What does a Bug Sweep Involve?

This Is The Typical Sequence Of Events Which
Bugged.com Follows For TSCM Inspections

* Click Here to Schedule a Bug Sweep *

1. Client Initiates Secure Contact

* Client reviews Bugged.com's web site and related TSCM materials
* Contact is made away from suspect facility (pay phone at airport, etc...)
* Contact is not made via a suspect telephone, cordless, or cellular telephone
* Initial arrangements for secure face-to-face meeting (if requested)
* Materials sent to Bugged.com regarding suspect facility

2. Initial Meeting and Commissioning

* Initial and secure face-to-face meeting (if requested)
* Initial meeting at sterile location away from any suspect facility
* Discussion regarding clients concerns, and vulnerabilities
* Commissioning of TSCM services, if appropriate
* Formulate plan in case an eavesdropping device or security hazard is found

3. Pre-Inspection Survey, Research, and Facility Reconnaissance

* Review of facility blueprints
* External RF survey (9 kHz to 26.5/40 GHz)
* Facility exterior reconnaissance

4. Vulnerability Analysis

* Threat assessment
* Physical security assessment
* Electronic security assessment
* Internal RF survey
* Audit of communications systems and facilities
* Inventory of furnishings, fixtures, and artifacts
* Evaluation of structural elements (walls, ceilings, floors)
* Sketch of suspect area and facilities
* Identification of sensitive areas
* Identification of intercept locations
* Identification of probable listening posts
* Development of threat model
* Performed during normal office hours (with appropriate cover)

5. Silent/Passive Walk-Thru

* No noise, non alerting activities only, nothing to alert the eavesdropper
* Automated bug and wireless microphone detection (9 kHz to 3 GHz)
* Initial VLF inspection of all AC, telecom, LAN, and HVAC wiring
* Initial detection of infrared devices and laser surveillance devices
* Video camera, tape recorder, VLF, and ultrasonic detection
* Overt threat detection
* Initial evaluation of physical security, locks, alarms, etc...
* Most PI, spy shop, and amateur bugs will be detected during this phase
* Very popular as it only takes 4 hours for a brief "Walk Though Inspection"
* TSCM services above this level starts radically increasing in cost

6. Passive Inspection - RF and Light Spectrum Monitoring

* No noise and non alerting activities only, nothing to alert the eavesdropper
* Music softly playing, "client on phone", drapes pulled
* Full passive RF spectrum sweep (20 Hz to above 110 GHz)
* Full passive light spectrum sweep (300nm to 1710nm / 83 THz to 450 THz)
* Most PI, spy shop, and advanced amateur bugs will be detected during this phase

7. Active Inspection - Non Alerting

* Minor Noise is created, however; it should not alert the eavesdropper
* VLF/RF check - AC mains (all electrical outlets)
* VLF/RF check - AC mains (all light switches/fixtures)
* VLF/RF check - HVAC controls
* VLF/RF check - Alarm and access control sensors
* VLF/RF check - Fire and safety sensors/alarms
* VLF/RF check - Other
* All phone lines evaluated and traced back to central office
* All artifacts documented, recorded, and inspected
* Oblique lighting inspection of all walls and artifacts
* Initial inspection of baseboards, windows frames, and door jambs
* Initial inspection of all wallplates (electrical, PBX, LAN)
* UV lighting sweep (below 400nm / 100THz)
* IR lighting sweep (above 700nm / 180THz)
* Visible spectrum light sweep (350nm to 750nm / 90THz to 195THz)
* Tuned forensic light source and filter sweep (250nm to 1750nm / 65THz to 455THz)
* Check for telephone set modifications/problems
* Check for PBX software and hardware anomalies
* Check for voice mail modifications/problems
* Inspection of all computer and LAN connections
* Inspection of all laser printers and computer output devices
* Law enforcement and professional bugs will be detected during this phase
* Typical threat level for most corporate offices

8. Active Scan - Alerting

* Chirp detection of hidden microphones and other transducers
* IR, audio, and ultrasonic jamming (as required)
* Render the eavesdropping device temporarily inoperative
* Inspection of all furnishings (desks, chairs, plants, etc)
* Open ceilings and walls (move ceiling tiles and panels)
* Thermal inspection
* HVAC and duct work inspection
* Acoustical leakage inspection
* Borescope inspection of all electrical wallplates and boxes
* Detailed inspection of all lighting fixtures
* Inventory of all conductors, conduits, wall studs, etc...
* Detailed electromagnetic energy search (above 110 GHz)
* Professional eavesdropping devices will be detected during this phase
* Typical threat level for a Fortune 500 corporate offices and law firms

9. Active Scan - Alerting/Evaluation

* Verify and TDR/FEXT/NEXT trace all conductors
* TDR trace - Telephone System Wiring
* TDR trace - Computer Network Wiring
* TDR trace - Cable Television and CCTV
* TDR trace - AC mains (all electrical wiring)
* TDR trace - AC mains (all light switches/fixtures)
* TDR trace - HVAC controls
* TDR trace - Alarm and access control sensors
* TDR trace - Fire and safety sensors/alarms
* TDR trace - Other
* PBX, ESS, and SN translation evaluated (as available)
* Voice mail system evaluation
* Xerox machine inspection
* Fax machine inspection
* Verify security of PBX, alarm, HVAC, audio systems
* Evaluate all artifacts (ie: furniture, books, computers, etc...)
* Wall, floor, and ceiling cavity inspections
* Intense physical inspection (every cubic centimeter)
* Diplomatic, law enforcement, and intelligence devices detected at this phase
* Typical threat level for attorneys, defense contractors, and aerospace firms

10. Special Inspection Activities (used only as needed)

* Non Linear Junction Detector (NLJD) inspection - active and passive
* X-ray, radiographic, and fluoroscope inspection
* Magnetic anomaly inspection

11. Preventive Actions (available only by special request)

* Seal and dust all cavities, wallplates, artifacts, etc...
* Install acoustic, ultrasonic, IR, and RF "cloak" as needed
* Install IPM alarms and associated security system
* Installation of encryption devices
* Installation of high security locks, doors, and hinges
* Installation of physical security devices
* Client education and training

12. Post Inspection Activities

* Verbal presentation of findings before leaving
* Presentation of hard copy report (if requested)
* Corrective actions
* Follow up actions
* Recurring TSCM services (if appropriate)

13. If an Eavesdropping Device or Activity is Detected

* Collection of documentation regarding device or activity
* Notification of Law Enforcement Agencies (if appropriate)
* Forensic Identification and Analysis of Device
* Counter-surveillance activities
* Counter-intelligence activities

General Parameters:

Bugged.com TSCM services always include at least the following (except for brief "Walk Though Inspections"):

* Analysis of all RF/electromagnetic emanations from 20 Hz to above 110 GHz
* Active and passive light spectra examined from 250 nm to 1750 nm
* Inspection of all outlets, switches, and lighting for VLF/RF devices
* Inspection of all PBX, LAN, and WAN connections and equipment
* All computers audited and checked for security anomalies
* Evaluation of all computers network facilities and associated cabling
* Inspection of all Xerox, fax, and other imaging equipment
* Inspection of all fiber optic connections and cabling
* All phone lines inspected and verified back to the central office
* Evaluation of all locks, safes, and physical security devices
* Most activities will overlap to provide complete coverage

* Click Here to Schedule a Bug Sweep *