January 23, 2023

What should I consider if I want to do a bug sweep?

Featured image for “What should I consider if I want to do a bug sweep?”

Here are some things to consider if you believe that the audio or video integrity of your space may be compromised, and you would like to conduct a technical surveillance countermeasures (TSCM) survey also known as a “bug sweep” to search for the covert recording devices:

What exactly are you concerned about?

Bug sweeps can be time consuming and costly. To scope the project and make the exercise effective and efficient it is helpful to be precise about:

  • What information are you trying to protect or believe is compromised (Conversations, Meetings, Movements – are you being tracked, Negotiations, or Documents)?
  • Has there been any indication, suspicion, or evidence of information leakage?
  • Are there specific areas where sensitive information is created, discussed, transmitted, stored or otherwise available (boardroom, office, home office, car, plane)?
  • Who has access to the sensitive or compromised area and how is that access managed?
  • Who do you believe might be interested in the sensitive information and do they have the method and means (money or technical background) to plant a malicious recording device.

Can you arrange for the sweep confidentially?

It is advised that you not use suspected potentially compromised computers or phones to plan for the sweep. It is also advised, if possible, not discuss the sweep in areas that you feel may be compromised or with people that have access to the places to be swept in advance of the sweep.

When would you like to conduct the sweep?

Sweeps do require some time however they can be done at any hour of the day. If you would like a sweep to be done covertly, arrange a window of time where the area being swept is unoccupied by either staff, visitors, cleaners, or other guests such as afterhours or on weekends. We can discuss how much time is needed so you can plan accordingly.

Who are you going to tell and what you are going to tell them?

Sweeps do require access to the space; therefore, someone will need to be available to let the team in to conduct the sweep. Note, sweeps can be supervised and / or conducted when knowing or unknowing individuals are in the space. We can discuss a cover story for the sweep to obscure the true nature of the TSCM activity.

How will you secure the space after the sweep?

Sweeps are a snapshot in time assessment of the integrity of the space. If the rooms or area is publicly accessible after the sweep it could be compromised. To maintain the integrity and effectiveness of the sweep, we can discuss ways to harden the security of the space as well as enhanced vetting of individuals accessing the secure, private, or sensitive areas. 

When should I do the sweep if I am doing it for an event?

  • Before an event: A sweep is a snapshot in time assessment. The integrity of the space needs to be maintained after the sweep. So, if it is an event, it should be as close to the event as possible and the room or area swept should either be closed or guarded following the sweep to make sure that nobody has access
  • During an event. If the intention is to monitor an event such as a board meeting then the sweep team will need access to the room in advance of the meeting as well as throughout to develop a baseline for the space and then monitor how that changes in the course of the event.
  • After an event. There may be situations where something happens that triggers the suspicion that an event was recorded covertly. It is possible to go into the space to review if anything was left behind. Although if the room was publicly accessible between the time of the event and the sweep the malicious device may have been removed rendering the sweep inconclusive.

Click here for information on the cost of a sweep.

Click here to find out what a bug sweep involves / includes

Contact us to discuss your security requirements and to scope a TSCM Survey / bug sweep.