TSCM Tech: Another Step Closer to the Holy Grail - Visualizing RF

Holo-Scan: 3D Scanner with Augmented Reality (AR) Headset
The Holo-Scan is a 3D electromagnetic field mapping system in augmented reality (AR) compatible with various laboratory equipment such as spectrum analyzers, vector network analyzers (VNA) or specific probes (Narda, Wavecontrol…). Unlimited frequency band depending on the instruments used.  The data is then exported in .lxd format and directly analyzed in the online viewer. more

Looking forward to the day this can be direct coupled to an SDR and my Vision Pro. ~Kevin

TSCM Tech - Coating Hides Temp Changes from IR Cameras

An ultrathin coating developed by University of Wisconsin–Madison engineers upends a ubiquitous physics phenomenon of materials related to thermal radiation: The hotter an object gets, the brighter it glows.

The new coating — engineered from samarium nickel oxide, a unique tunable material — employs a bit of temperature trickery.

“This is the first time temperature and thermal light emission have been decoupled in a solid object. We built a coating that ‘breaks’ the relationship between temperature and thermal radiation in a very particular way,” says Mikhail Kats, a UW–Madison professor of electrical and computer engineering. more

The Last Thing I Wanted to See...

In the parking lot,
after completing a TSCM bug sweep...

FutureWatch: Visualizing Radio Waves to Detect Eavesdropping Bugs

If you could see radio waves it would make finding your misplaced mobile phone easier. It would also make finding eavesdropping bugs and covert spy cameras easier to find, too.

We are not quite there yet, but progress is being made. A French company, Luxondes, is working on this now. Their focus, however, is not consumer or TSCM oriented. The immediate profit market is product testing. 

In this video, they show a transmitting device being waved in front of a panel with 64 sensors operating between 50 MHz and 3 GHz. 

Being able to visualize radio waves is necessary for many reasons. As TSCM practitioners, we want this technology to evolve.  

• Initially, by developing a hand-held screen which can be moved around a room or vehicle. 
• Eventually, by developing a device—maybe a spatial headset—that displays radio-frequency energy as a 3-D fog, lidar-map the room, and document both for review and as evidence. 
• And, whenever possible, add AI capabilities. Determine the frequency. List what is legally allowed to use that frequency. Analyze and identify the waveform. Display the results, and highlight any anomalies. 

With any luck, REI is also working on this for us.

Free TSCM AI Knowledge Wiki

The website, counterespionage.net, provides a comprehensive range of resources related to Technical Surveillance Countermeasures (TSCM), which can be considered as a knowledge wiki for several reasons:

1. Informative Articles: It features detailed articles explaining what TSCM is and its importance in protecting corporate privacy and intellectual property. For example, the article on What Is TSCM? outlines the holistic approach needed for effective TSCM evaluations.

2. Free Resources: The site offers free TSCM security reports, publications, and videos that educate users about various aspects of surveillance and counter-surveillance techniques. You can find these resources in the TSCM Information section.

3. Guides and Tips: It includes practical guides such as the Security Director’s Guide to Discussing TSCM with Management and tips for businesses on counterespionage, which serve as valuable educational tools.

4. Case Studies and Testimonials: The website also shares case studies and client testimonials that provide real-world examples of TSCM applications, enhancing the learning experience for users.

5. FAQs and Expert Insights: The presence of a FAQ section allows users to get quick answers to common questions about TSCM, further contributing to its role as a knowledge base.

Overall, the combination of educational content, practical resources, and expert insights makes this website a valuable TSCM knowledge wiki. more

Trade Secret Cases On the Rise

Barnes & Thornburg LLP - Mitchell Berry

In recent years, there has been a noticeable uptick in trade secret litigation, signaling a shift in how businesses safeguard their valuable intellectual property...

Clients are increasingly turning to trade secrets as a means of protecting their innovations, particularly in sectors where rapid technological advancements and short product life cycles render patents less effective. Trade secrets offer perpetual protection as long as the information remains confidential, providing a valuable alternative for companies operating in dynamic and fast-paced markets.

