You are here

Counter-surveillance

Counter-Surveillance technology is a suite of products that are sold to help detect and in some cases disrupt other surveillance technologies that may be deployed. These technologies range from bug detectors for offices to jamming technologies that prevent transmission of signals by surveillance technologies, to cyber security tools that operate to minimise the number of successful cyber attacks on a network. The interesting aspect of counter-surveillance technology is the implicit recognition of particular technologies as being threatening to the operations of possible customers. If a tool exists to counter a specific form of surveillance, that should be considered a sign that there is a concern around the use of the particular surveillance technology and it also may indicate the prevalence of such technology.

Encryption is a process by which a person can ensure their communication is to only be read by another specific person. It is a technique that is widely in use by technologists and is a growing tool used by human rights defenders, journalists and activists. It is also a tool that law enforcement and intelligence use too. There are a number of different programmes and options for encryption available but they all function similarly at their core. When a person wants to secure their communication via encryption they need to generate a key, the key is sometimes a series of random alphanumerical characters- the more characters with greater variety the theoretically better secure the person is. The user then decides who they would like to share their key with. By sharing the key they are given the recipients the ability to decrypt communications sent to them. Anybody who doesn't have the key sent to them will struggle to reveal the contents of the communication- it would require a large and sophisticated computer system. By using encryption then the user counters any surveillance technology that may be in use by rendering the communication unreadable without significant investment. Law enforcement and intelligence agencies will use this to prevent individuals from easily listening in or reading their communications just in the same way that activists and human rights defenders will use encryption to prevent law enforcement and intelligence agencies from easily listening or reading their communication.

Standard encryption is prevalent throughout the internet helping, at a very basic level, to prevent surveillance. Websites implement a form of encryption known as Secure Socket Layer (SSL). Every time you open a web page and see either https or a locked padlock, encryption has been enabled between your machine and the web page. It is there to protect bank transactions and purchases, email and social network exchanges. However, SSL doesn't mean much as far as encryption goes, and is there only to prevent rudimentary attacks from hackers. Government and law enforcement agencies could use techniques such as a Man in the Middle attack to disrupt the secure connection. A Man in the Middle attack occurs when what a user's comptuer believes is a legitimately randomly assigned key is actually a key generated by the attacker. The key that should only be known to the user and the intended recipient is actually known by a third party too. The communications are no longer secure in this scenario and SSL encryption is defeated.

IMSI Catcher Catchers are also an increasingly popular counter-surveillance tool, as their rise in popularity matches the increased prevalence of the IMSI Catchers or other phone monitoring technologies they are designed to detect. The IMSI Catcher Catcher monitors phone networks in an attempt to detect any GSM (Global System for Mobile communications) or eavesdropping equipment which may be using the network to transmit such as hidden microphones. If the system detects a hostile signal based on preset instructions by the user the equipment is powerful enough to determine the location of the equipment for removal or even disrupt its transmissions and thus counter its operation.

Bug detection tools monitor rooms for physical bugs such as microphones and cameras. They are sometimes referred to as Non-Linear Junction Detectors or Spectrum Analyzers. These products look for the emission of signals in a room, and report via alarm that something is present. Alternatively they show graphs of operating frequencies around the room, and when the graph moves to show a signal emitting from a wall or somewhere in the room it is a sign that something in the room is transmitting over a particular frequency, allowing for the discovery of the bug.

Anti-Jamming equipment is used to disrupt the frequencies of a jamming tool, the original purpose of which is to disrupt some form of surveillance technology such as Audio Surveillance or Video Surveillance. The Anti-jamming technology works in much the same way as bug detection, by monitoring the surrounding area for signals that indicate the Received Signal Strength of the jammer. Just like the bug detection tool sweeps for signals emitting from surveillance technology, the anti-jamming tool sweeps for signals emitted by counter-surveillance technologies.

The practice of cyber security (including penetration testing) focuses on securing networks to prevent access by adversaries. This involves the detection of vulnerabilities in a network, referred to as exploits, and patching them to prevent the adversary gaining access.  It can involve testing some of the most widely used products on the market such as Microsoft Word, Adobe PDF viewers, even browsing and email services such as Internet Explorer and Hotmail. This is an entirely legitimate practice and one that all users of services rely on to help better secure our communications and our use of communications networks. It is included here because some surveillance vendors offer cyber security services as well as technologies that- in some cases- seek to defeat security to gain access to devices or networks.