Do You Suspect You’ve Been “Bugged”? TSCM is What You Need

Physical listening devices and software “bugs” are easily deployed and difficult to detect. If you are involved in a contentious situation where proprietary or confidential information has a high financial value, you could be “bugged.”

Our Technical Security Counter Measures (TSCM) experts will use the most advanced technology to determine if you have a physical or digital listening device or “bug”. Then we’ll deal with it.

  • CEO offices and boardrooms are high-risk targets
  • High-profile divorce cases can have a risk of deployed physical listening devices
  • Physical listening devices are difficult to detect without experts who utilize advanced detection technology
  • Software based “bugs” can compromise phones, computers, and tablets

Somehow my soon to be ex-husband knew confidential information that I had only discussed with my attorney. I suspected that he had planted some sort of listening device in my home. I called McCann…

Jane D. – McCann Client

My competitors had confidential information about my company that was only discussed with very few people. I called McCann Investigations and they came right away. They were very professional…

Carlos D. – McCann Client

McCann is Unique, We Offer Cyber and Physical TSCM


Most companies do physical TSCM only. Most ‘bug sweep companies” are basically ex-federal officers and not exposed to digital Technical surveillance counter-measures.

Covert technical surveillance has been used ever since technology allowed this kind of operations, as one of the most effective ways to gather sensitive information from unsuspecting targets. With technological development, as cost dropped and efficiency increased, there is a growing trend of unauthorized surveillance of industrial and individual targets.

wall-bug-sweepTechnical surveillance counter measures emerged as a natural consequence. Well equipped and trained professional service providers are now able to detect and locate most planted physical bugs: microphone or video camera recorders or transmitters, phone taps, GPS trackers and other hardware interception devices.

Bug detection techniques are based on finding infrastructure irregularities using various analyzers and detectors: Time Domain Reflectometer, Non-linear Junction Detector, Spectrum Analyzer, Oscilloscope, etc. This type of detection services is now considered the classic TSCM approach.

A bug can be digital or physical. i.e. these listening devices can be physical or in the form of software within the mobile.

Over the last decade and more acutely in the past few years, the focus shifted from conventional hardware bugs to cyber bugs. These are software programs that target IT equipment and use its capabilities to secretly intercept and transmit information. Cyber bugs are very effective as they can either retrieve information as classic bugs do (content and activity of a device) or simply turn the whole device into a spying tool, by using its microphone, camera, GPS, etc. If we count the fact that mobile devices are always on the move with their owners, cyber bugs become even more frightening.

In other words, cyber bugs do not have a hardware body but can do the work of a hardware bug and much more. Not being an actual device to pinpoint, cyber bugs are often difficult to identify and locate. This can be accomplished only by detecting anomalies associated with digital media, GSM, Wi-Fi, Bluetooth or local networks.

These mediums, along with the actual devices can be scanned in order to identify potential pathways for cyber bugs. A Cyber TSCM service provider works closely with the IT Security department to eliminate cyber threat by:

  • network mapping and monitoring to assess possible threats
  • determine anomalies in cellular and Wi-Fi signals
  • analysing network hardware like individual networked computers, wireless access points, switches, routers, power sources or cables
  • monitor traffic and information flow using specific test programs

Why is it advantageous to have one company doing both physical and digital TSCM

The physical and digital realms are more than obviously interconnected. Each entry point represents a vulnerability from one side to the other. IT devices like computers, tablets, mobile phones have both physical and digital components and huge surveillance capabilities (with microphones, camera, transmitters, GPS, etc).

For example, the growing “bring your own device to work trend (BYOD) trend allows the use of unregulated personal devices that could pose a Cyber security threat to the entire network of a company.

A comprehensive TSCM survey should take into account both physical and digital infrastructures and demonstrate a holistic view when assessing potential threats.

A company that develops its conventional TSCM services to integrate the legitimate need for cyber security shows determination to deliver high-end services and keep competitive advantage.

TSCM Inspections

car-bug-sweepIf your business believes it has fallen prey to malicious electronic attacks or feels that it could use an upgrade in electronic security, McCann Investigations is available to provide full technical surveillance counter measure (TSCM) inspections at your location. Without the proper security in place, your company could fall victim to a “Bug” and experience the loss of a great deal of sensitive information resulting from a breach. Our security specialists have many years of combined experience and engage in numerous security processes to ensure both the physical and cyber privacy of your organization.

