Protecting Against Technical Surveillance
Technical Surveillance Countermeasures (TSCM) involves a comprehensive, systematic approach to discovering, pinpointing, and neutralizing harmful surveillance devices whose primary purpose is to capture and transmit/export sensitive data.
Bastille offers real-time, continuous radio frequency (RF) signal monitoring, crucial for modern surveillance detection. It detects, classifies, and locates unauthorized surveillance devices swiftly, integrating seamlessly into TSCM efforts for a more proactive security approach. Additionally, Bastille’s ability to analyze historical RF data helps identify patterns that may indicate sustained surveillance efforts, making it a vital tool for securing sensitive information against complex threats.
Wireless Threats
Wireless threats are evolving rapidly, just like network-borne vulnerabilities and malware. However, they have a distinct advantage over network-centric attacks: wireless threats are not detectable on managed networks. They may exfiltrate data out-of-band from the complex firewall, intrusion detection, and malware scanning systems on the physical network. You must continuously monitor for threat activity to ensure your physical space is free of unknown wireless threats.
Wireless threats manifest themselves in forms such as:
- Rogue Wi-Fi access points and data ex-fil devices
- Rogue video and still-image cameras
- Bluetooth-based data harvesting devices
- Cellular voice, data and video ex-fil devices, which can bridge physical networks
- Industrial Control System jammers, blockers and signal interfering devices
These threats can compromise the security of the spaces where you hold sensitive discussions, process critical information, or have compliance obligations on securing the wireless airspace.
Threats Are Evasive
Wireless devices used for eavesdropping or data exfiltration would be ineffective if they were easy to find. They often attempt to avoid detection by transmitting during busy times (to blend in) or off-hours (fewer observers). A continuous monitoring TSCM system will detect threat devices whenever they transmit.
Threats Are Camouflaged
Advanced data exfiltration threat devices look precisely like cables and components typically present in your facility. The only way to detect the threat is to monitor the wireless spectrum for transmissions that violate security policy. Physical inspection cannot identify these threats.