Corporate spies have had months in empty buildings to deeply plant their electronic bugs, taps and data leaches. Time to clean up, before opening up.

OLDWICK, NEW JERSEY, USA, February 16, 2021 /EINPresswire.com/ -- Corporate espionage has never been easier. Workplaces—unpopulated for months— became easy targets for corporate spies and foreign government types. The pandemic created a golden opportunity to Deep Plant their electronic surveillance devices.

Covid-19 Deep Clean sanitization will happen in organizations everywhere. Once completed office employees will begin returning to their desks. Everyone will feel safer, at least health-wise.

Kevin D. Murray, director of Murray Associates TSCM points out, “The blind spot is the security health of the workspace itself. Offices, conference rooms and boardrooms will need a Deep Clean for the electronic bugging infestations. Only the most diligent security directors are currently planning for this.”

“Consider this,” Murray adds, “During the work-from-home days executive suites were empty. No one was in the buildings except a few security and maintenance folks. The long lock-down afforded plenty of time to prepare an intrusion and deeply embed multiple types of intelligence collection devices.”

Murray occasionally hears from uninformed corporate executives, “Outsiders can't get into our building. We have really good security.” He politely asks them to consider these scenarios…

• The night or weekend guard is probably a low-paid, part-timer; more interested in their smartphone than anything else. Would a good pretext and a work-order get the spy in? Posing as the Covid Cleaning Service might open the door. Who wants to turn them away. Not sure a phony work-order would work at your place? What if they simply offered official government paper ($$$$) instead. It would only be a matter of, “how much?”

• Night and weekend security guard shifts are notoriously hard to fill. So, the Deep Placement tech simply applies for a security guard’s job working nights and weekends at the targeted facility, likely left alone and unsupervised.

• Many workplaces can be covertly entered using a can of compressed air instead of a cardkey. This covert entry technique doesn’t trip the alarm. It appears to be a legitimate exit. (Compressed air is just one of 10+ common covert entry tricks in the spy’s kit.) Once in, others in the building think the intruder must be authorized to be there.

• Has your organization been using the down time to conduct renovations? Think of all the opportunities that endeavor presents for deeply embedding surveillance devices. The book, The Attack on Axnan Headquarters: An Espionage Operation, explains in detail how this is done. The plot is an actual account (sanitized) of a real corporate espionage operation conducted during a construction project.

• The average CCTV system isn’t much protection either. Recordings, if available, are rarely reviewed unless there is an alarm or incident. By then, the bug installer is long gone, and you have no idea what they did while they were there.

The reality is, organizations just don’t know if employees will be returning to hot-wired offices.

Stolen information using deeply embedded surveillance is handled carefully, so the target will never become suspicious. Cautious tradecraft like this yields valuable information for years to come. Remember, the parasite is not out to kill the host, until the host is no longer useful.

Inattention is what unethical competitors, opportunistic freelancers, and foreign interests are counting on. They are betting their bugged victims will not conduct a Technical Surveillance Countermeasures Deep Clean (TSCM/DC).

What is a Technical Surveillance Countermeasures TSCM Deep Clean?

Employees need to feel safe about operational and personal privacy, in addition to feeling safe about their health. Periodic inspections for illegal surveillance devices in the workplace is the primary method used to assure these privacies.

Elements Common to TSCM Deep Cleans
• Pre-inspection discussion, evaluation and planning.
• Physical examination of areas at risk.
• Technical examination of the areas.
• An information security survey to identify other vulnerabilities.
• A post-inspection debriefing.
• A written report documenting findings, recommendations and due diligence.
Each element is discussed in greater detail in The TSCM Inspection Process.

During normal times a TSCM/DC is most often conducted on a quarterly basis, within the most sensitive areas. As the pandemic recedes, a complete TSCM Deep Clean (within all sensitive areas) needs to be conducted before employees return.

TSCM Deep Cleans are often conducted after normal business hours because they…
• don’t disrupt the flow of business,
• don’t alert employees (who may be involved in planting devices),
• reveal transgressions of company information security policies,
• allow your counterespionage consultant to quickly identify non-electronic security vulnerabilities, and security hardware which have decayed effectiveness.

There are exceptions to off-hours TSCM Deep Cleans. Board meetings and off-site meetings, for example, are preceded by a TSCM/DC. Once complete, the technical investigator relocates to an area nearby the meeting and begins radio-frequency spectrum monitoring. This precaution detects bug transmissions which may come on-the-air at the last minute, or during the meeting.

Plan Ahead for Your TSCM Deep Clean

Organizations will be opening their offices at approximately the same time. Plan ahead. You want to employ the most capable and reliable firm to conduct your TSCM Deep Clean. The most competent teams will be booked first, and you know the rule… 90% are not in the top 10% of their class. This matters. An ineffective inspection buys a false sense of security. And, that’s worse than a healthy sense of caution.

If you have any questions, or would like to schedule our services, just let us know.

– – – – –

Kevin D. Murray CPP, CISM, CFE, CDPSE is a business counterespionage consultant and TSCM specialist with over four decades of experience.

Murray Associates is an independent security consulting firm, providing eavesdropping detection and counterespionage services to business, government and at-risk individuals.

Headquartered in the New York metropolitan area, a Murray Associates team can assist you quickly, anywhere in the United States, and internationally.

Kevin D. Murray
Murray Associates - TSCM
+1 908-832-7900
email us here
Visit us on social media:
Twitter
LinkedIn

The office suite master key is sometimes a can of compressed air.