The TSCMi annual conference for this year has been confirmed with our planned venue in London for the 5th and 6th October 2022.
Attendance is available to Members and their guests, and presenters and exhibitors by invitation only.
There was wide disappointment that the present circumstances resulted in our inability to provide a viable annual conference for the past two years. The institute recognises the resulting impact upon its ability to provide its membership with the invaluable information and guidance the conference is uniquely able to deliver; in particular with regard to the constant evolution of both surveillance and counter-surveillance technology and practice.
Thus, with the help of some of our regular conference contributors, we have published our first annual conference magazine, which is available to all our membership on our Members Private Forum page, with personal copies delivered directly to our Members.
The magazine provides information about new products, developing threats and how to address them, and articles of particular interest to TSCM professional and our wider membership.
The sensitivity of much of the information available through the TSCMi demands that access to it is restricted to our membership. We know that all TSCMi professionals would benefit, both professionally and personally, from such access, and thus would welcome enquiries for membership of the TSCMi from both practising TSCM practitioners and allied professionals.
The TSCMi annual conference is a two day event bringing together TSCM consultants and practitioners with representation from across the world from the private and public sectors to share the latest information upon eavesdropping technology and the products and techniques designed to mitigate against the ever more sophisticated threat.
This year’s recent conference covered a wealth of subjects including the challenges of 5G, the view from the opposition and the vulnerabilities of that computer on wheels we all call a car. Most significantly this year a constant and emerging thread running through the event was evidence of an increased awareness by business and government of the threat to corporate and government assets from Technical surveillance and other forms of eavesdropping, and an aligned increase in investment to combat the threat. This is further supported by recent security press articles, particularly from the USA, support this viewpoint
To one who has been actively involved with technical security for many years an understanding of the continued and undiminished eavesdropping threat has been ever present. Conducting TSCM surveys for clients in conference centres and heavily populated business conurbations has frequently resulted in not just evidence of surveillance regarding clients, but also positive identification of active technical eavesdropping attacks upon neighbouring businesses and premises
So why has consideration of the eavesdropping threat been so low in the minds of those concerned with the protection of information assets up to now? And what has triggered this increased awareness amongst the wider business and government community?
John CarterTSCMi Conference 2018 – Technical Eavesdropping “A re-awakening of the threat”
Recently a TSCMi member brought to our attention a YouTube article referring to a hacking vulnerability of Amazon’s Echo, the audio personal assistant, to provide the opportunity for malicious use as an eavesdropping device. In truth this should not be a surprise. On line Hacking communities have recently been full of such vulnerabilities, and these are not just limited to the Echo. There are a number of similar “smart speakers” and apps that provide personal assistant functions on laptops, smartphones and tablets.
And they’re all smarter than you might think.
John CarterSmart Speakers – smarter than you think!
The enthusiast community engaged in the use of Software Defined Radio (SDR) projects is ever finding new functionality with which to experiment. One recent example, particularly relevant to the TSCMi, is development of software capable of utilising SDR to mount a TEMPEST attack upon laptop screens.
TEMPEST attack capabilities have been around for a long time, but such an attack as this has previously required sophisticated and expensive hardware and associated complex software.
John CarterTEMPEST Laptop screen attack – now in domain of radio hobbyists
As stated on the Home page of our institute web site, one of our key objectives within the institute is described thus:
“the institute endeavours to maintain best practices within the industry, improve standards and educate future practitioners to safeguard the industry.”
This web site is one of the routes by which we can promote and guide our membership such that they may adhere to a core set of principles as illustrated in our Code of Practice and based upon the UK National Occupational Standards (NOS).
But how does this help those who seek TSCM services? How does the potential client identify a TSCM service provider who will be able to correctly identify the right service to meet the client’s needs?
John CarterHelping the Client find the right TSCM service