Corporate counterintelligence - the importance of TSCM

June 2000 Security Services & Risk Management

Steve Whitehead is the Managing Member of TSCM Services. He is a former lieutenant in the South African Police and held the rank of Deputy Director in the National Intelligence Service (NIS) before his resignation. He served for nearly 20 years in the two departments. His last ten years of service was dedicated to the study and practice of counterintelligence and counterespionage. He also taught offensive and defensive espionage methods at the National Intelligence Training Academy for two years. He is a member of various professional institutions and regularly speaks on the subject of electronic countermeasures.

Lorenzo Lombard is the Technical Services Manager of TSCM Services. He is also a former member of the National Intelligence Service (NIS) and the National Intelligence Agency (NIA). He served for nearly 22 years in the technical field and held the rank of assistant director before his resignation. He was primarily involved in the electronics field, offensive as well as defensive and served for many years locally and overseas as a member of the NIS TSCM team. In addition to his Government training courses, he also attended TSCM training courses at international training institutions. During his career he held postings at South African embassies in Europe as a senior technical officer. He is considered by many worldwide to be one of the top TSCM professionals in South Africa.

Do you need to be concerned about the threat against information? Is it exaggerated? Does electronic invasion or telephone tapping take place? Who can you contact to check? How will you know that they can do the job or have the necessary equipment? What is the legal position?

This article will attempt to answer those questions, provide guidelines, and dispel myths regarding training, equipment and service providers who provide TSCM as a counterintelligence service.

The well-known author Peter Hamilton wrote as far back as 1979 in his book "Espionage, terrorism and subversion in an industrial society' that "Industrial espionage poses a significant threat."He further wrote that "It will not be possible for any company or economy to survive the battle without good industrial intelligence. Organised industrial espionage would be a logical outcome of this need."

Leaders throughout history have attempted to secure knowledge and warning to avoid being forced to make uninformed decisions. No business in today's highly competitive marketplace is safe from the threat of industrial espionage.

Intelligence also implies the protection of one's own information from acquisition by others. Just as counterintelligence is important to a nation's security so is counterintelligence, sometimes called defensive business intelligence, also important in the corporate environment. Business managers need to protect the information essential to the successful operation of their businesses.


Counterintelligence is basically directed at coping with or countering threats. Counterintelligence seeks to counter potentially hostile and concealed acts. It comprises measures undertaken to protect against what an adversary may do.

"If one waits until a threat is manifest through a successful attack, then significant damage can be done before an effective countermeasure can be developed and deployed. Therefore countermeasures must be based on speculation. Effort may be expended in countering attacks that are never attempted. The need to speculate and to budget resources for countermeasures also implies a need to understand what it is that should be protected, and why; such understanding should drive the choice of a protection strategy and countermeasures. This thinking should be captured in security policies generated by management; poor security often reflects both weak policies and inadequate forethought."

Source: James A. Schweitzer: Protecting Business Information

Counterintelligence includes measures aimed at identifying possible "threat targets" among personnel, Technical Surveillance Countermeasures (TSCM), security education and estimating and assessing the vulnerability of sensitive installations and activities to counter the business espionage threat.

Security policies and counterintelligence

So much has been spoken and written about security policies but most policies do not cover counterintelligence functions. Most companies do not have centralised records that reflect the level of counterintelligence activities that are conducted or were conducted in the company. Companies do not have laid down standards for their TSCM requirements or any quality control review procedures regarding the level of services that are performed.

But what is the situation in South Africa?

Do you need to be concerned about the threat against information? Is it exaggerated? Does electronic invasion or telephone tapping take place? Who can you contact to check? How will you know that they can do the job or have the necessary equipment? What is the legal position?

What is TSCM?

TSCM is a counterintelligence activity and refers to a set of measures employed to identify hostile technical devices planted by an adversary for collection purposes.

TSCM is largely directed at the protection of information but will often reveal physical and other security problems, lack of security education and can assist to assess the vulnerability of sensitive facilities.

Typical projects by a professional TSCM company include debugging services to discover and locate illegal eavesdropping devices, support of personal and VIP protection programmes, provision of secure environments for special meetings or activities and consultations on matters relating to information security.

