Threat Information
Are You At Risk?
Risk assessment is a balance between the cost of protection, the likelihood of attack and the potential loss should an attack be realised.
We believe that the threat of unauthorised surveillance against UK and Global business using one of the many modern methods of eavesdropping and technical compromise is both clear and present.
QCC Interscan finds that a high percentage of inspections yield direct or indirect evidence of eavesdropping activity, or uncovers serious security weaknesses that make the likelihood of information theft highly likely.
Global investment in leading technology and companies and organisation’s rich natural wealth make worthwhile targets for industrial espionage agents.
The potential loss to a business of a successful attack is particularly high and the cost of an effective counter-surveillance service is by comparison minor.
The Threat of Attack
The threat from electronic eavesdropping and technical attack is on the rise exponentially. The price of surveillance devices from Radio and GSM listening devices to Hardware and software keystroke loggers has fallen dramatically to only a few pounds.
Availability of these kinds of devices has raised with high street shops, mail order and internet suppliers offering these devices to the mass consumer market.
Because vital business information costs organisations millions to acquire, it is also a primary target for those who may wish to compete with you on a less than level playing field.
A whole range of technical attacks using nefarious means to steal business information, are increasingly being detected in the UK and Globally. Foreign competition and unscrupulous competitors are increasingly using these methods to gain important business information.
Methods used and identified are a range of techniques used to steal your business information including radio bugging, GSM Bugging, concealed video cameras, telephone bugging, computer network and PC monitoring, hacking and social engineering.
The simplest methods are often employed and are usually identified first in any campaign of information theft from a target company. These include, stealing or copying unattended confidential documents, stealing or intercepting confidential office waste and visual intrusion.
Deployment of bugging devices takes a matter of seconds to be effectively concealed. Experience has shown that companies own personnel are commonly employed to install and move devices, sometimes without their knowledge. Some surveillance techniques even use the Internet to transmit stolen information from a victim organisation.
GSM Threat
In recent years the biggest threat and advance in eavesdropping technology has been in the area of GSM (Global System for Mobile communications) devices.
These devices use the mobile telephone infrastructure and technology to relay room audio to an eavesdropper in a remote location. The global nature of the mobile telephone network is such that a device planted in a boardroom in London can be monitored from any location in the world with a telephone connection either landline, cellular or Skype.
Read more...Radio Bugging Devices
The threats posed by traditional radio-based bugging devices is still very real and present.
Telephone line eavesdropping still uses radio based technology to transmit both sides of a conversation to an eavesdropper or recording device. Radio based room or telephone transmitters have fallen in price significantly in recent years whilst the quality and stability of these devices has risen.
Eavesdroppers use radio bugging devices as the intelligence is received in real time and is of a very high quality. Microphone technology and high gain circuit design enable these devices to pick up the slightest sound within a room up to 7 metres away from the installed bug.
Read more...Keystroke Logging
Keystroke loggers are physical devices or software packages which are used to directly record user’s key presses on a keyboard or to store information within a program as to the activity on a host computer.
QCC has seen a massive increase in the use of both PS2 and USB keystroke hardware keystroke loggers. These devices are either plugged in line between the keyboard and the computer or installed inside the keyboard itself. These surveillance devices have on board memory typically up to 4 Mb. This amount of on board memory is enough to capture 4 million key presses or in real terms over a year’s worth of average computer use.
Read more...Optical Eavesdropping Threat
The optical eavesdropping threat is sometimes overstated and used as a scare story by security companies. QCC classifies the threat from optical eavesdropping to range from simple visual intrusion into office or sensitive areas up to the deployment of sophisticated laser microphone technology.
During a TSCM inspection QCC engineers check for the positioning and exposure of computer screens, AV and presentation equipment and the threat from the close proximity of adjacent buildings. On numerous occasions we have reported vulnerabilities from visual intrusion into highly confidential areas. Confidential documents and information left on white boards and presentation equipment that can easily be read by unauthorised persons outside the target area.
Read more...GPS/GSM Tracking Threat
The threat from combined GPS (global positioning satellite) and GSM systems has also increased greatly over the last few years. GPS receivers have become very sensitive and the technology for acquiring GPS positions has become very advanced allowing GPS information to be received even when no direct line of sight with the sky is possible. The cost of these systems has also come down; it is possible to buy a GPS tracker no bigger than a key ring employing the latest GPS circuits for around £30.
Read more...Conclusion
We have examined some of the most common and high risk threats facing the commercial, government and personal executive. QCC Interscan is specially equipped and has dealt with the detection of these threats for over 10 years.
Read more...See a list of all threats here.
