This Is The Typical Sequence Of Events Which
Granite Island Group Follows For TSCM Inspections

• Client reviews Granite Island Group's web site and related TSCM materials
• Contact is made away from suspect facility (pay phone at airport, etc...)
• Contact is not made via a suspect telephone, cordless, or cellular telephone
• Initial arrangements for secure face-to-face meeting (if requested)
• Materials sent to Granite Island Group regarding suspect facility

2. Initial Meeting and Commissioning

• Initial and secure face-to-face meeting (if requested)
• Initial meeting at sterile location away from any suspect facility
• Discussion regarding clients concerns, and vulnerabilities
• Commissioning of TSCM services, if appropriate
• Formulate plan in case an eavesdropping device or security hazard is found

3. Pre-Inspection Survey, Research, and Facility Reconnaissance

• Review of facility blueprints
• External RF survey (9 kHz to 26.5/40 GHz)
• Facility exterior reconnaissance

4. Vulnerability Analysis

• Threat assessment
• Physical security assessment
• Electronic security assessment
• Internal RF survey
• Audit of communications systems and facilities
• Inventory of furnishings, fixtures, and artifacts
• Evaluation of structural elements (walls, ceilings, floors)
• Sketch of suspect area and facilities
• Identification of sensitive areas
• Identification of intercept locations
• Identification of probable listening posts
• Development of threat model
• Performed during normal office hours (with appropriate cover)

5. Silent/Passive Walk-Thru

• No noise, non alerting activities only, nothing to alert the eavesdropper
• Automated bug and wireless microphone detection (9 kHz to 3 GHz)
• Initial VLF inspection of all AC, telecom, LAN, and HVAC wiring
• Initial detection of infrared devices and laser surveillance devices
• Video camera, tape recorder, VLF, and ultrasonic detection
• Overt threat detection
• Initial evaluation of physical security, locks, alarms, etc...
• Most PI, spy shop, and amateur bugs will be detected during this phase
• Very popular as it only takes 4 hours for a brief "Walk Though Inspection"
• TSCM services above this level starts radically increasing in cost

6. Passive Inspection - RF and Light Spectrum Monitoring

• No noise and non alerting activities only, nothing to alert the eavesdropper
• Music softly playing, "client on phone", drapes pulled
• Full passive RF spectrum sweep (20 Hz to above 110 GHz)
• Full passive light spectrum sweep (300nm to 1710nm / 83 THz to 450 THz)
• Most PI, spy shop, and advanced amateur bugs will be detected during this phase

7. Active Inspection - Non Alerting

• Minor Noise is created, however; it should not alert the eavesdropper
• VLF/RF check - AC mains (all electrical outlets)
• VLF/RF check - AC mains (all light switches/fixtures)
• VLF/RF check - HVAC controls
• VLF/RF check - Alarm and access control sensors
• VLF/RF check - Fire and safety sensors/alarms
• VLF/RF check - Other
• All phone lines evaluated and traced back to central office
• All artifacts documented, recorded, and inspected
• Oblique lighting inspection of all walls and artifacts
• Initial inspection of baseboards, windows frames, and door jambs
• Initial inspection of all wallplates (electrical, PBX, LAN)
• UV lighting sweep (below 400nm / 100THz)
• IR lighting sweep (above 700nm / 180THz)
• Visible spectrum light sweep (350nm to 750nm / 90THz to 195THz)
• Tuned forensic light source and filter sweep (250nm to 1750nm / 65THz to 455THz)
• Check for telephone set modifications/problems
• Check for PBX software and hardware anomalies
• Check for voice mail modifications/problems
• Inspection of all computer and LAN connections
• Inspection of all laser printers and computer output devices
• Law enforcement and professional bugs will be detected during this phase
• Typical threat level for most corporate offices

8. Active Scan - Alerting

• Chirp detection of hidden microphones and other transducers
• IR, audio, and ultrasonic jamming (as required)
• Render the eavesdropping device temporarily inoperative
• Inspection of all furnishings (desks, chairs, plants, etc)
• Open ceilings and walls (move ceiling tiles and panels)
• Thermal inspection
• HVAC and duct work inspection
• Acoustical leakage inspection
• Borescope inspection of all electrical wallplates and boxes
• Detailed inspection of all lighting fixtures
• Inventory of all conductors, conduits, wall studs, etc...
• Detailed electromagnetic energy search (above 110 GHz)
• Professional eavesdropping devices will be detected during this phase
• Typical threat level for a Fortune 500 corporate offices and law firms

