TSCM specialist conducting a professional bug sweep with RF detection equipment in a corporate boardroom

Technical Surveillance

TSCM Bug Sweep Services

Technical Surveillance Counter-Measures (TSCM) — professional bug sweeps for boardrooms, executive residences, government facilities, and vehicles. Written report and remediation plan included.

A boardroom conversation, a sensitive negotiation, a government briefing — these are the environments that attract eavesdropping. Technical Surveillance Counter-Measures (TSCM) is the discipline of finding and neutralising the devices, systems, and vulnerabilities that make those conversations accessible to people who should not hear them.

Mission Support conducts professional TSCM sweeps using current RF spectrum analysis, non-linear junction detection, acoustic analysis, and physical inspection protocols. The target is not reassurance — it is a rigorous, documented sweep that either finds what is present or establishes that nothing was found within the detection capability applied.

Every sweep produces a written report: what was swept, what methodology was used, what was found, and what remediation was carried out or recommended. The report is written to a standard that supports internal governance, legal counsel, and regulatory disclosure if required.

Sweeps are conducted discreetly. Personnel travel without visible markings; equipment is civilian-grade in appearance. For high-profile principals, we schedule sweeps during out-of-hours windows or coordinate with existing security routines to avoid drawing attention.

Capabilities

RF Spectrum Analysis (active transmitters, GSM / 3G / 4G / 5G / Wi-Fi / Bluetooth bugs)
Non-Linear Junction Detection (NLJD) — passive and switched-off devices
Acoustic and Laser Microphone Detection
Physical Inspection — furniture, fittings, power infrastructure, smoke detectors
Vehicle TSCM Sweep (GPS trackers, audio/video devices)
Network and IT Infrastructure Tap Detection
Post-Sweep Written Report and Remediation Plan
Ongoing TSCM Programme (scheduled quarterly or event-driven sweeps)

What is TSCM (Technical Surveillance Counter-Measures)?

TSCM stands for Technical Surveillance Counter-Measures — the professional discipline of detecting, locating, and neutralising eavesdropping devices and surveillance systems placed without authorisation in a facility, vehicle, or communications network. It is also called a bug sweep, electronic sweep, or counter-surveillance inspection.

The threat TSCM addresses is both technical and physical. On the technical side: RF transmitters broadcasting audio or video; passive recording devices that store locally and are physically retrieved; GSM bugs that activate on a call; laser microphones that read vibration from windows; network taps inserted into ethernet or telephony infrastructure. On the physical side: concealment locations — power sockets, smoke detectors, ceiling roses, furniture cavities, vehicle wheel arches — chosen to place a device in range of the target conversation while surviving routine cleaning and inspection.

TSCM is not a consumer product or a software scan. It requires calibrated instruments, trained operators, and a sweep methodology that covers both the RF environment and the physical space. A professional sweep produces a written record — what was swept, what instruments were used, what the RF baseline showed, and what was found. An uncertified sweep that produces only verbal reassurance provides no evidentiary value and may miss significant threats.

When do you need a TSCM sweep?

The standard answer is: before any conversation you would not want recorded. In practice, TSCM sweeps are triggered by specific events or by a rolling programme. Event-driven triggers include M&A negotiations, litigation preparation, boardroom strategy sessions, diplomatic meetings, contract negotiations with high-value counterparties, and personnel or partner changes that create a window for device placement.

Programme-driven TSCM runs on a fixed cadence — quarterly or semi-annual sweeps of designated facilities, vehicle fleets, and executive residences — because a single sweep establishes a baseline but does not address the threat that was placed the day after the sweep. Organisations under sustained intelligence interest (governments, defence contractors, critical-infrastructure operators, law firms handling sensitive litigation) treat TSCM as an ongoing control, not a one-off event.

