Services
Sweep Methodology and Practical
Application
  Any discussion dealing with methodology and practical application of that
methodology in the field of technical surveillance countermeasures necessarily
involves a discussion of the industry itself. It is doubtful that any information
presented regarding this subject would receive a consensus of agreement by
individuals in the industry. This industry is relatively new and in a state of
developing infancy. Established standards, or commonly accepted principles of
application are as yet virtually nonexistent in this continually changing
technology. TSCM methodology and practical application of that methodology
and other recommended procedures, protocol or equipment would therefore be
subjective, and without any actual frame of reference to published standards or
accepted principles or applications. This information would necessarily have to
be viewed within this context.

  Probably the most important aspect of effectively conducting TSCM work,  is
knowledge acquired from the academic arena coupled with a practical
application of workable and realistic methodologies derived from actual field
experience. The industry is rife with pseudo-intellectuals and supposed
electronic experts who have never actually performed even the most basic TSCM
procedures much less undertaken the complexities involved in a complete
professional sweep.

The information presented here is believed to be the most generally accepted
methods and application of the methodologies involved in the TSCM industry,
however is not intended to be a complete or exhaustive treatise on the subject.
This information is intended as a reference guide provided from information
obtained by companies who are actually in the TSCM industry.
Contrary to popular belief, surreptitious transmitters are not the greatest threat, telephone line compromises
are 23 times more likely. Other significant areas include acoustic leakage and hard wired devices used to
intercept information.

=================================================================================
One of the most difficult areas in TSCM sweeps, especially for the new technician is telephone line
evaluation for surreptitious devices places on the lines. In addition to knowledge of RF transmitters, camera
systems and the host of other surveillance equipment used by the eavesdropper, the phone system poses the
greatest challenge. Devices range from inductive line pickups to direct hardwire bridge taps to RF devices
placed in parallel and series. The invaluable test instruments for the technician are primarily the time
domain reflectometer (TDR), telephone line analyzer (TLA), linemans test set (butt set), tone and inductive
probe and the carrier current detector. Additionally a digital and analog volt ohm meter and a worthy
selection of attaching cables and adapters are needed. In todays world many of the devices used to monitor
telephone lines are sophisticated and require sophisticated equipment to detect and locate them. The days of
locating a bug by testing a phone line for voltage variations and resistance measurements are long gone.

The technician of today must be a competent phone technician, and completes a variety of tests, carefully
recording the results of each onto a diagnostic form. Those results are then evaluated to determine if a line
compromise appears to be present. The task of locating the device now presents another problem. Line noise,
line balance and capacitance are common areas of testing in todays environment. Sophisticated test
instruments like the tripletts and time domain reflectometers require many hours of training and practice to
be able to make educated decisions in evaluating the test results, waveform analysis and overall telephone
line environment. The novice technician looks for large needle deflections and substantial waveform patterns
expecting the surreptitious device to be clearly and easily detectable. In reality the higher end devices are in
many cases extremely difficult to detect and sometimes just a very slight variation from normal indicates the
presence of such a device. In these areas there is no substitute for training and experience. Without training
and experience every waveform on the TDR presents a question and the triplett readings for line noise and
balance and so forth are meaningless, and merely represent an abundance of useless information.

The best advice for the technician desiring to become proficient in locating potential telephone line
compromises is to study, train, and study and train some more, hopefully with an experienced teacher or
mentor. Attach test devices and then learn the differential in test results that indicate their presence. Learn
complete telephone line basics from load coils to handsets. Learn and become familiar with the standard
readings in a given area, basically whats normal and expected, to whats not normal and not expected. When
you can have an in depth discussion with a senior telephone installer repairman and understand everything
discussed, you are on your way to becoming proficient. You should know substantially more than a senior
telephone installer repairmen, and should not just understand the how but the why of the telephone
environment. A respected TSCM technician who is an expert in the telephone environment, once said that a
basic understanding and ability to find surreptitious devices takes a technician a minimum of 6 months of
intensive training and practice. Not a small investment!