9. Active Scan - Alerting/Evaluation

• Verify and TDR/FEXT/NEXT trace all conductors
• TDR trace - Telephone System Wiring
• TDR trace - Computer Network Wiring
• TDR trace - Cable Television and CCTV
• TDR trace - AC mains (all electrical wiring)
• TDR trace - AC mains (all light switches/fixtures)
• TDR trace - HVAC controls
• TDR trace - Alarm and access control sensors
• TDR trace - Fire and safety sensors/alarms
• TDR trace - Other
• PBX, ESS, and SN translation evaluated (as available)
• Voice mail system evaluation
• Xerox machine inspection
• Fax machine inspection
• Verify security of PBX, alarm, HVAC, audio systems
• Evaluate all artifacts (ie: furniture, books, computers, etc...)
• Wall, floor, and ceiling cavity inspections
• Intense physical inspection (every cubic centimeter)
• Diplomatic, law enforcement, and intelligence devices detected at this phase
• Typical threat level for attorneys, defense contractors, and aerospace firms

10. Special Inspection Activities (used only as needed)

• Non Linear Junction Detector (NLJD) inspection - active and passive
• X-ray, radiographic, and fluoroscope inspection
• Magnetic anomaly inspection

11. Preventive Actions (available only by special request)

• Seal and dust all cavities, wallplates, artifacts, etc...
• Install acoustic, ultrasonic, IR, and RF "cloak" as needed
• Install IPM alarms and associated security system
• Installation of encryption devices
• Installation of high security locks, doors, and hinges
• Installation of physical security devices
• Client education and training

12. Post Inspection Activities

• Verbal presentation of findings before leaving
• Presentation of hard copy report (if requested)
• Corrective actions
• Follow up actions
• Recurring TSCM services (if appropriate)

13. If an Eavesdropping Device or Activity is Detected

• Collection of documentation regarding device or activity
• Notification of Law Enforcement Agencies (if appropriate)
• Forensic Identification and Analysis of Device
• Counter-surveillance activities
• Counter-intelligence activities

Granite Island Group TSCM services always include at least the following (except for brief "Walk Though Inspections"):

• Analysis of all RF/electromagnetic emanations from 20 Hz to above 110 GHz
• Active and passive light spectra examined from 250 nm to 1750 nm
• Inspection of all outlets, switches, and lighting for VLF/RF devices
• Inspection of all PBX, LAN, and WAN connections and equipment
• All computers audited and checked for security anomalies
• Evaluation of all computers network facilities and associated cabling
• Inspection of all Xerox, fax, and other imaging equipment
• Inspection of all fiber optic connections and cabling
• All phone lines inspected and verified back to the central office
• Evaluation of all locks, safes, and physical security devices
• Most activities will overlap to provide complete coverage

Director of Central Intelligence, Physical Security Standards for
Sensitive Compartmented Information Facilities (SCIF) - Directive
1/21, U.S. DCI, July 29, 1994

Director of Central Intelligence, Technical Surveillance
Countermeasures - Directive 1/22, U.S. DCI, July 7, 1994

Director of Central Intelligence, Director of Central Intelligence
Directive Procedural Guide No. 1 - Requirements for Reporting and Testing
Technical Surveillance Penetrations, U.S. DCI, August 1984

Director of Central Intelligence, Director of Central Intelligence
Directive Procedural Guide No. 2 - Requirements for Reporting and Testing
Hazards, U.S. DCI, August 1984

Director of Central Intelligence, Director of Central Intelligence
Directive Procedural Guide No. 3 - Guidance for Conducting Audio
Countermeasures Surveys, U.S. DCI, August 1984

Defense Intelligence Agency, DIAM 50-3, Physical Security Standards for
Construction of Sensitive Compartmented Information Facilities

Defense Intelligence Agency, DIAM 50-4, Security of Compartmented
Computer Operations

Defense Intelligence Agency, DIAM 50-5, Sensitive Compartmented
Information (SCI) Contractor Administrative Security VOL I and II

Department of Energy, DOE Technical Surveillance Countermeasures
(TSCM) Procedural Guide, U.S. DOE, April 1988

Department of Energy, DOE Technical Surveillance Countermeasures
(TSCM) Operations Manual, U.S. DOE, April 1988

How To Engage a TSCM Firm

Recommended U.S. TSCM Firms

To be contacted for a confidential consultation please E-mail: jmatk@tscm.com or send a letter via US Mail to: James M. Atkinson Granite Island Group 127 Eastern Avenue #291 Gloucester, MA 01931-8008 or call: Telephone: (978) 381-9111 URL: http://www.tscm.com/