Surreptitious audio surveillance: the unknown danger to law enforcement.
What had happened? No one except the officers involved knew the arrests were imminent. To communicate among themselves, the officers used only encrypted radio transmissions. Prior to the execution of the warrant, not even the police had known the location of the arrest sites; the suspects should have felt safe. The authorities could offer no explanation. Is it possible that the suspects had used computers to surreptitiously eavesdrop on the officers during the execution of the warrant? It is not only possible but also extremely likely.
Amazingly powerful, low-cost computer systems that only a few short years ago would have been unthinkable now are readily available. Such computers are sold at mass-market outlets in virtually every American community. In the hands of criminals, however, these inexpensive, easily obtained computers can be used as effective, remote-controlled surreptitious audio surveillance devices?
Compounding such a truly disturbing situation is the fact that law enforcement remains generally unaware of this newly discovered threat. However, by understanding the manner in which criminals easily can construct and employ remote-controlled surreptitious audio surveillance devices, law enforcement officers can take steps to avoid being exploited by such criminal activity.
WHAT EQUIPMENT DOES IT REQUIRE?
Little or no technical expertise is needed to convert a readily available computer equipped with sound capability, a modem, and the appropriate software into a device that will allow the surreptitious interception of any audio generated within its proximity. After the computer captures the intercepted audio, it can transmit the conversation anywhere in the world via landline or cellular telephones in a reasonably clandestine manner.
The builder of a remote-controlled surreptitious listening device first needs to equip the computer with sound capability or a sound card and microphone. If the computer does not have a built-in sound card and microphone, both can be purchased for relatively little cost and easily installed. The builder connects an external microphone to the signal input jack of the sound card on the back of the computer. To make detection more difficult, the builder may install the microphone inside the computer. Moreover, some builders install the microphone inside a piece of nearby equipment and then connect the microphone to the sound card in the computer. This latter approach removes the amount of possible internal ventilation fan noise from being picked up by the microphone. Additionally, with the appropriate software, builders can intercept and encrypt the audio.
Second, the builder needs a modem, a device that converts the digital format of information in computers to analog information suitable for transmission via a standard telephone network. Relatively inexpensive and easily installed, modems work well with either landline or cellular telephones, which means that locations without telephone lines remain equally capable of supporting such surreptitious audio surveillance systems.
Last, the builder requires two main software programs to convert the computer into a remote-controlled listening device. One program allows the remote-controlled operation of the computer, while the other captures the audio. A number of software packages permit full operation of one computer by another (which can be located anywhere in the world) via a standard telephone connection. Remote-control computer programs cost relatively little, and some may be free via the Internet.
Computer programs designed to capture audio vary in price and sophistication. Some can be downloaded from the Internet for a small fee, while others are professional-grade audio analysis and enhancement programs costing several hundred dollars. Although criminals may sneer at price consideration, most law enforcement agencies cannot.
HOW IS IT DONE?
Once the criminals have their computers installed with the appropriate hardware and software applications and placed at various sites in their territory, they use security alarms to alert them whenever their protected area has been penetrated. The target computer has remote-control software constantly running to allow it to be contacted and subsequently controlled by another computer through the telephone network whenever the criminal detects an area intrusion, calls by telephone, and enters the correct access. code.
When an alarm indicating a security breach is received, the criminals immediately call via a standard telephone and remotely take control of the computer located in the area designated and protected by the alarm. The telephone does not ring, the computer does not beep, and with the monitor turned off, no flashing lights indicate the computer has been accessed. The criminals execute the sound-processing program and start capturing audio, which can be stored on a disk and sent to a remote location either immediately or later. If the audio received at the remote location is not clear, it can be improved with analysis and enhancement software.
WHAT ARE THE CONSEQUENCES?
Dangerous situations may arise if law enforcement officers become the victims of surreptitious audio surveillance. In the hypothetical scenario at the beginning of this article, the drug dealers opted to flee the scene; however, they could have chosen a different approach - to ambush the officers. Also, during the execution of the search warrant, officers might have said something inappropriate or detrimental to their case. Regardless of the outcome, surreptitious audio surveillance can have a far-reaching impact on law enforcement.