TSCM tradecraft encompasses many seemingly unrelated disciplines including electronics, technology, security, investigations and specialised training.

A company offering TSCM services usually comprises a number of individuals with extensive training, who through the years of experience have acquired valuable knowledge of their profession and possesses a variety of equipment.

"Although they are warriors of the information age, Technical Surveillance Countermeasures practitioners remain a rare hybrid between the technical and security professions. TSCM professionals are being sought with more frequency and concern as emerging technologies continue to expose the soft underbelly of both companies and individuals."

Source: Douglas A. Roth

TSCM can be defined as the systematic electronic, physical and visual examination of a designated area by trained and qualified persons utilising appropriate equipment and techniques in an effort to locate transmitting or surreptitious listening devices, security hazards or other means in which classified, sensitive or proprietary information could be intercepted or lost.

If you have reason to believe that you or your company could be a target or that your privacy is threatened, you need the services of a professional. You need to locate someone or a company who is competent in TSCM and will work with you to assess the threat and perform a series of services to determine whether you or your company could be the subject of illegal eavesdropping.

Legal aspects of eavesdropping

In South Africa the Interception and Monitoring Prohibition Act, No 127 of 1992 prohibits electronic eavesdropping. The South African Law Commission recently reviewed the act and made general and specific recommendations to parliament that the act be amended and augmented by a number of new provisions. (Most of the recommendations have to do with the legal interception of cellular telephone communications.)

The following provisions regarding the act are relevant to this discussion:

"No person shall -

* Intentionally and without the knowledge or permission of the dispatcher intercept a communication which has been or is being intended to be transmitted by telephone or in any other manner over a telecommunications line; or

* Intentionally monitor a conversation by means of a monitoring device so as to gather confidential information concerning any person, body or organisation.

* Any person who contravenes a provision ... Shall be guilty of an offence and liable on conviction ..."

The act also makes provision for legal eavesdropping and interception by government and law enforcement agencies under certain circumstances and the procedures they have to follow to obtain the necessary permission.

The act in general prohibits any form of eavesdropping or interception unless it is done by government and permission will only be granted once a judge has been satisfied that the agency applying for permission has adhered to the stringent prescriptions.

Is the threat of eavesdropping real?

Notwithstanding the provisions of Act 127 of 1992, bugging and electronic surveillance services are openly advertised, mostly by private investigators. A quick glance through a Gauteng business directory revealed a number of private investigators offering eavesdropping or electronic surveillance services.

In the same directory, a PI company also advertises "industrial espionage" services. According to Robert Abrahamson, an American author on business intelligence and analyses, "Industrial espionage denotes the illegal gathering of business data, information and trade secrets. This includes bribery, coercion, breaking and entering, installing of electronic transmitting devices."

A private investigator has been openly advertising "Telephone tapping for R1500," in one of the daily Gauteng newspapers for the past few months. Some South African private investigators also advertise these services on the Internet.

In December 1998 one of the South African weekly magazines catering mostly for women, interviewed a private investigator. In the article his use of illegal surveillance tactics is highlighted as one of the techniques he employs, to catch unfaithful spouses.

The list goes on and we can find examples all around us. The SA Law Commission reviewing Act 127 of 1992 commented as follows, "The project committee considered that a matter, which is alarming in South Africa, is the large number of advertisements, sometimes even in law journals of private investigators, offering to deliver services, which include 'bugging'."

The legalities of equipment ownership

The sale of eavesdropping devices is not prohibited in South Africa, creating a contradiction. It is illegal in terms of Act 127 of 1992 to 'bug' or 'tap' someone, but not illegal to manufacture, sell or possess these devices. Various specialised shops have opened up selling mainly surveillance and monitoring equipment.

In the US, the manufacture, distribution, possession and advertising of wire or oral communication interception devices is prohibited.

No real statistics of reported incidents are available from any Government agency, nor does the South African Government assist or advise the business sector regarding the threat of illegal eavesdropping, good counterintelligence practices, etc.

On the other hand the American Government is taking the threat seriously and regularly issues guidelines and suspicious indicators regarding security countermeasures to their industries and businesses.

Is the threat of illegal eavesdropping creating a security problem in South Africa? We hear and read about it regularly, and TSCM is now a regular requested topic at seminars and conferences dealing with security, crime and business intelligence.