Warning signs that suggest immediate sweep engagement: unexplained changes in RF environment, unusual behaviour from telephony or IT infrastructure, staff reporting sounds on the line, a competitive loss that should not have happened, or a physical security event (break-in, cleaning crew substitution, maintenance access) that could have provided placement opportunity. None of these signals is definitive, but each justifies a sweep rather than an assumption of safety.

How we conduct a TSCM sweep — our methodology

Phase 1 — Pre-sweep briefing. We take a brief covering the space (size, construction, RF environment, IT infrastructure), the threat picture (who has had access, what events are upcoming, whether there is specific intelligence suggesting a device), and the client's governance requirements (what level of documentation is needed, whether legal counsel should be copied on findings). The brief shapes the sweep depth and the instrument selection.

Phase 2 — RF environment sweep. Spectrum analysis maps the RF environment across relevant frequency bands (MHz through GHz) to identify transmitters present in or adjacent to the space. Baseline comparison identifies anomalies against the expected RF profile. GSM, 3G/4G/5G, Wi-Fi, Bluetooth, and proprietary frequency devices are all covered. Spectrum data is logged for the report.

Phase 3 — Physical and NLJD inspection. Non-linear junction detection (NLJD) identifies semiconductor junctions — the hallmark of electronic components — in areas that should contain none: furniture cavities, wall voids, ceiling roses, power sockets, picture frames. Acoustic and laser microphone detection covers windows and glass surfaces. Physical inspection covers all access points, fixtures, and infrastructure runs that provide concealment opportunity.

Phase 4 — Report and remediation. Findings are documented in a written sweep report. Devices found are photographed, logged, and removed or disabled under witnessed conditions. The remediation plan covers both immediate action (device removal) and structural improvement (access control, cleaning protocols, future sweep cadence). The report is retained by the client; no copy is held by Mission Support unless explicitly requested for programme management.

TSCM by environment — where we work

Boardrooms and conference rooms. The boardroom is the highest-priority target for commercial eavesdropping. Any room used for strategy sessions, M&A negotiations, litigation preparation, or board meetings holds information that justifies a surveillance investment by a competitor, counterparty, or hostile state actor. We sweep boardrooms as standalone assignments and as part of facility programmes, establishing an RF baseline after each sweep so anomalies in future sweeps are immediately detectable.

Government and diplomatic facilities. Embassies, consulates, government ministry offices, and international institution premises require TSCM as an ongoing operational control, not a periodic reassurance. The diplomatic environment is subject to state-actor surveillance at a level that commercial entities rarely face — techniques, persistence, and patience are materially higher. Our teams work in diplomatic environments with full awareness of protocol, classification handling, and the discretion these assignments require.

Legal and professional services. Law firms, notaries, and professional advisors handling sensitive client matters operate under legal privilege requirements. A compromised boardroom or client-meeting room creates not just a security incident but a professional liability — potentially voiding privilege and exposing the firm to regulatory action. We sweep legal offices and privileged-communication environments on programme cadences aligned to their case and transaction calendars.

M&A, litigation, and high-stakes negotiations. The trigger events most likely to motivate surveillance investment by an adversary are the ones where the information in play has the highest value: live M&A processes, active litigation, crisis communications, and contract negotiations with adversarial counterparties. We provide pre-negotiation sweeps, venue clearance for sensitive external sessions, and post-incident sweeps where a suspected breach has occurred.

Executive residences and vehicles. Eavesdropping threats do not stop at the office door. Senior executives, board members, government officials, and high-net-worth individuals face exposure at primary and secondary residences and in their vehicles. Residential sweeps cover the full property — not just the principal's office or study — because placement locations are chosen for access opportunity, not the listener's convenience. Vehicle sweeps cover GPS trackers, audio devices, and OBD-port monitoring hardware.

Corporate TSCM programmes. Organisations with a sustained intelligence interest — financial institutions, critical-infrastructure operators, defence and dual-use contractors, large professional-services firms — need more than single sweeps. A TSCM programme delivers quarterly or monthly sweeps of designated sensitive spaces, a maintained RF baseline for anomaly detection, post-incident sweep capability at short notice, and a written audit trail that satisfies regulatory and governance requirements.

