Deep Plant Attacks

by

 

Contrary to what the vast majority of ‘experts’ on the internet may say….the truth of professional technical surveillance attacks are not a ‘bug’ hidden somwhere in a room. These would be what we would class as ‘Quick Plant’ attacks.  Quick plant attacks are very rarely used by attackers as they’re very easy to find. Probably the reason why internet ‘experts’ discuss them so much. Because they are the only bracket of attack they have any real chance of finding.

The truth of the matter is that most professional attackers use professional methods of attack. Commonly these attacks are built into the fabric of the building and contain multiple components, or concealment’s, that protect the attack from being found.

Take the instance in the photo. This was a deep plant attack in which the only part of the attack in the room was the microphone, which had been secured to the block work behind the plasterboard. The wire for the microphone then passed through the block work and up to the transmitter which was concealed in the roof space.

So…how many sweep teams would have found this attack?  Not many. Most of the people offering TSCM or Bug Sweeps would miss this, guaranteed. No RF signature in the room, no non-linear junction to detect, and absolutely no little black box to find during a physical search.

Most TSCM and Bug Sweep teams in the UK and overseas have no formal training in technical surveillance or countermeasures. Most also focus their methods of detection on ill perceived and out of date threats and methods of attack.

What does this mean for somebody procuring the services of a technical surveillance countermeasures or bug sweeping expert to assist them? Well it means they have an extremely high likelihood of hiring someone that will make their security situation worse, by declaring an area ‘secure’ when in fact the service they procured was never fit for purpose in the first place.

Verrimus recognise the fact that it is extremely difficult for someone to procure a service fit for purpose without a degree of background knowledge in the reality of threat and countermeasure. So, we have devised a number of solutions to enable a service user to procure TSCM or Bug Sweep services properly, or quality assure work you’ve had carried out in the past.

Contact sarah@verrimus.com for more information.