Setting up a surreptitious audio surveillance system is not particularly complicated, and the cost is not prohibitive. Therefore, the immediate problem for law enforcement is to determine those individuals who would create such systems not only as a means of circumventing the illegal possession of eavesdropping equipment,(2) but primarily as a way of turning such systems against law enforcement. Instead of using such systems as simply a warning device to protect their illegal activity, some criminals, terrorists, and other antisocial individuals may use these systems to manipulate law enforcement.
WHAT CAN LAW ENFORCEMENT DO?
The solutions and preventive measures to combat this new threat are in their infancy and not well defined due to the incipient nature of such a new and rapidly changing menace. However, law enforcement can begin to counteract this new danger by educating officers and managers about the problem and recognizing that computer technology is changing law enforcement procedures. Top managers need to make this problem a priority in their departments and work with other agencies and industry professionals to cultivate the environment necessary to produce viable countermeasures.
The law enforcement community must realize that the first officers at a crime scene play a crucial role in thwarting these surreptitious listening devices. These officers must know what to look for and what to report to their superiors. For example, if the officers discover that certain criminals are attempting to use remote-controlled computerized audio intercept against them, and the suspects are unaware of the officers' knowledge, the officers can use these devices against the criminals. Knowing that the criminals can hear everything they are saying, the officers can take control of the situation and lawfully use the illegal surveillance device to their advantage. However, law enforcement management must develop and implement effective procedures for these officers to follow.
Moreover, whether responding to a radio call, executing a warrant, or participating in other related activities, first-arriving officers should not simply turn off the suspect's computer as a "quick-fix" technical surveillance countermeasure. This approach could result in evidence being destroyed.(3) No one should touch the suspect's computer until after it is examined and cleared by the agency's computer crime investigators. Agencies that do not have their own computer-trained investigators can locate and obtain assistance through such sources as the Federal Computer Investigations Committee, the Florida Association of Computer Crime Investigators, and the Law Enforcement Electronic Technical Assistance Committee of Brevard County, Florida.(4)
Additionally, officers should consult with their agency's legal advisor or the area's local prosecutor to address any liability issues that might arise involving unknowing and innocent users of the suspect's computer. Finally, it is virtually impossible to look at a computer and determine that it is being used as a surreptitious audio device; therefore, everyone from patrol officers to top managers should be circumspect in their conversations when in the vicinity of any potentially remote-controlled computer.
The ever-increasing advances in computer technology are subjecting law enforcement officers to many new and unknown hazards in a profession that has always been full of inherent, yet generally well-known, dangers. As with other societal improvements throughout history, the majority of technological advances have been developed with the intent of enhancing the community. However, law enforcement must confront those situations where individuals with criminal intent use those advances for their own nefarious purposes.
Remote-controlled computers are becoming another weapon in the criminal arsenal. Law enforcement agencies must work together to recognize this problem, alert their colleagues to the new danger, and pursue efforts to prevent future occurrences. Industry professionals should be included in such endeavors and encouraged to make security issues a priority. It is the duty of law enforcement to attack this new danger with the same commitment and vigilance that it always has shown when faced with situations that have threatened its officers and the citizens they are sworn to protect.
1 18 U.S.C. [section] 2510-2521.
2 18 U.S.C. [section] 2512 (119)
3 When law enforcement officers are executing search warrants, they must remember that paper documents are no longer the only method of transmitting information. Search warrants should include computer hardware and software items as needed.
4 The Federal Computer Investigations Committee (FCIC) can be contacted through Mr. James Graham, Assistant State Attorney, Brevard County, Florida, at 407-617-7510. The Florida Association of Computer Crime Investigators (FACCI) can be contacted through its Internet site at www.atlantic.nel/~fdle-cer. The Law Enforcement Electronic Technical Assistance Committee of Brevard County, Florida, can be contacted through its cochairmen: the above-listed Mr. James Graham; Cocoa, Florida, Chief of Police David Crawford at 407-639-7620; or Titusville, Florida, Police Department Detective David Edens at 407-264-7812.
Mr. Charles W. O'Neal, retired chief of the Internal security office at the National Aeronautics and Space Administration, currently volunteers his technical expertise and guidance to the law enforcement community.
|Printer friendly Cite/link Email Feedback|
|Author:||O'Neal, Charles W.|
|Publication:||The FBI Law Enforcement Bulletin|
|Date:||Jun 1, 1998|
|Previous Article:||Mobile data access increases officer efficiency.|
|Next Article:||Community policing: the process of transitional change.|