The rise of trade secret litigation also highlights the need for robust internal policies and procedures to safeguard confidential information proactively. Companies must invest in measures such as employee training, restricted access controls, and non-disclosure agreements to mitigate the risk of inadvertent disclosure or theft of trade secrets. more

Did You Know: The legal system does not automatically protect Trade Secrets just on your say-so. You need to prove a history of special protections, like TSCM.

2024 TSCM Trend Analysis

TSCM Equipment Market Size, Share, Competitive Landscape and Trend Analysis Report by Type, by Product and by Industry Vertical: Global Opportunity Analysis and Industry Forecast, 2023-2032

Excerpt: "For instance, Murray Associates, an independent security consulting firm specializing in counterespionage consulting and information security for 40 years, provides TSCM and eavesdropping detection using real-time RF spectrum analysis, which is an advanced TSCM technology. 

In addition, Murray Associates, recently was the first non-government TSCM organization to offer advanced TSCM technology. The firm launched non-linear junction detection (NLJD) that can locate spy cams and other bugging devices even while they are turned off or out of power.

These factors result in innovation of highly discreet and capable modern surveillance technologies that are able to evade methods of traditional TSCM to meet new, emerging technical threats. The advanced TSCM equipment market is expected to grow at the highest CAGR." more

A Corporate New Year's Resolution - Detect Espionage Easily

Intelligence collection is a leisurely process. Enemies quietly collect long before they use. 

Until they use what they have gathered, no harm is done. Knowing this gives you the edge.

• Electronic Surveillance is not the goal. It is a means to an end.
• Electronic Surveillance is a key component of intelligence gathering.
• Electronic Surveillance is the one spy trick which is easily detectable, if you look for it.

Protection Requires Detection
Technical Surveillance Countermeasures (TSCM) audits exploit weaknesses inherent in electronic surveillance. Knowing you are being targeted provides you with time to counter - before your information is used against you; before harm is done.

All businesses need TSCM as their canary in the mine shaft. 

Click here to learn more... counterespionage.com

Why You Really Need a Technical Information Security Consultant

The non-existence of a trade secret asset: ‘confidential’ information
by R. Mark Halligan 

FisherBroyles LLP

For years, there has been a debate whether “confidential” information is analogous to a “trade secret.” It is not. Information is either protected as a “trade secret” or not protected as a “trade secret.” Any other characterization of “confidential” information undermines the protection of trade secret assets and interferes with lawful and fair business competition.

There is no such thing as non-trade secret “confidential” information.

There is no such thing as “confidential” information that does not rise to the level of a trade secret.

There is no middle ground: Either the information is a “trade secret” (and protectable) or not a trade secret (and not protectable).

A “trade secret” is an intellectual property asset that requires reasonable measures to protect the information as a “trade secret” and proof that such information derives an actual or potential economic advantage from the secrecy of the information. more

Your business is based on information and conversations considered confidential, sensitive, or intellectual property. These create your competitive advantage. No less important than trade secrets, and yet, not protected under trade secret law. 

So, what protection do you have? 

Start by adding a Technical Information Security Consultant to your team. Their proactive surveys can spot espionage issues like electronic eavesdropping, information security risks, and employee compliance with information security policies—before they become losses.

Corporate TSCM Information Security Inspections - Myths, Excuses & Reality

There are some myths and excuses that really need to be debunked.

(Not sure what a TSCM inspection is. Check here first.) 

TSCM SECURITY INSPECTION MYTHS and EXCUSES

Espionage is a Covert Act

Excuse: “I don’t see that we have a problem. No one is bugging our offices and boardroom.” 

 

Reality: The first rule of espionage is, “Be invisible.” You won’t know if you are being eavesdropped on if you never check.

Fear of being Labeled Paranoid

Myth: Peer pressure from upper management. 

 

Reality: Most top management appreciate proactive security thinking from their staff.

Lack of Awareness

Excuse: Yes. 

 

Reality: A lack of awareness of the risks associated with electronic eavesdropping, or the need for TSCM security inspections is common. Management may be unaware of TSCM as an available countermeasure.