Sectors served

Boards & executive teamsGovernment & diplomatic facilitiesLegal & professional services (privileged comms)High-net-worth residencesM&A, litigation, and crisis environments

FAQ

Frequently asked questions

What is a TSCM sweep?+

A TSCM sweep is a professional counter-surveillance inspection that uses RF spectrum analysis, non-linear junction detection, acoustic analysis, and physical inspection to identify and remove unauthorised eavesdropping devices — bugs, audio/video transmitters, GPS trackers, network taps — from a facility, vehicle, or communications infrastructure. The sweep produces a written report documenting what was inspected, what was found, and what remediation was completed.

What does TSCM stand for?+

TSCM stands for Technical Surveillance Counter-Measures. It is the professional term for the discipline of detecting and neutralising electronic eavesdropping — also called bug sweeping, counter-surveillance, or electronic sweep inspection. TSCM is used by government agencies, law enforcement, and commercial specialists; in a commercial context it covers boardrooms, executive residences, vehicles, and privileged-communication environments.

How long does a TSCM sweep take?+

Sweep duration depends on the size and complexity of the space. A single boardroom or executive office typically takes two to four hours for a thorough sweep covering RF spectrum, NLJD physical inspection, and acoustic analysis. A full floor or executive residence takes four to eight hours. Vehicle sweeps run one to two hours per vehicle. Out-of-hours scheduling is available for sensitive environments where the sweep should not be visible to building occupants.

What types of devices does a TSCM sweep detect?+

A professional TSCM sweep covers: RF transmitters (GSM, 3G/4G/5G, Wi-Fi, Bluetooth, proprietary frequency audio and video bugs); passive recording devices (store-and-retrieve, no active transmission); GPS trackers and vehicle monitoring devices; laser and acoustic microphones; network taps on ethernet, telephone, and VoIP infrastructure; and covert cameras (pinhole, hidden behind fixtures). The specific instrument suite is selected against the threat profile of the space and the client's brief.

How often should TSCM sweeps be conducted?+

For most organisations, a quarterly or semi-annual programme covering designated sensitive areas (boardroom, CEO office, legal counsel office) is appropriate. Event-driven sweeps should be added before any high-stakes meeting, negotiation, or litigation phase. Organisations under sustained intelligence interest — government contractors, critical-infrastructure operators, law firms, financial institutions handling sensitive transactions — often run monthly sweeps of primary sensitive spaces plus quarterly full-facility sweeps.

Is TSCM only for governments and embassies?+

No. TSCM originated in government and military environments but is now routinely used by corporate boards, law firms, family offices, M&A advisors, and high-net-worth individuals. Any environment where a conversation has commercial, legal, or personal value that an adversary could exploit is a legitimate TSCM target. Corporate espionage, litigation intelligence, and competitive intelligence gathering through eavesdropping are well-documented threats in private-sector environments.

What happens if a device is found during a TSCM sweep?+

Found devices are photographed, logged with location and description, and removed or disabled under witnessed conditions. The client decides immediately whether to remove the device (ending the surveillance) or leave it in place temporarily (allowing counter-intelligence options). All found items are documented in the sweep report. Mission Support recommends involving legal counsel before deciding on device disposition — particularly where law enforcement notification may be appropriate.

How much does a TSCM sweep cost?+

TSCM sweep pricing is on request — it depends on the number of spaces to be swept, the size and construction of each space, the instrument suite required, travel requirements, and whether a written report is needed (always recommended). Mission Support does not publish day rates; we quote per engagement based on the scope agreed in the pre-sweep briefing. Initial consultation is without obligation.

Contact

Talk to a specialist about this service

We will respond within one business day. Initial conversations are confidential and without obligation.

Request a TSCM Sweep