What to do once we found the bug?
“It looks like we found something!” “What do we do next?” Let’s go through the proper procedure step by step. First, don’t say or do anything to alert the eavesdropper that we may be on to his operation. Never, assume that there is only one device? The “silent search” must continue. After it has been determined that all devices have been located, a decision must be made by the client. We suggest three choices:
- Leave the device in place and feed it false information.
- Disable the device in an attempt to lure the eavesdropper to return to repair it.
- Remove it.
If the client decides to call in law enforcement, the device cannot be disturbed and the area must be continuously secured as a “crime scene” until law enforcement and/or telephone company security arrives to take over the scene and initiate their investigation.
Before anything happens, the devices and the surrounding area must be searched and photographed by the TSCM (Technical Surveillance Countermeasure) team. The possibility of the device being “booby trapped” cannot be dismissed lightly. Intelligence agencies and some professional eavesdroppers have been known to use plastic explosives to destroy the device as it is removed so it cannot be analyzed.
If the device is powered by 110 volts, it must be assumed that all conversation taking place in the target area since the last TSCM search has been compromised. If the device was powered by a battery and it is dead, the same assumption must be made.
If the device is a battery-operated-live-transmitter, a fairly accurate estimate can be made as to how long the device has been operating and how long it will continue to operate.
The client must be interviewed concerning: What has happened or what is about to happen in the area where the device was found? Who has had access to the area? Consider where the device was placed and how long it would take to make the installation. What is the level of building security and who would have a motive? Could an “insider” have knowingly or unknowingly made the installation?
The sophistication of a device/s may give an indication as to the proficiency of the eavesdropper. A sloppy homemade Radio Shack device would indicate an amateur. A well-made, mass produced commercial device could indicate a semi-professional or a government installation. An exotic, expensive or custom-made unit indicates that we are dealing with a cunning professional eavesdropper.
We should next consider the probable range of the device, the frequency, power output and location in the room. With all this information we still face a most difficult task in an attempt to locate the listening post, plus a difficult task of learning the identity of the eavesdropper and his client.
We are licensed California Private Investigators: #PI10194