How informed are you on the risks of corporate espionage? Every board and executive team exchanges private and highly sensitive information that – if stolen, leaked or compromised in other ways – could result in costly, operationally distracting or financially catastrophic business impacts. Not all, however, adequately protect it. “We know our security at headquarters is solid,” said the insurer’s Chief Security Officer. “Physical security. Access control. Mailroom processes. You name it. But none of these capabilities address the risks of illegal wiretapping, audio surveillance and electronic eavesdropping.” Turning to Hillard Heintze, its strategic security advisor, the insurer asked for a technical surveillance counter measures (TSCM) sweep of the executive suite and boardroom at its headquarters.
Illegal Wiretapping is One Facet of Corporate Espionage
Hillard Heintze TSCM sweeps are designed to detect the presence of audio surveillance devices and identify security weaknesses that could allow a technical penetration or eavesdropping. Our assessors used laboratory-grade technical equipment to assist in the discovery of powered devices, locate transmitters and identify resident RF signals to determine if sensitive information had been compromised. The team also examined the suites’ walls, floors, ceilings and vents. Then it tested the phone systems for wiretaps, bridge taps, series taps and tape recorder starters and conducted analysis of tone generation signals in both directions. Wiretapping, Drop Ceilings, and Unused Phone Ports Are Just a Few of the Risks While the sweep uncovered no active compromise or component, it did identify three critical vulnerabilities: (1) two unused phone ports that would allow an unauthorized device to transmit audio over a phone line via a jumper connection, (2) a wireless microphone system transmitting in the 490.000 GHz RF range whose transmission, we confirmed, could be monitored in the adjacent hallway, and (3) a nest of wires above the audio-visual system that could permit the placement of a device capable of recording internally or transmitting audio signals outside the building.
Unplugged: The Project Manager’s Perspective
“The thought of an electronic eavesdropping device syphoning away corporate secrets doesn’t keep a lot of senior executives awake at night. I see three reasons for this. First, the threat can be technically quite sophisticated – as is the solution. Second, there’s virtually no industry feedback loop on this: when companies suffer a loss event, nobody calls the media, competitors or shareholders. Third, it’s not the board’s job or the senior management team’s; it’s the CSO’s. So, does electronic eavesdropping keep CSOs awake at night? I doubt it. Not as much as it should. A TSCM sweep doesn’t take long. And it’s not expensive. I think of it as an ounce of prevention, protecting against millions in potential losses.”
The ACTION WEDNESDAY Tool Box: Two Key Take-Aways
- Don’t Assume Your Board and Executive Suite Are Completely Secure Locations: Almost every TSCM sweep that we undertake reveals vulnerabilities that can be exploited surreptitiously. Find out what these are – and implement countermeasures in a prudent and cost-effective manner. 2. Recognize that While a Physical Perimeter Conveys a Sense of Safety, Wireless and Electronic Eavesdropping Represent Far Greater Risks. The threat – illegal wiretapping, corporate espionage, audio surveillance, electronic eavesdropping – is unseen and rarely well addressed by corporate security teams.
- Recognize that While a Physical Perimeter Conveys a Sense of Safety, Wireless and Electronic Eavesdropping Represent Far Greater Risks. The threat – illegal wiretapping, corporate espionage, audio surveillance, electronic eavesdropping – is unseen and rarely well addressed by corporate security teams.
(What’s it like on the front line supporting the firm’s clients? What are the challenges the firm’s experts help senior business executives, general counsel, board members and other decision-makers address?)