine. An organisation is put at great risk from a
Before hiring a TSCM service provider, Do not be fooled by persons claiming previous false sense of security if too much reliance is
organisations should determine the provider’s law enforcement or intelligence backgrounds. placed on electronic inspections without a proper
background and qualifications to ensure the Unless they possess direct and recent experience assessment of the threat and a detailed TSCM
provider has the correct equipment and personnel in a TSCM team, it is likely they are using their inspection involving audio, radio frequency and
who know how the equipment operates. Many previous employment to provide them with a de carrier current checks and a detailed physical
private investigative and engineering firms facto endorsement. Always be dubious of anyone inspection.
advertise that they perform TSCM services, but who claims to have found many devices. With computers becoming a fixture in business
few have the experience and/or equipment to do When selecting TSCM providers, ask the and private lives, any TSCM inspection should
a competent job. following questions as a starting point: also take computers into consideration. Sensitive
Beware of firms that offer so-called debugging • Is TSCM the only service provided by the corporate and personal information are likely to
or sweep services. Usually these firms only company? be contained on computer hard drives.
perform certain parts of the inspection, such as • What is the reputation of the company? If security is important enough to pay for a
an electronic search for radio frequency room • Will the company sub-contract this service TSCM inspection, then it is important enough to
bugs, without a physical search or conducted out? pay for a legitimate sweep conducted by a trained,
emissions analysis. • What equipment does the company use? experienced and equipped TSCM professional.
Whilst some Australian governments maintain • Is the equipment up-to-date?
their own organic TSCM inspection teams, they • What are the backgrounds of the TSCM team?
explicitly do not endorse commercial providers. • Are TSCM team members security cleared? Michael Dever CPP is a Canberra based
Anyone who claims government endorsement is • Are the team members qualified and independent consulting security adviser who
providing misleading information. authorised to look at electrical, structured specialises in TSCM. Michael is an internationally
There is no mandated security licencing, cabling systems or telephone systems? recognised subject matter expert on TSCM. He
criminal history or security checks of commercial • Are the team members trustworthy? can be contacted via:
TSCM providers in Australia. This means that • Do I want to discuss my/our weaknesses with michael@edpsolutions.com.au

SECURITY SOLUTIONS 077

074-077.SSM95.Article 3.indd 77 30/03/2015 4:58 pm

 Demystifying
Technical
Surveillance
Countermeasures
Part Three

SECURITY SOLUTIONS 073

072-075.SSM96.Article 3.indd 73 4/06/2015 12:39 pm

 FEATURE ARTICLE

By Michael Dever

This article explores some myths surrounding the system is to detect covert surveillance devices. security adviser, video surveillance professional/
provision of TSCM services and offers readers The components of a TSCM service are people, installer, security risk assessor, security guard or
some procurement advice. equipment and procedures. ICT professional may contribute to background
Previous articles in this series have highlighted Professional TSCM services are successfully TSCM knowledge, these professions should not
that the threat to the security of information from achieved through the application of three main necessarily be considered as providing direct and
hostile technical intelligence gathering techniques components: appropriate technology, qualified relevant TSCM knowledge or experience.
is real and growing for Australian businesses and and experienced specialists and specific Look for tertiary electronic engineering
governments. protocols (aka tradecraft) combined into a system qualifications and full membership of recognised
Professional technical surveillance for the detection of technical surveillance threats. TSCM professional associations such as the
countermeasure (TSCM) surveys are a major Providing TSCM services is equipment and TSCM Institute (www.tscmi.org) and the
part of the information security paradigm that labour intensive and can be expensive. To Espionage Research Institute International (www.
protects information in all its forms. The purpose properly equip, train and house a TSCM team will erii.org). There is no recognised professional
of a TSCM survey is to detect the presence of cost a minimum of AU$500k. Many organisations association for TSCM practitioners in Australia.
covert technical surveillance devices, as well as outsource TSCM services because they cannot Full membership of the TSCM Institute is only
to identify any vulnerability in protective security afford these costs. available to individuals who have satisfied
measures at a facility that would allow or facilitate The provision of TSCM services is a very technical, operational and ethical criteria to a
technical surveillance. complex and demanding field. To avoid a costly panel of international peers.
Most people, even some security professionals, ‘false sense of security’, it is advisable to check The cost of providing a professional TSCM
do not comprehend all that is required to do a the qualifications, equipment, experience and service to a customer is dictated by the high
TSCM survey properly. Movies and television reputation of anyone offering TSCM services. cost of specialised equipment, tools and
shows do not begin to even scratch the surface The technical surveillance threat is constantly training required. For a number of years now,
of what is required to do a professional TSCM evolving and changing along with technological professional TSCM providers in Australia have
survey. advancements is electronics. Genuine TSCM been assailed by amateurs, incompetents and
Unfortunately, some unethical and fraudulent
players in this field propagate lies and myths
on their websites about the provision of TSCM Professional technical surveillance
services. There are so many myths and countermeasure (TSCM) surveys are a major
misleading claims out there that space precludes
a discussion of all of them, nevertheless the
part of the information security paradigm that
‘myth of frequency range’ is discussed later in protects information in all its forms.
this article.
It is always revealing to visit the web pages professionals are involved in their craft as downright frauds. Unfortunately, the apparent
of some so-called TSCM providers. They are a full-time occupation and regularly attend high profitability of TSCM services has attracted a
a rich source of myths perpetuated by non- conferences, seminars and workshops around number of incompetent and unethical individuals
professionals, who make life hard for real TSCM the world to keep abreast of developments in and organisations to enter the field. Often, new
professionals. There are websites with images that technical surveillance and TSCM methods. entrants to the TSCM world see the provision of
show equipment the provider probably does not It is unlikely that firms or individuals offering TSCM services as a nice money earner on the
own (or worse still, rents); equipment that is over TSCM services who also advertise criminal side of their other businesses. This is particularly
40 years old and designed for outdated threats; and civil investigations, fraud investigations, the case with private investigators that provide
and test and measurement equipment that would matrimonial matters, firearms training, VIP TSCM services. It does not require much analysis
be illegal to use in Australia. It is unclear whether protection and so on are qualified to provide to see that private investigations firms, like the
these providers are really that stupid or hoping professional TSCM services. private security industry, are generally very low
that their client will not be informed enough to ask Do not be misled by the false veil of profitability businesses.
the right questions. secrecy some operators use to conceal a When an opportunity to make ‘hundreds of
To assess the effectiveness of a particular lack of qualifications or experience. Genuine dollars an hour’ doing ‘sweeps’ presents itself,
TSCM service provider it is useful to think of a TSCM professionals will happily discuss their most will not turn down the opportunity, despite
TSCM service as a ‘system’ that is integrated qualifications, experience and methods with not having the correct qualifications, training and
components designed to achieve an objective clients. While experience in government or law equipment to do the work professionally. After all,
according to a plan. The objective of the TSCM enforcement or as a security consultant, physical all private investigators need to do is buy a ‘bug

