News

Are your conversations really private?

Operations/June 9, 2025

We all know that our IT can be vulnerable to hacking, viruses, malware and the like. We are fed a regular stream of guidance on phishing, using public IT systems, and looking carefully after our data. All great advice, but are we as conscious about what we physically say and do on a daily basis?

We are constantly surrounded by people we don’t know; we are under general surveillance by public and private CCTV systems, and within our vicinity are mobile phones, each of which has a microphone which can intercept our conversations and transmit them to another party.

The chances are that all of these things are quite innocent and that domestic, state or commercial interests are not targeting you. If we all thought like that, we’d likely be in a state of constant paranoia!

But on occasion, other parties can take an interest in your comings and goings and what you are saying and to whom. A lot will depend on what type of interest it may be. On a domestic level, it may be a jealous partner or, commercially, an underhanded rival. In this case (because it’s a blog and not a book) I’m going to talk about the value of sensitive commercial information. Still, these concerns equally apply to some domestic or even nation-state situations.

Blue-Chip protection

Sceptre were approached to assist in protecting a global Blue-Chip company. The company board wanted to meet securely in person and online to discuss some highly sensitive commercial information. Naturally, we do not know what was intended to be discussed; all we knew was that they wanted the meeting to be highly secure.

Knowing a competitor’s sensitive information can give a rival an enormous advantage and have catastrophic consequences for the originating company, even if that information was obtained illegally. So, using that measure, it makes sense to take precautions if you do not wish highly sensitive information to be overheard, read or viewed.

In this case (the Blue Chip), a remote and independent location had been chosen for the meeting to reduce predictability for a rival targeting them. The meetings were to take place over two days.

Technical Surveillance Counter Measures

The night before the first day’s meetings, Sceptre and their partners undertook a technical and physical sweep of the venue. In a previous blog, we discussed the importance of different layers in security, specifically looking for ‘Bugs’ or, more accurately, ‘Technical Surveillance Counter Measures’ (TSCM), which also involves numerous other layers. Some are physical, some are technical.

On the physical side, this is precisely what it says, it is a physical search for an audio, data or video transmitter or recorder within the vulnerable area capable of capturing audio, data, or video. It can then record and transmit what it has recorded at a later time, or when commanded, it can transmit live or wait until physical retrieval by the assailant. Unfortunately, the days of James Bond having a tape recorder in a briefcase are long gone, and modern commercially available devices are small and designed to be discreet (a brief Google search will confirm this). A lens, for example, can be smaller than 1mm across! It should be noted that nation-states also produce their own surveillance items, but this is beyond the scope of this blog.

What often dictates the physical size of the ‘bug’ is its power source, but batteries are becoming smaller too. Suppose you can use an existing power supply within the room or vehicle without the need for a battery, for example. In that case, the device can be many times smaller (electrically conductive paint, anyone?) There is plenty of equipment to assist the physical searcher, but searching for these devices is long and laborious because they are designed not to be easily found.

Outside interception

Moving on from physically searching the room or vehicle, we have to consider outside interception. When we talk, the glass or similar material around us vibrates because of the sound waves we produce, rather like the diaphragm on a microphone. If an assailant can deploy a laser to point directly at that glass, those vibrations can be picked up and the conversations reproduced at a remote site. Likewise, directional microphones can be used; they’re a bit more ‘old school’ but still particularly useful.

Now we get to the technical side of TSCM. We are obviously not going to discuss the technical details of the equipment necessary to detect intrusive devices; suffice it to say, much of it requires international ‘end-user’ certificates, and no single piece of equipment achieves all tasks; a task generally requires many different types of technical equipment. But in the hands of a skilled and experienced operator, the technical equipment provides a real and highly credible capability to detect electronic intrusion.

In essence, if an intrusive device is transmitting on the RF spectrum, the operator will be able to localise it against the background of Wi-Fi, Bluetooth, 5G, Commercial and government radio frequencies and various other transmissions. But what if the device is in the room but not transmitting (Passive), we hear you ask? Admittedly, this can take longer, but it is also achievable to detect these devices using other technical equipment and additional security layers that we cannot mention.

On a side note, it is essential to discuss with the client what they want done if a device is discovered. The immediate reaction generally is to remove it and shut it down, but feeding it false information may also prove useful; that’s one for the client.

Safe environment

Back to the Blue Chip again…. Using the processes broadly outlined above, the TSCM sweep went ahead, and at the conclusion, the environment was declared safe to conduct highly sensitive conversations without the risk of being overheard or recorded.

This event is typical of the commercial use of TSCM; in essence, it provides the confidence for organisations and individuals to conduct their business without fear that they are being overheard and that the information remains confidential within the designated area.

The value of intercepting and using information not intended for the recipient goes back to the dawn of time. Still, perhaps the best-known example is the interception of German codes using the Enigma and Lorenz cyphers during the Second World War. It is said that by using the information and keeping its discovery from the Axis powers, the war was reduced by up to two years!

In the modern world, for businesses or individuals wanting to protect sensitive information and ensure their conversations are not intercepted, it brings some peace of mind to know that options are available.

Sceptre and its partners utilise the latest security equipment to deliver the highest level of assurance to clients. The manufacturers/providers are well-known, competent, and respected in the industry; however, for security reasons, their details will not be published online.

Read more recent news

All 3 /Operations 1 /Security Consultancy 3 /UK Law 0

Lockon Training

May 19, 2025/by Sceptre Protection

Hinkley Point C

May 14, 2025/by Sceptre Protection

Does your security add value?

February 20, 2025/by Sceptre Protection

Contact Sceptre Protection

Please don’t hesitate to contact us if you would like more information or discuss any aspect of our work

Contact Us
© Copyright - Sceptre Protection Ltd
Lockon Training