To safeguard these key-areas of your business, a team of TSCM specialists[1] may use various methods of inspection:

Communications System Analysais – to identify surveillance methods used to extract information from telephones (analog, digital, and or VoIP) , wifi, routers, and old time faxes..

Thermal Emission Spectrum Analysis – to detect heat signatures from hidden electronic circuits

Spectrum Analysis – to detect surveillance devices that transmit information via radio waves

Vehicles/Airplanes- to detect the presence of GPS tracking devices and audio/video recording devices

Mobile Devices – to detect the presence of spyware designed to transmit text messages, emails, web content, and listen in on phone conversations.

Desktop/Laptops/Servers- to detect the presence of spyware/malware designed to transmit keystrokes, emails, document content and web history.

Equipment Used for Physical & Cyber TSCM Inspections

When you hire McCann Investigations to perform technical surveillance counter measure (TSCM) investigations at your business or organization, you will see us use a wide variety of high-tech equipment.

A quick overview of some of the equipment that we regularly use while performing inspections follows:

Physical TSCM Inspection Tools

Spectrum Analyzer

A Spectrum Analyzer is a tool that demodulates frequency transmissions allowing for us to identify any transmissions that are out of the norm in a given area. The equipment that we use is capable of detecting devices that carry any type of transmission, and uncover sophisticated techniques such as video surveillance, frequency hopping and spread spectrum.

Non-Linear Junction Detector

This device is essentially a microwave receive and transmitter that is designed to detect various types of diodes, transistors and other semiconductor devices that are typically found in tape recorders, transmitters, microphones and other eavesdropping equipment. This specific detector is the only tool that successfully detects every type of radio transmitter, regardless of frequency, even if the radio battery is inactive.

This tool is absolutely essential to every bug sweep and physical TSCM investigation. These junction detectors, along with our broadband receivers, are able to uncover every major type of surveillance device you are likely to come across, whether they’re planted in a room, a telephone or on someone’s person.

Thermal & Infrared Imaging Equipment

Thermal imagers are used to detect areas with suspicious hot spots that could indicate anomalies that are usually caused by active electronic devices. These devices could turn out to be eavesdropping equipment generating heat in a pocket, a jacket, inside a wall or desk or anywhere else in a room.

Infrared imagers give investigators the ability to analyze infrared blooming that is another feature commonly indicative of optical eavesdropping equipment used to record live feed of the surveillance area. The infrared imager identifies spectrums of light not seen by the human eye but produced by these pieces of equipment to uncover their presence.

Countermeasure amplifiers are used to detect surveillance devices that are attached to wiring, such as LAN and server systems, telephones, AC power and more.

Other Physical Inspection Tools

Other miscellaneous tools are very important in helping us identify and locate any eavesdropping devices in a given area. These tools include:

  • Stethoscopes
  • Audio probes, amplifiers and preamps
  • Physical and electronic probes
  • Directional and forensic lighting
  • Handheld inspection mirrors
  • Bore scopes

It’s absolutely crucial for the health of your business that you stay proactive about your electronic security. Contact us today at McCann Investigations for more information about our TSCM inspection services to get started in creating your own security plan.

Cyber TSCM Inspection Tools

Nessus Scanner Manager (Network Forensics and Analysis)

Nessus is the most widely deployed vulnerability scanner in the world. Nessus is trusted by more than 20,000 organizations and hundreds of thousands of users because it runs in any environment, supports more technologies than any other vendor and scales from home use to the world’s largest organizations. Not only does Nessus discover the most subtle of vulnerabilities, but it can also identify the presence of malware. For WiFi assessments, we compliment the Nessus scanner with a Spectrum Analyzer scan.

Cellebrite UFED 4PC

Cellebrite UFED 4PC performs physical, logical, file system and password extraction of all data, including hidden and deleted, from the widest range of mobile devices, GPS devices, tablets, memory cards and phones manufactured with Chinese chipsets.

Oxygen (Mobile Forensics)

Oxygen is a time-proven, comprehensive forensic acquisition system.  Oxygen acquires data from 9200+ devices (Android, BB, iOS, WP, etc.) and imports device backups & images (iTunes, Android, JTAG and more).  Once the device has been acquired, Oxygen parses data from 500+ most popular apps and extracts passwords. It recovers a wide range of deleted data. Offers data analytics (Aggregated Contacts, Social Graph, Timeline), then exports data to popular file formats, like PDF, RTF, XLS, XML, etc.