How to behave if you suspect that you have been bookmarked.

How to behave if you suspect that you have been bookmarked.

James M. Atkinson, Granite Island Group

How to behave if you suspect that you have been bookmarked

Keep calm

• Contact an ASAP TSCM Specialist
• Use email to communicate, but be discreet
• You can use the phone, but call from a phone remote from your office/home
• Make an initial meeting at a remote hotel or restaurant
• Schedule an ASAP vulnerability analysis or risk assessment
• Consider a full TSCM survey/cleanup

• Be very careful
• Don't try to find the bug or wire connection yourself
• Don't ask the phone company to help you (they will laugh at you0
• Don't ask the FBI/Presidential Security Service to help you (they will ignore you)
• Don't try to get help from the local police (they won't be able to)
• Don't use your office phone to initiate contact
• Do not use your cell phone to initiate contact or to discuss the matter
• Do not discuss the matter in your office, in your car or at home
• Do not hire a private detective to find the stash (they may have planted the stash for you)
• Do not buy stash detectors from a spy shop (they are useless and expensive)

The following special precautions should be taken before contacting anyone conducting TSCM: If you are the target of a bugging, special steps should be taken to avoid alerting the bugging party in any way that you are seeking professional assistance to uncover their activities.

If such parties learn that a TSCM sweep by a special team is imminent, they will quickly remove their bugging devices and reinstall them once the sweep is complete (and no bugs are found).

Many TSCM sweeps have been compromised or ruined by clients who have called TSCM specialists with suspected planted targets.

Remember that there are only six legitimate TSCM counterintelligence firms in the US (there are twelve worldwide), so be persistent when trying to find one to get the help you need.

Beware of the «Two-Week Wunderkind» Many private investigator schools certify students to conduct TSCM purges after only one to two weeks of classroom training. The typical student has little or no technical background and rarely any intelligence background or training.

All legitimate TSCM specialists have a strong background in either electronics or government intelligence work (and often both).

A legitimate TSCM specialist has at least 500 hours of specialized training in conducting TSCM inspections at the highest technical level.

Private investigators are rarely qualified to perform cache clearing. Their training, knowledge base, experience, and equipment are designed to PLACE caches, NOT to remove them.

Be suspicious of any TSCM professional who is overly pushy, overly enthusiastic, or who plays the cloak and dagger game with you.

For every legitimate TSCM specialist, there are 50 master scammers, 25 outright liars, and 25 clumsy idiots who will also try to encroach on your business. Many of these people are confirmed criminals (usually felons) who sell and/or install eavesdropping equipment.

Be sure to ask the TSCM specialist “what else they do” as many firms perform TSCM as an additional service and do not specialize in it. Do they list TSCM as something they “also do” rather than one of their core services? Many private investigators fall into this category and list TSCM and the bug sweeping service at the bottom of their list of services (below polygraph testing, executive protection, or technical security).

Action Summary

When you suspect that you may be the victim of covert eavesdropping:

Watch what you say at home or work (remain calm and never discuss your concerns in or around any suspect)

If you need to discuss the matter with someone don’tdo this in your office, your car, or your home.

Call from a pay phone at a hotel or airport, but never from any phone on the suspect premises.

The personal home phones of senior managers are popular and valuable targets for eavesdropping, so do not call from home.

Never call from any type of cordless phone, PCS phone or any type of wireless device. Also do not trust any type of spread spectrum phone or fax machine as they are heavily monitored.

Never call the TSCM firm from any phone located near your office or your home. Instead, call from a random toll phone to make the initial contact.

Contact the TSCM specialist via email, but only to schedule a phone consultation (during which you call from a toll phone).

Schedule a vulnerability analysis or ASAP threat assessment.

Hire someone who specializes in counterintelligence to do the TSCM check, making sure that person is an expert in computers, telecommunications, and electronics.