074 SECURITY SOLUTIONS

072-075.SSM96.Article 3.indd 74 4/06/2015 12:39 pm

 who could ruin your reputation.

detector’ online for less than $1,000 and they can The Myth of Frequency Range Procurement of TSCM Services
put their shingle out as a TSCM expert. Why not? Some TSCM providers would have clients believe Before hiring any firm to conduct a TSCM sweep,
It is unlikely that the customer will know the right that the RF part of a sweep must cover a specific consumers should find out their background and
questions to ask. (their) range of frequencies. Often, the range of qualifications. Many private investigative firms
Some ‘TSCM providers’ may have attended frequencies quoted matches the particular piece advertise that they perform TSCM services, but
some very basic training courses that are offered of kit they have purchased, and has no relationship few have the experience and/or equipment to do
by TSCM equipment manufacturers; however, to the real world of RF communications. a thorough job. Typically, there is no specialised
these courses are designed around their It has almost become an issue of bragging licensing or certification required for TSCM. While
proprietary equipment. They are limited to how to rights, with some firms claiming that their a legitimate TSCM sweep performed by a true
use their particular brand of equipment and not TSCM specialist typically costs more, what is the
the theory of operation of the equipment. The objective of the TSCM value in paying for anything less?
Like most new professions there are few
system is to detect covert Consumers should also ensure that TSCM
standards or widely accepted codes of practice personnel have the necessary professional
for TSCM services in the commercial world in surveillance devices. insurances, Workplace Health and Safety (WHS)
Australia. Consumers are advised that they should The components of a training and other relevant certifications necessary
engage with a recognised TSCM professional to undertake the TSCM survey work. This
about their concerns before they spend and
TSCM service are people, includes, but is not limited to working at heights;
potentially waste a lot of money for a ‘false sense equipment and procedures. working in confined spaces; electrical safety; and
of security’. Australian Communications and Media Authority
Undertaking an effective TSCM inspection equipment covers a wider range of frequencies (ACMA) cabling licence, with endorsements for
typically requires that the TSCM provider and therefore must be better – after all bigger is working on data and telecommunications cables.
possesses significant experience in a range better! A final word of caution, consumers who are
of disciplines and an extensive inventory The claim that the RF detection system going to allow a stranger into their inner sanctum
of inspection equipment. The disciplines should cover a specific range of frequencies is should make sure they are trustworthy and not
include radio frequency (RF), voice and demonstrably wrong technically and therefore working for someone else or with a secret agenda.
telecommunications (including VoIP), electrical a myth. At the very least, these statements
(general wiring, building management systems), demonstrate the technical incompetence of the
ICT infrastructure, building construction authors. It is generally accepted amongst TSCM
techniques, acoustics, security alarm and professionals that the RF detection system used
electronic access control systems, and non- during a sweep should be capable of covering
destructive testing techniques. a specific range of known frequencies for
As a minimum, a TSCM service provider surveillance devices. In any case, the frequency
should have access to a significant inventory of range of the RF detection system should be
state-of-the-art inspection equipment. There determined by the threat assessment and, in
is no one piece of equipment that satisfies all particular, intelligence about the capabilities of
inspection requirements. Prospective clients for the client’s adversary.
TSCM services should scrutinise the equipment
used by TSCM providers for relevance, currency Enter the Laws of Physics
and the limits of its capabilities. Any communications engineer knows that any
Typical TSCM survey equipment suites will device using RF frequencies will behave in ways
include an RF analysis system, non-linear junction that can be scientifically predicted and tested.
detector (NLJD), ‘near-field’ RF detectors, high- For example, in the real world, the highest
grade thermal imaging cameras and audio test frequency range of concern for most commercial Michael Dever CPP is a Canberra-based
equipment. More advanced teams will also have threats is actually much less than 6GHz. Some independent consulting security adviser who
access to industrial radiography (X-ray), sub- TSCM equipment will cover a much higher specialises in TSCM. Michael is an internationally
surface radar, network protocol analysis, Wi-Fi, frequency range (24/26.5 GHz); however, this recognised subject matter expert on TSCM. He
Bluetooth and similar discovery and location coverage is designed to deal with esoteric threats can be contacted via:
equipment, infrared detection equipment, and a that generally only exist in the highest end of the michael@edpsolutions.com.au
number of complementary technologies. threat spectrum.

SECURITY SOLUTIONS 075

072-075.SSM96.Article 3.indd 75 4/06/2015 12:39 pm