During the past few months a number of private investigators were arrested in Cape Town, Gauteng and KwaZulu-Natal for the illegal 'tapping' of telephones. A Cape Town advertising agency boss appeared during December 1999 in the Wynberg Magistrate's Court for the alleged tapping and bugging of another advertising agency.

Towards the end of 1999 the Democratic Party claimed that an independent consultant has determined that their Cape Town Parliamentary offices were 'bugged'. We had the incident with the bungled spy camera at the German Embassy in Pretoria. Hansie Cronje would probably never again discuss any sensitive information on a telephone if the Indian Government's claims prove to be correct. During March 2000 an East Rand newspaper reported on the discovery of a bugging device in the office of the CEO of one of the metropolitan councils in the area.

The threat is real

In view of the above it would probably be reasonable to say that in South Africa there is definitely a threat to companies and individuals. We have to accept that illegal eavesdropping services are performed more regularly throughout South Africa than many people realise. Discovered devices and evidence of tampering found during surveys are also good indicators that the problem exists. Unfortunately many companies are unaware that industrial espionage or illegal eavesdropping has affected their businesses, as they have no counterintelligence policies in place.


The potential benefits generally far outweigh the potential penalties that can be imposed when caught. (Richard Nixon, following the Watergate scandal, might however disagree on this point.) Information in the wrong hands can destroy a corporation, put people out of work, bankrupt companies and devastate shareholders.

Major decisions are often made orally long before they are committed to writing. Audio surveillance of the locations where sensitive discussions are held and decisions are made can give the unauthorised eavesdropper not only the information he requires, but also the lead-time to make use of the information.

In the next issue of Hi-Tech Security Systems, we will look at 'The need for TSCM', the training of TSCM professionals and what you can expect from TSCM service providers.

For details contact Steve Whitehead of TSCM Services on

tel: (012) 664 3157,

fax: (012) 664 3180,


or visit

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Social media and intelligence-led surveillance
July 2019, Leaderware , Editor's Choice, Integrated Solutions, Security Services & Risk Management
Social media has become a major feature of most people’s lives in the last few years and they can be invaluable as a source of information for companies and security organisations.

The 4th Industrial Revolution
July 2019, Wolfpack Information Risk , Editor's Choice, Cyber Security, Security Services & Risk Management, Industrial (Industry)
Most major industries have turned to and are reliant on technology to run their operations. This is a time of great promise, but also one of frightening peril.

Fake videos not threat to courtroom evidence
July 2019 , Security Services & Risk Management
The Washington Post recently reported top AI researchers are “racing to defuse an extraordinary political weapon: computer-generated fake videos that could undermine candidates and mislead voters".

Fear of the unknown
July 2019, Kaspersky Lab , Cyber Security, Security Services & Risk Management
Fear of the unknown: while there’s still interest in cryptocurrencies, just 19% locally understand how they work.

Leveraging on Africa
July 2019, Managed Integrity Evaluation , Security Services & Risk Management
The purpose of cross-border expansion is to not only ensure sustainable growth and business viability, but also the ability to mitigate growing market risk and uncertainties across the globe.

Assess business resilience in terms of value
July 2019, ContinuitySA , Security Services & Risk Management
Looking at the total value of the investment (VOI) is a far better way of assessing the worth of an in-vestment with many intangible benefits.

Social media and background checks
July 2019, Managed Integrity Evaluation , Security Services & Risk Management
Social media screening and online checks can provide many benefits to a hiring employer; however, such screening should not be carried out in isolation.

Johnson Controls launches Technology Contracting in Africa
July 2019, Johnson Controls , Editor's Choice, News, Security Services & Risk Management
To address the growing challenge of planning, integrating and maintaining a multitude of different, highly connected systems, Johnson Controls is launching Technology Contracting in Africa.

A new method for data destruction
July 2019 , News, Security Services & Risk Management
Xperien is now able to professionally erase data on retired IT assets in compliance with the Protection of Personal Information Act (PoPIA).

Automated contraband detection
July 2019 , Security Services & Risk Management, Transport (Industry)
Today’s X-ray screening solutions have been updated with auto-detection capabilities that will raise an alert if a weapon or even small quantities of explosives and toxic materials are detected.