This is a post I never thought I’d make. I work with sensitive data and we suspect there may be someone bugging the office. I’ve been reading up on the different techniques and gagets people can use to send audio from hidden mics, there is no end to them. This isn’t government related, its more an internal office politics thing but the threat is real enough. We suspect a particular person in the office is spying on our operations for reasons unknown, possibly to report to a competitor.
I was wondering if there were any knowledgeble people in that area around who could recommend a particular scanning device which is good at detecting hidden transmitters. Knowing this person he probably is using an inexpensive device which is well hidden. I have examined the phones and I can’t find any evidence of physical tampering so we suspect a mic hidden in the ceiling or other difficult-to-search area.
If anyone has some advice on how to detect this kind of device I’d really appreciate it.
The same companies that sell bugs also sell bug detectors. I don’t know anything about particular companies, products, or brands, but try a Google search on bug detectors.
I do work with classified information, and my recommendation would be to hire a security consultant for a one-off visit. I’ve watched people do sweeps for listening devices, and it was clear to me that it is a task that requires more skill and technology than the movies tend to portray.
In theory, it’s possible to scan for transmitters with an analog radio (digital tuners are too precise for something like this). But what you have is possible industrial espionage. Hiring a security consultant gives you some ammunition for legal action, should that become necessary. A consultant can also make recommendations for keeping sensitive data more secure so this doesn’t happen again.
Hehe…I was waiting for that one! No, my hobby is limited to off work hours. And its not just me, we have a whole series of people thinking the same thing.
Unfortunately having a professional come in and do it is out of the question, mostly due to cost. I want to keep the price around $200-$300 so I was considering stuff like this:
You may want to see if anyone you trust is into amature radio to help you use it most effectively. You could probably do a decent job on your own, with a little experimentation. Try it out on your cellphone, RC Toy remotes, etc to see how it works and figure out how to determine the source of the transmission.
A friend into amature radio may already have something you can use.
If it’s an analogue transmitter, you could set up an audio signal generator (or just play a WAV file of a continuous tone), then listen on a radio scanner (with headphones, so you can’t hear the actual audio you’re injecting into the room) to see if you can pick up the same sound being broadcast.
But you could just look for the thing; battery-powered bugs (like you see in the movies) have a very limited life span; anything more permanent will be more bulky or must be hooked up to an external source of power - in the telephone - in the USB port (or maybe one of the other ports, such as PS/2 or parallel) at the back of a computer - in the overhead lighting - in a wall socket - in a light switch - inside a wall clock (where there’s room for bigger batteries) - inside a powered item of office machinery - printer, copier, scanner, shredder (although admittedly, it could be hard to find if if’s inside a photocopier).
I’m 99.9% sure its not a keylogger based on my complete examination of all the PC’s and servers in the room. Besides, the evidence all points to an audio bug. Uncanny knowledge of certain events that were only discussed in one room, that kind of thing.
There are phone taps, audio pickups, line taps, digital recorders and a whole host of other stuff that I probably don’t know anything about…If you feel your business is being compromised, then you NEED to pay for the specialist. Any other decision is irresponsible.
Let’s say you buy some quick-fix gadget and it comes up with ziltch. Can you now say that you are 100% bug-free? 50%? 25%? No. All you can say is that that one gadget didn’t find anything. And then if something else happens that can only be traced to espionage, then what will you do? Buy another gadget?
How much money can the company lose? How much is at risk? Losing a contract because your competitor knew your price bid is bad. Losing a client because of some privacy issue is worse. How much are you at risk here?
If you go with a specialist then you can say “While we cannot be 100% certain in this day and age, we have taken all reasonable and proper steps to ensure our companies security.” Which, if taken to court, saves your ass.
If you don’t feel capable of making that large of a decision, then maybe you need to escalate this to a manager who can. Find out prices and details of a few options, present them quickly, and let the higher ups make the decision for you. This sounds like it could bite you in the ass…do whatever you can to make sure that it bites someone else if the shit hits the fan.
“Well Mr. Director, bongmaster recommended that we try an analog spy-tester. Unfortunately our phone was tapped with a digital chip. We lost the contract for $1m.”
I’d hate to have to face your supervisor after something like that…Cover your ass, spend the proper money, sleep well at night.
Are you sure they aren’t using some accoustic property of the room eg ‘when I stand on my desk and put my ear to the sprinkler pipe, I can hear everything they say next door’. Could they be using a stethoscope, directional microphone, etc to listen in from next door? Who and what occupies the rooms on the six sides of your office?
There can be simple ways of camoflouging (ugh, I know that’s not how it’s spelled) something temporarily. A small voice activated solid state recorder is commonly sold as credit card sized, or clicky-pen sized. Look for a random object that may just be sitting around, such as a three-ring binder, paperback dictionary, office toy or squishy stress ball, that could conceal a voice-activated recorder.
Honestly, if it’s a temporarily placed passive device (i.e. not broadcasting to another device somewhere else) you have a zero chance of detecting it without dismantling the place into rubble. Luck is all you have.
Given that, if you are certain that there is still a listening device, start thinking about active mis-information, or specific false information that you can track or entrap someone with to discover the source of the leak.
It is also an opportunity to justify the addition of a jumpsuited english femme fatale counter agent to your quarterly budget, for “office support” tasks.
A naked adult should be quite easy to spot, especially if he’s waving.
Have you considered setting a trap; invent some tempting fiction that would cause the eavesdropper to blow his cover? (like, I dunno, conspiratorially mentioning that you keep a stash of emergency money hidden in some obscure location, but actually hide a canister of indelible dye there - the kind of canister that can’t be easily opened without spilling the contents everywhere, including the person opening it. Obviously the location needs to be suitably obscure to prevent the likelihood of accidental discovery)
We pretty much ruled out a human being as the spy since the room is enclosed in glass…it would be very hard to spy like that. And its not really about losing a big contract to competitors, more of someone in the office trying to get an unfair advantage by spying on the technology staff. We’re going through some big changes, this person is new, and a bunch of individuals all are thinking the same thing about this guy based both on his personality and several uncanny “conicidences” which none of us believe happened by pure chance.
We’ve already asked a person in senior management about it and she’s on the fence about what to do. The point was made that even if we buy a $200 bug sweeper we can’t say for sure that the room is secure. This is true…but what if it did find a bug? I’m pretty sure I could trace it back to him by either catching him in the act or something similar.
Could they be listening at the vents for the central air system maybe though? I think you ought to bring in an expert, just so you can be absolutely certain. As other posters have pointed out, if you are being spied on, not only is the information lost, but money has been mis-spent if you buy a device that can’t detect the bug.
Why don’t you try a deliberate misinformation campaign - discuss a different piece of really juicy and irrestible info that will cause whomever is at the other end to reveal themselves inadvertently?
I think you ought to bring in an expert, just so you can be absolutely certain. As other posters have pointed out, if you are being spied on, not only is the information lost, but money has been mis-spent if you buy a device that can’t detect the bug.