Any Good Electronic Security Companies?

[longtimer]

I want to explore all possibilities for what is clearly a security leak in my company. Too much information is known by a competitor.

I know this may sound a bit high tech and unlikely here in CM, but I believe that my office may be bugged. I actually hope this is the case, because the alternative is that a trusted employee has sold out. And I like and trust all of my employees and can only hope that this is not the case. I have been here enough years to know that anything is possible but also have a fairly good awareness of people and their honesty level and I would be at least mildly surprised if one of our employees had sold out. Oh well life goes on.

So, anyone know of any company here that can check for electronic bugs or wire-tapping?

[peterjackson]

Hey

The one thing any 'bug' needs is power and most use batteries as their source and these need to be replaced at intervals and they are also very local in their pickup and even given todays technology, don't do well at discriminating background noise out. Secondly, they need to transmit the details to a 'receiving point' and that is usually somewhere within 1/8 of a mile of the unit, so they are very inefficient, unless you are in a high stakes business.

As most commercial bugs work on the FM frequency, you could simply play a CD in your office at night when no one is around and then go into an adjacent room and scan through the FM channels on a radio and see if it picks up the CD music from your office. If it does, you are being bugged. Moving the CD player/speakers around the office, will give you a rough location of the bug.

Most cases like this, turn out to me members of staff and those can be a little harder to detect, but by no means impossible.

Kind regards

Peter

[Maejo Man]

As most commercial bugs work on the FM frequency, you could simply play a CD in your office at night when no one is around and then go into an adjacent room and scan through the FM channels on a radio....................

Basically a good idea except that most commercial FM radios only extend their bandwith to around 110 Mhz and the bulk of commercial bugs operate anywhere from 100 to 200 Mhz. See below for common frequencies...

You would have to purchase an VHF/UHF FM scanner with a range of 100 to 400 Mhz which are available here, and would probably detect 90% of the bugs that may, or may not be planted.

Checking for phone tapping is a little more complicated, and involves checking the resistance of your phone lines. If you approached your phone company and asked them to check, they would tell you if there was any unauthorised device attached to your phone line.

44.500 - 51.000 MHz Baby and Room monitors (49.83, 49.845, 49.875, etc...)

72.100 - 75.400 MHz Hearing Assistance Systems

54.000 - 150.000 MHz Kit Bugs

78.000 - 115.000 MHz Cheap out-of-band FM Bugs

112.000 - 142.000 MHz Cheap out-of-band FM Bugs

140.000 - 160.000 MHz Cheap out-of-band FM Bugs

60.000 - 320.000 MHz Low Cost kit bugs

398.000 - 406.000 MHz DECO Bugs (398.600/605, 399.450/455, 399.025/030, 406 MHz)

25.000 - 450.000 MHz European/English Kit Bugs

150.000 - 216.000 MHz Typical VHF "Body Wire" & Pro-Grade Bugs

109.000 - 140.000 MHz Digital VHF Pro-Grade Bugs

138.000 - 174.000 MHz Typical "Spy Shop" & LE Cheap VHF Bugs (155-172 Popular)

140.000 - 150.000 MHz Popular Xandi Flea power kits (143/144 MHz)

150.000 - 170.000 MHz Popular Japanese Flea power kits (under 5mw)

[lamphun]

Are you sure it's eavesdropping ?

Most information theft these days is from computers. If you have a company computer with an open internet connection you may find its been hijacked.

[longtimer]

Thanks gents for the wealth of information.

My first suspicion was a security leak with the email, but most of the leaked info never appeared in an e-mail. However, to be safe, I have now twice changed the password to my private account from a computer outside of my office.

From the above info I would guess that most likely it is a staff problem or possibly a wire tap, though I will get the suggested scanner and see if I find anything.

Again, much thanks!

[earlofwindermere]

Changing your password is one thing but I need to agree that if you leave your computer connected to the net, it is easy for someone to hack in. I've seen it done personally. Any files or emails stored on the computer are accessible.

[Markymark]

Longtimer

I have investigated many cases of industrial espionage and only on one occasion ever heard of a bug actually being found. I have seen (very expensive) bug sweeps take place in offices, and remain dubious over some of the techniques I have witnessed by so called experts.

The majority of the time a leak is down to a member of staff who is misusing access to IT, telecoms, physical documents or even simple eavesdropping.

What I have seen more of recently is the use of keyloggers - software or hardware devices that store and transmit every keystroke you make. These are readily available and cheap.

There is a checklist of questions you need to run through before you start spending any money on technical solutions. Sometimes the answer is staring you in the face, very simple and non techinical.

I am not back in CM until 03 October, but PM me if you want to chat further.

Mark

[Choscura]

the thing that you want to check first is the land-based phone lines, if there are any of these. check in all places: check the wall jacks (in the wall- physically unscrew it and inspect it, it should just have a few wires soldered together, if you see black plastic, be suspicious), and then check inside the phones themselves (specifically in the recievers where the wires fit into the phones). then do the same with internet connections. bugs of these types don't need batteries, they are essentially static long-term bugs- they draw power from the phone lines themselves and use that same power to transmit their information (generally not far, check out any local short-range radio equipment in surrounding buildings if possible).

also, a side note, just because it's not transmitted by your email doesn't mean it's not transmitted by somebody else's. it's not difficult to automatically cc yourself (in a spam account!) all email that is sent out from all computers in your place of work.

other than that, I don't think a hardcore bug sweep is necessary since it's so difficult to get a worthwhile bug into place (unless you've done something such as move into a competitors former place of work, in which case they could have left the bugs behind when they moved out, or at the very least where they have an advantage getting in because they're familiar with the layout, etc). it's far more likely that something along the lines of employees fraternizing with members of the other company has taken place- whether out of malice or ineptitude.

[skippybangkok]

Sounds like employees sold out!