Tip

How to plant a listening device

Part two of our Les Goldsmith interview reveals how to plant a listening device if you feel like conducting a little industrial espionage.

YESTERDAY: In part one of Patrick Gray's interview with Les Goldsmith, we learned that it is possible to import sophisticated listening devices and other spy equipment to Australia with little or no government oversight.

We pick up the interview with Patrick asking just who uses this kit.

Patrick Gray (PG): I believe in the US it is private investigators that are a bit on the shonky side engaged in this sort of stuff. But who is it doing it in Australia?

Les Goldsmith (LG): You are absolutely right. In the US... the media highlights the private investigators being the major offenders. In Australia... they are probably more likely to have someone closer to home to install it or to find someone they can pay who is not going to talk.

PG: Between the availability of the equipment online and the simplicity of having the device put in there you don't really need an intermediary or an expert do you?

LG: No. The other option is simply to make an appointment with the individual that you want to see or that you want to listen to within the office, find a way to get into their office whether it be an appointment or otherwise, wander in there, sit down with them and ask for a drink. When you ask for the drink, spill the drink and they are likely to get up and get someone else to clean the drink up or get you a towel. Then you have an opportunity to plant a device.

It is really not that difficult to get a device in. It depends on how sophisticated the device is and how well you want to conceal it. An example might be if you want to put a device into a table then you might want a fair amount of time because you might want to take a leg off and bore it out a bit and put the device in. Or you might want to drill a hole in top of a door and insert the device into there then recap the door. There are a number of different ways of concealing the devices but it is just the matter of how much time you have to do it.

PG: Thanks for the tip!

LG: Not a problem.

PG: You can actually have a bit of fun with people who have put bugs in by moving them to another room, can't you?

LG: Yes. One of the advantages we have is that if we passively detect the device we can move it to another location. So in some instances we will create a secure room, put a couple of lounges in there and a little coffee table so you can have a drink in there. The room will be marked as the bugged room so the company executives can provide misinformation to a competitor or to another government by wandering in there and discussing all sorts of false information they wish to mislead someone with.

PG: So Les can you think of any funny examples of where people have sent some particularly misleading down the wires?

LG: Certainly. An example would be when we have had a foreign country being visited by a representative from another country and we've had an embassy where we've used that embassy to stage the arrival time and location of the individual. The individual had already been on the ground for a day however a number of individuals had gone to the airport waiting for this person to arrive and of course they were already here so it was pretty pointless.

PG: I can imagine it would have been, and it would have also enabled various authorities to identify who they were and perhaps keep and eye on them.

LG: That is the one advantage we have. With counter intelligence if you can gather the information on who is monitoring you or what method they are using to monitor you then counter intelligence is all about providing misinformation and blocking relevant information.

PG: I would imagine with most bugs you would need someone within the local range sitting in a van with a tape recorder. Is that right?

LG: No. There are a number of ways of doing it. The more common way at the moment is to use UHF transmitters, particularly burst transmitters, where you are actually recording information, holding it in memory and then bursting it out in a number of milliseconds. That makes it extremely difficult for handheld bug detecting type people to locate the devices.

With that sort of device they might go ahead and put that in and it might then store an amount of data, transmit that data and all you would need to do is have a receiver near by that is voice activated so you don't have to sit there and monitor it, you can come back each week and obtain the data from it. Alternatively you can actually send it over IP so you could actually transmit it to another location with a receiver and have that receiver then put it onto the IP and send it across the 'net. You wouldn't actually need to be nearby.

The other alternative which we are getting a few of is using GSM. You actually have a microphone for example rigged within a building and a silenced GSM mobile phone attached to it. What you would do is dial into that mobile phone to obtain audio so you would be obtaining audio from anywhere in the world with GSM that you could listen to wherever you like.

PG: Just got to ask. With something like a UHF burst transmitter, how would you go about detecting something like that? It would be very hard.

LG: It is traditionally. That is the one advantage we have is that with the equipment we use -- our equipment is mostly US manufactured. A burst transmitter is essentially something that is transmitting on intervals and if you can monitor those intervals and record what we call the RF mapping survey, you can detect where your signal strength is strongest and we can isolate the area within a building or within a room that the transmitter is. It takes awhile but eventually gets to the point where you are cornering the transmitter.

PG: Now in addition to bugging what are some other common intelligence gathering techniques that are used on corporate Australia and government departments illegally?

LG: One of the other more common ones would be the use laser microphones. You are actually bouncing a laser off glass gathering vibration from the glass and obtaining audio back from it.

PG: So get heavy curtains?

LG: Curtains are good but also just having thicker glass to start with works, and if you are in a noisy environment it really isn't that much of a risk. A lot of media hype has been around the use of lasers and lasers obtaining audio from rooms. An example was if I was to go into an area and observe a building at night and I might go to a building opposite and I need to monitor the fifth floor. I get onto an equal floor, hook up my laser, point it directly at the glass, have the laser bounce back, use my receiver, gather the information from the laser and convert it back to audio. I might have crystal clear audio when I do this at 11pm but when I come back to do the monitoring when the meeting is at 10am with vibration on the outside on the glass more then there is on the inside. Hence on the outside there is a lot more background noise. It almost makes it useless in order to obtain audio.

Read more on IT risk management

CIO
Security
Networking
Data Center
Data Management
Close