Granite Island Group Banner

Types of Wiretaps, Bugs and Methods

If you are concerned about covert eavesdropping then it may be wise to contact Granite Island Group, or another TSCM firm and immediately schedule a "Bug Sweep" or TSCM inspection. However, do not call from a suspect telephone, and understand that it is critical that you get some out to your location as quietly, and as quickly as possible.

Bugging (Everybody's Favorite Subject)

A "Bug" is a device which is placed in an area which then intercepts communications and transmits or conducts them out of that area to a listening post. The eavesdropper can be just a few feet away from the victim, hundreds of feet, or even miles depending on the kind of bug used.

There are five primary categories of "Bugs": (Acoustic, Ultrasonic, RF, Optical, and Hybrid).

An Acoustic Bug is the placing of a water glass, stethoscope, or rubber tube into an area and directly intercepting the communication with the naked ear (without the use of electronics). This also applies to sections of an area where sound is leaking though soft spots around windows, structural defects, ventilation structures, poorly installed power outlets, and so on.

An Ultrasonic or VLF Bug is a technique use to convert the sound into an audio signal above the range of human hearing, the ultrasonic signal is then intercepted nearby and converted back to audio. In this case audio pressure waves are used instead of creating a radio signal.

An RF (or Radio Frequency) Bug is the most well known type of bugging device. A radio transmitter is placed in an area or in a device. This is your classic martini olive bug and "spy shop" store device. Extremely easy to detect, but cheap, disposable, and difficult to trace back to the person who planted it. A properly equipped TSCM specialist can actually detect this kind of device at a significant distance, but it does require some time to properly accomplish. Keep in mind that any legitimate bug sweep takes hours, not minutes).

An Optical Bug is a bugging device that converts sound (or data) into an optical pulse or beam of light. It is rarely used, expensive, and easy to detect. A good example of this would be active or passive laser listening devices.

Any of the above techniques and devices can be combined to make a Hybrid eavesdropping device.

Isn't it strange that princes and kings,
And clowns that caper in sawdust rings,
And common people like you and me
Are builders for eternity?

Each is given a bag of tools,
A shapeless mass, a book of rules;
And each must make.. ere life is flown
A stumbling block, or a stepping stone.

-- R. L. Sharpe, "A Bag of Tools"


Wiretapping is the preferred method of obtaining intelligence (for quality reasons), it involves tying in to a wire or other conductor that is used for communications. This wire can be a telephone line, a PBX cable, a local area network, a CCTV video system, an alarm system, or any other communications medium. The goal in a wiretapping is to secure high quality information, and to minimize the possibility of the eavesdropping being detected (remember radiated signals are easy to detect).

Wiretaps are broken into four primary categories (Hardwired, Soft, Record, and Transmit).

A Hardwired Wiretap, is when physical access is gained to a section of wire that the signal (ie: telephone line) travels on. A second set of wires is attached (normally through the use of an isolation or slave device), the signal is then bridged back to a secure location. This type of wiretap when discovered is fairly easy to trace back to the listening post. This type of wiretap is very popular with the police, but is usually outside the scope of most eavesdroppers. If the eavesdropper is using a "slave" or similar isolation device on a telephone the tap will be virtually impossible for anybody except a high trained or properly equipped "bug sweep" professional to find (and there only around a dozen of these in the US).

A Soft Wiretap, is a modification to the software used to run the phone system. This can be done at the telephone company, or in the case of a business, the PBX. A soft wiretap is a preferred method to tap a phone, easy to catch on a PBX, but tougher to find in the phone company's system. It is sometimes called a REMOBS (REMote OBServation), DATU, ESS, or translation tap. This type of tap is very popular with large law enforcement agencies, intelligence agencies, larger corporations, and with hackers who find it quite simple to gain access via maintenance software. This type of tap is actually very simple to find, but does require completely un-restricted access to the inner workings on the phone companies computers (which is very tough to obtain).

A Record Wiretap, is nothing more than a tape recorder wired into the phone line, very easy to find on a TSCM inspection. Similar to a hardwired wiretap, but the tapes must be changed on a regular basis. This is very, very popular with amateur spies, and private investigators, but they are very dangerous to use, and many eavesdroppers have been caught red-handed when they showed up to service their illicit recorder.

A Transmit Wiretap, is an RF transmitter (or "Bug") connected to a wire (often containing a microphone itself). This type of tap is very popular, however; the RF energy it produces radically increases the chance that it will be detected by a competent "Bug Sweeping" specialist (known in the business as a "TSCM Specialist" or Practitioner).

Wiretaps are extremely difficult to detect (if properly installed), require a very high level of technical expertise, and a great deal of equipment to locate. It is virtually impossible to detect most wiretaps with any spyshop toys, bug detectors, and other such gizmo's. Instead the TSCM specialist has to use hundreds, and often thousands of pounds of highly sophisticated laboratory grade instruments, and perform hundreds of highly sensitive measurements.

Families of Bugs

Types of Covert Eavesdropping Activities

  1. Counter Counter Intelligence (Counter-TSCM)
  2. Counter Intelligence (TSCM)
  3. Active (Classic Spying, Heavy Bugging, & Black Bag Jobs)
  4. Passive (Primarily Listen, Minor Bugging)

    Law Enforcement:
  1. High Level Intelligence (Domestic - DEA, FBI, USSS, FISA, etc...)
  2. Low Level Intelligence (Domestic Law Enforcement)
  3. Investigation of Major Crimes (Murder, Arson, etc)
  4. Active (Wiretaps, Body wires, etc)
  5. Passive (Cellular Phone/Beeper Monitoring)
  6. Tactical (SWAT Teams, Throw-Phones, etc)
  7. Management (Video in Police Cars, wireless microphones)
  8. Outlaw (Illegal Surveillance Activities)

    Private Investigator:
  1. Intelligence - Active (Black Bag Jobs)
  2. Intelligence - Passive (Cell Phone/Beeper Monitoring)
  3. Surveillance - Active (Black Bag Jobs)
  4. Surveillance - Passive (Cell Phone/Beeper Monitoring)

    Amateur/Private Individual:
  1. Intelligence - Active
  2. Intelligence - Passive
  3. Surveillance - Active
  4. Surveillance - Passive


 Any comments or questions regarding this specific page?

 Please feel free to sign our Guest Book

Web Page
How did you hear about this page

| Home| What is TSCM| Types of Bugs| Warning Signs You're Bugged|
| How To Behave if Bugged| TSCM Threat Levels| How To Engage a TSCM Firm|
| Qualifications| TSCM Protocol| Bug Frequencies| Phone Taps and Bugging|
| Signal Analysis| TDR Analysis| TDR Tutorial| Wiretapping| Training | Tools|
| Equipment| OSC-5000| Kaiser| Riser Bond| Avcom| Search Rcvrs|
| Outside Links| Recommended TSCM Books| TSCM Reference Library|
| Recommended U.S. TSCM Firms| TSCM-L Mailing List|


Copyright © 2001, James M. Atkinson