Eavesdropping Methods

Eavesdropping operations generally have three principal elements:

  • Pickup Device: A microphone, video camera or other device picks up sound or video images and converts them to electrical impulses. If the device can be installed so that it uses electrical power already available in the target room, this eliminates the need for periodic access to the room to replace batteries. Some listening devices can store information digitally and transmit it to a listening post at a predetermined time. Tiny microphones may be coupled with miniature amplifiers that filter out background noise.
  • Transmission Link: The electrical impulses created by the pickup device must somehow be transmitted to a listening post. This may be done by a radio frequency transmission or by wire. Available wires might include the active telephone line, unused telephone or electrical wire, or ungrounded electrical conduits. Transmitters may be linked to an existing power source or be battery operated. The transmitter may operate continuously or, in more sophisticated operations, be remotely activated.
  • Listening Post: This is a secure area where the signals can be monitored, recorded, or retransmitted to another area for processing. The listening post may be as close as the next room or as far as several blocks. Voice-activated equipment is available to record only when activity is present. A recorder can record up to 12 hours of conversation between tape changes.

Eavesdropping equipment varies greatly in level of sophistication. Many off-the-shelf spy shop devices are generally low-cost consumer electronic devices that have been modified for covert surveillance. They are easy to use against unsuspecting targets but can be detected by elementary electronic countermeasures. Devices produced for law enforcement and industrial espionage are more expensive, more sophisticated, and more difficult to find during a technical security countermeasures (TSCM) inspection. Devices designed and built for intelligence services are still more expensive and very difficult to find.

Some of the more sophisticated bugs have a "burst" transmission. A device about the size of a fingernail can record several hours of ordinary conversation and then transmit it to a remote receiver in a burst that lasts only two seconds. An hour of speech can be stored on a single chip. This is a passive system that records information but emits signals only when interrogated.1 This makes detection very difficult. Of course, some countermeasures systems are designed to try to activate such systems so they can be detected.

Some eavesdropping operations, as discussed below, don't require anything at all to be planted in the target room. The eavesdropping can be done without ever having direct physical access to the target area. Such operations exploit weaknesses in the the telephone system or computer system already in the target room, or they use a laser beam aimed at the target room.1

Eavesdropping in Office or Home

The type of bug installed in a home or office setting depends in part upon the length of time and the circumstances, if any, under which the installer has physical access to the site.

A visitor seated in front of your desk may bend down to pick up a dropped pen, using the few seconds when his hand is out of your sight to stick a bug under his chair or under your desk. Or he may "forget" and leave behind a workable pen that has a concealed microphone and transmitter. Any gift intended to be kept on your desk or elsewhere in the open in your office is a potential concealment device for a bug.

bullet  If the eavesdropper can gain a period of unsupervised access to your office or home, it is possible to install more sophisticated devices that are more difficult to detect. That is why physical security measures to protect the office space from intruders or other unauthorized persons are so important. Common hiding spots when time is available to plant a device include electrical outlets in the wall, furniture, lamps, ceiling light fixtures, pictures on the wall, books on your bookshelf, etc.

More than half of all eavesdropping attacks on U.S. offices, both foreign and domestic, have exploited the common telephone.2 Telephones offer a variety of eavesdropping options, as the telephone instrument has electrical power, a built-in microphone, a speaker that can serve dual purposes, and ample room for hiding bugs or taps.

cartoon The time it takes to install a bug in your telephone is measured in seconds, not minutes. One type of telephone bug transmits all your telephone conversations to a nearby listening post. Picking up your telephone to make or receive a call triggers a recorder that can be placed in the trunk of a car parked up to four blocks away. When you hang up, the recorder is turned off automatically.

Another type of telephone bug will pick up conversations in the room and transmit them down the telephone line while your telephone remains on the hook. The eavesdropper can monitor your room conversations from another telephone anywhere in the world. Such telephone bugs are usually easy to detect by a professional countermeasures technician who knows what to look for.

With some of today's computerized phone systems, it is possible to manipulate a telephone electronically without ever having direct, physical access to the telephone instrument. Signals can be sent down the telephone line to turn the handset into a microphone that picks up and transmits conversations in the room even when the handset is hung up. This risk can be greatly reduced by the selection of an appropriate telephone system and implementation of available technical security countermeasures. This type of penetration of telephone systems is discussed in greater detail under Telephones in the Intercepting Your Communications module.

Computers are similar to telephones, in that they have the essential parts for a sophisticated surveillance system -- a microphone and a means of communicating information outside the area in which they are located. Computers are vulnerable to several types of eavesdropping operations. For example, a bug in your keyboard could transmit every keystroke so that everything you write can be reproduced.

Standard computers emit faint electromagnetic radiation that a very sophisticated eavesdropper can use to reconstruct the contents of the computer screen. These signals can carry a distance of several hundred feet, and even further if exposed cables or telephone lines act as inadvertent antennas. Security measures and shielding are available to reduce the risk of such eavesdropping. It is possible to buy TEMPEST-protected computers that block the unintended radiation.

Eavesdropping in Public Places

Even public areas are not immune to technical surveillance. Whenever your presence in a public area is known or predictable in advance, an adversary or competitor has time to plan the best way to exploit that knowledge.

bullet  One Western European intelligence service is known to bug selected first class seats of its national airline. This picks up conversations among U.S. government officials or business executives traveling together for negotiations in that Western European country.

Outdoors in a park, in a hotel lobby, or while sitting around a hotel swimming pool, conversations may be monitored with a shotgun microphone. This is a directional microphone (parabolic reflector) that may be concealed in a sleeve or a folded newspaper and aimed at the target. Clarity of the recording may be improved by programs that cancel out extraneous noise and that employ neural net analysis to learn the target’s speech patterns.

Individuals who habitually frequent the same restaurant or café and hold sensitive conversations over lunch or dinner are also vulnerable, especially if they usually sit at the same table or the restaurant manager cooperates with the eavesdropper. A short-term bug can simply be attached to the underside of the table. Longer term, one could build the bug into the table or into a vase or other item on the table. Although probably very rare, at least one highly-competitive, high-class restaurant is known to have bugged its own tables to obtain unfiltered feedback on customer reactions to the service and food.

Related Topic: Bugging Hotel Rooms, Intercepting Your Communications.

1. Srikuman S. Rao, "Executive Secrets," Forbes, 1999.
2. Telephone Security Group, National Telecommunications Security Working Group Information Series: Executive Overview, January 1996.




The Chroma Group, Ltd.