Cost

Myth: TSCM inspections can be expensive. The costs involved in hiring a professional TSCM specialist, or purchasing specialized equipment, and conducting regular inspections can be a deterrent to scheduling TSCM inspections. 

 

Reality: Espionage losses are more expensive, much more. Hiring a TSCM specialist is very cost-effective, if you hire a competent firm. TSCM inspections are cheap insurance. Actually, better than insurance; TSCM can prevent the loss in the first place.

Perception of Low Risk

Excuse: Some businesses may believe that the risk of electronic eavesdropping is low in their industry or specific workplace. They might assume that their organization does not hold valuable or sensitive information that would attract eavesdroppers. 

 

Reality: Being “in business” means having a competitive advantage, and others do want it.

Lack of In-House Expertise

Excuse: Conducting TSCM inspections requires specialized knowledge and equipment. If a business does not have the expertise in-house they may choose not to pursue these inspections. 

 

Reality: Hiring an information security consultant–who has TSCM as their speciality–is the solution.

 

More TSCM Security Inspection Myths & Excuses

Fear of Disruption

Myth: TSCM security inspections can temporarily disrupt normal business operations. The process involves sweeping the premises, potentially causing interruptions or inconveniences to employees or ongoing activities. Some businesses might be reluctant to undergo such disruptions. 

 

Reality: Most inspections are conducted after business hours. When necessary, a TSCM team will assume the same dress and demeanor as employees, have a plausible reason for being in the area, and will work around employees so as not to disturb them.

Trust in Existing Security Measures

Excuse: Businesses may have confidence in their existing security measures, such as physical security, cybersecurity, or access controls. They might believe that these measures are sufficient to protect against eavesdropping and thus forego TSCM security inspections. 

 

Reality: Experience has shown that do-it-yourself security measures are never sufficient to protect against eavesdropping and other forms of information loss. TSCM inspections always identify vulnerabilities and provide recommendations for improvement.

Lack of Legal or Regulatory Requirements

Excuse: Depending on the industry or geographical location, there may be no legal or regulatory obligations that mandate TSCM inspections. In the absence of such requirements, businesses may choose not to prioritize these inspections. 

 

Reality: The financial success of a business should be a more effective motivator than a legal requirement.

Perception of Invasion of Privacy

Myth: TSCM security inspections are invasive or a breach of employee privacy. They might fear that conducting such inspections could harm employee morale or create an atmosphere of distrust. 

 

Reality: Employees appreciate security measures which protect their livelihood and personal privacy. When an employer demonstrates care for information security, employees will act more carefully too.

Limited Resources

Excuse: Small businesses or those with resource constraints may prioritize other operational needs over TSCM security inspections. They might allocate their limited resources to other critical areas or invest in measures they perceive as more immediate concerns. 

 

Reality: Defense is mandatory for survival. Budget waste and misallocation can usually fund TSCM security inspections without added expense, once corrected.

Overconfidence

Excuse: Some businesses might have a sense of overconfidence in their security measures, believing that they are already adequately protected against electronic eavesdropping. This false sense of security can lead to complacency and a disregard for TSCM inspections. 

 

Reality: These businesses are at-risk.

Carefully assess the risks in your workplace. Schedule TSCM security inspections, because… corporate espionage is not a myth.

###

Murray Associates is an independent technical information security consulting firm. They provide electronic surveillance detection and counterespionage services to business, government and at-risk individuals.

Headquartered in the New York metropolitan area, a Murray Associates team can assist you quickly, anywhere in the United States, and internationally.

Why More Businesses Are Not Conducting Periodic TSCM Inspections

IT & Security Pros Pressured to Keep Quiet About Data Breaches

Organizations globally are under tremendous pressure to address evolving threats like ransomware, zero-day vulnerabilities, and espionage, and they face challenges in extending security coverage across multiple environments and dealing with an ongoing skills shortage, according to Bitdefender.

Alarmingly, more than 42% of the total IT/security professionals surveyed said they have been told to keep a breach confidential when they knew it should be reported and 30% said they have kept a breach confidential.

43% of IT/security professionals surveyed said extending capabilities across multiple environments (on-premises, cloud, and hybrid) is the greatest challenge they face which tied with complexity of security solutions also at 43%.

