Walsingham Associate Inc logo - TSCM bug sweeps
Go to Walsingham homepage Email Walsingham Associate Inc
Home | About Us | The Risks | Our Procedures | Contact Us

Serving the San Francisco Bay Area, Silicon Valley, Northern California and the Western United States

  What's a "bug"?
Phone taps
Found a bug?
Where to look
Home inspections
Off-site meetings
Who's Walsingham?



You should only contact us from a telephone outside of the potentially compromised location! DO NOT call from your office or home; use your cell telephone only from a discreet location.



It looks like we found something! What do we do next? Letís go through the proper procedure step by step. First, donít say or do anything to alert the eavesdropper that we may be on to his operation. Never, never, assume that there is only one device, a "silent search" must continue. After it has been determined that all devices have been located, a decision must be made by the client. We suggest one of three choices:

1. Leave the device(s) in place and feed it false information.

2. Disable the device(s) in an attempt to lure the eavesdropper to return to repair it.

3. Remove it.

If client decides to call a law enforcement officer, the device must not be disturbed and the area must be secured as a "crime scene" until law enforcement officers and/or telephone company security personnel arrive to take over the scene and initiate their investigation.

Before anything happens, the devices and surrounding area must be searched and photographed by the Technical Surveillance Countermeasure (TSCM) team. The possibility of the device being "booby trapped" cannot be dismissed lightly. Intelligence agencies and some professional eavesdroppers have been known to use plastic explosives to destroy the device as it is removed so it cannot be analyzed.

If the device was powered by 110 volts, it must be assumed that all conversation which took place in the target area, since the last TSCM search, has been compromised. The same assumption must be made if the device was powered by a battery.

If the device is a battery operated live transmitter, a fairly accurate estimate can be made as to how long the device has been operating and how long it will continue.

The client must be interviewed to ascertain the following: What has happened or what is about to happen in the area where the device was found. Who has had access to the area. Consider where the device was placed and how long it would take to make the installation. What is the level of building security and who would have a motive. Could an "insider" have knowingly or unknowingly made the installation.

The sophistication of the device(s) may give us a lead to the proficiency of the eavesdropper.

A sloppy homemade or Radio Shack device would indicate an amateur. A well made,
mass-produced commercial device could indicate a semi-professional or a government installation. An exotic, expensive, or custom made unit tells us that we are dealing with a cunning professional eavesdropper.

Next we should consider the probable range of the device, the frequency, power output, and location in the room. With all this information, we still face a most difficult task in an attempt to locate the listening post, plus a next to impossible task of learning the identity of the eavesdropper and his client.

Copyright 2006 [Walsingham Associate Inc.] All rights reserved
We are licensed California Private Investigators: #11308 #11618 #24774