Not having the security skill set to drive full value came in as a strong second at 36%. more

This is an old phenomenon. We call it The Ostrich Effect.

“Is this a bug?” (updated)

“Is this a bug?” is a question we are often asked.

Usually the answer is, “I understand why you are asking is this a bug. Some bugs do look similar to this. But, here is what you actually found.”

Real electronic eavesdropping devices are getting smaller. So are lots of other little electronic bits which are part of our everyday lives. Distinguishing between the two can be tricky. If the object you found makes you think, is this a bug, keep reading. You stand a good chance of finding your answer here.

From Phone Bugging to Kidnapping...

 ...these are the biggest security concerns of the super-rich...

Armed burglaries, kidnapping, offshore bank account hacking - when it comes to security risks of the super-rich, nothing is off the cards.

‘UHNWs often have unique security concerns due to their wealth and high profile’, says David Webb, Managing Director at Valkyrie, a specialist security consultancy firm. ‘These issues are not just specific to them but can also involve their families and close friends...

In addition to the investigation we conducted a TSCM sweep (Technical Surveillance Counter Measures aka bug search), cyber review and device compromise check, as it was believed the blackmailer had access to the clients systems and possibly had planted eavesdropping devices in his house and office – which ultimately proved true.’ more

"Technical Surveillance Countermeasures Market (TSCM) Is Likely to Experience a Tremendous Growth by 2029"

(Orion Market Research reports, with explanation links added.)

Technical surveillance countermeasures market (TSCM) is anticipated to grow at a significant CAGR during the forecast period. The emergence of wireless technology and Internet of Things technology, growing adoption of espionage device detecting systems in various sectors such as commercial, government, industrial, defence and aerospace, and rising demand for modern surveillance technologies are some of the major factors, that are expected to fuel the technical surveillance countermeasures (TSCM) market demand, during the forecast period.

TSCM, also referred to as digital bug sweeping, entails detection and identification of the presence of technological surveillance hazards and devices, including hidden microphones, cameras, or other electronic devices. It offers thorough instrumented, and, physical and visible evaluation of a facility's technical security status. This system not only detects and locates espionage devices, however, additionally identifies various regions, where an enterprise has a risk factor to lose any vital information through illicit eavesdropping devices or systems such as electronic bugs, hidden cameras, listening devices, cellular interception, Bluetooth interception, burst transmitters, laser microphones, among other devices. more

• Security Companies: Add TSCM to your services menu.

• Corporate Security Departments: Add TSCM to your enterprise services.

In-house, or contract... Contact Murray Associates TSCM for free turnkey advice.

Spy History: Life Imitates Art - The Shoe Bug

...The discovery of a “shoe bug” then prompted SY (US State Department - Division of Security) to modify its ACRs (Acoustic Conference Room)...

In 1969, Harry G. Barnes, Jr., Deputy Chief of Mission in Bucharest, Romania, called a classified conference, which met in the “bubble.” SY officer Lou Grob was monitoring the meeting from another room and heard the conversation. He immediately informed the Administration Officer (the RSO’s superior) that there was a bug in the ACR. After searching, they found something resembling Don Adams’s “shoe phone” from the 1960s television series Get Smart!--the bug was located in the heel of Barnes’s shoe. 

Barnes had had the butler take his shoes out to be modified, and someone had installed the bug in the process. After this incident, SY officers covered ACRs with Reynolds plastic wrap to reduce the radiation of low-power devices such as shoe bugs until the proper security modifications could be made. more  "Psst... Wanna buy some spy shoes? Click this."

The 2.4 GHz Bug: $10

Another Good Reason to Schedule TSCM Corporate Security Inspections

This 2.4 GHz bug is just one of many eavesdropping devices, GPS trackers and spy cameras flooding the market these days. Corporations valuing information security and privacy need to be especially alert.

Many of these surveillance devices are not sophisticated, but they are very effective. 

Worse, they are readily available to anyone with a credit card and internet access. Most are so inexpensive they are considered “toss-away” — use once, don’t retrieve — perfect for short-term, low-risk use. Let’s examine… more