Glossary of Surveillance Terms

The following list explains many of the technical terms used in the world of surveillance, counter surveillance, eavesdropping, TSCM, state sponsored espionage, corporate espionage, cyber espionage and cyber security:


An Agent is an individual engaged in espionage activities.

Advanced Persistent Threat

Advanced Persistent Threat (APT) is a prolonged, targeted cyber-attack in which the intruder gains access to a network and remains undetected for a prolonged period of time. APT attacks are used by assailants to monitor network activity and steal data, rather than to cause outage and damage to the target network or organisation. APT attacks usually target organisations involved in national defence, finance or manufacturing as these organisations normally deal with high-value information, including intellectual property (IP), military secret plans and other data from governments and enterprise companies. The aim of most APT attacks is to gain and maintain ongoing access to the targeted network rather than to get in and out as quickly as possible. Due to the great deal of resources and effort that generally goes into carrying out an APT attack, hackers typically target high-value organisations like nation-states and large companies with the ultimate goal of stealing information over a long period of time.


APT is Advanced Persistent Threat. For more details please refer to the Advanced Persistent Threat description.


BECCA is the Business Espionage Control and Countermeasures Association. BECCA was set up to research and exchange information with BECCA Members about business espionage, corporate espionage TSCM and other eavesdropping countermeasures; to establish and encourage a code of ethics within the profession, and to promote a professional image within the business community through the Certified Confidentiality Officer (CCO) programme.


BMS stands for Building Management System.  For further information see Building Management System.


Bug is a commonly used term to describe an eavesdropping device or covert listening device. Bugs are often small and concealed within an everyday item like a phone charger, a plug socket, a computer mouse or other similar objects. A bug will generally consist of a covert microphone and or covert camera combined with the ability to either store the captured audio and or video for later retrieval by the eavesdropper or forward transmit the captured audio and or video to the eavesdroppers location.

Bug Detecting

For Bug Detecting, see Bug Sweeping or TSCM Inspection.

Bug Sweeping

Bug Sweeping is a commonly used term to describe a TSCM inspection. Bug sweeping consists of the structured technical and physical searching of an area(s) or room(s) for the presence of eavesdropping devices / covert listening devices.

Building Management System

Building Management System are also called BMS. BMS are the systems which modern buildings have to control and manage the various functions of the building including air-conditioning, heating, cooling, ventilation, lighting, power, fire alarms, sprinkler systems, lifts, access control systems, CCTV systems, emergency systems, evacuation systems, water systems, sewage systems and so on. All of these types of BMS have vulnerabilities which make them a worthwhile target for a would be hacker or cyber eavesdropper.


CCO is the Certified Confidentiality Officer accreditation training programme. The programme covers a wide range of security subjects based around business espionage / counter espionage and once passed the exam the student is allowed to display the CCO postnominals.

Contact Microphone

Contact Microphones are often used in covert surveillance when direct access to the target room is possible for the eavesdropper. Contact microphones do not have a diaphragm to pick up the target audio but instead pick up the sound by being directly in contact with a wall or other large flat vibrating surface directly adjacent to the target room.


Countermeasures in this case refers to actions taken to counter eavesdropping or surveillance threats. Countermeasures can range from conducting TSCM inspections of various locations including buildings, rooms, areas, cars, jets or yachts to find eavesdropping devices / bugs to then simply implement protective security controls and reduce the risk of a successful hostile surveillance attack.

Counter Surveillance

Counter Surveillance is the process and subject of taking specific actions to stop unwanted surveillance of a location or person.

Covert Microphone

A covert microphone is a specially designed microphone used to eavesdrop on a target room, area, person or conversation. This type of microphone is usually very small with excellent audio collection capabilities to make it easy to hide and very effective in collecting the target audio for the eavesdropper to listen to.

Cyber TSCM Inspection

A Cyber TSCM inspection is a Cyber Technical Surveillance Counter Measures inspection. This is the correct professional term used to describe the structured technical and physical searching of an area(s) or room(s) for the presence of data eavesdropping devices and hardware back doors like 3G / 4G / 5G modems connected to IT systems or BMS systems.


Debugging is a commonly used term to describe Bug Sweeping or a TSCM inspection. For further details please refer to TSCM inspection.

Drone Forensics

Drone Forensics is the term used to describe the forensic processing and examination of drones or Unmanned Air Vehicles (UAV’s). The process includes exhibit handling, imaging and analysis of all data stored on the drone or UAV. Drone forensics is being used more and more as the criminal use of drones and UAV’s increases.


Espionage is the practice or act of spying. Espionage is sometimes conducted by governments on other countries to gain information and intelligence about military, financial or political secrets or by corporations against competitors to gain knowledge of confidential business plans or intellectual property.

GSM Detector

A GSM detector is generally a basic passive handheld Radio Frequency (RF) signal detector which is tuned to detect RF signals in the frequency bands where GSM transmissions take place. The problem is that these devices have no way of knowing whether they are detecting the transmission from an eavesdropping device in the room being searched or someone on the phone going past the building in transport or on a phone call two floors above or below the room being inspected. GSM detectors also have no ability to detect an eavesdropping device or phone that is not in an active call, which is the state that most GSM eavesdropping devices are in virtually all of the time. This means GSM detectors have very limited use on a TSCM inspection. There are advanced systems called Active Cellular Detection Systems.

Hidden Microphone

Please see Covert Microphone description.

Infiltration Operation

An Infiltration Operation is an intelligence operation where an undercover operative physically enters a target area, in such a manner that their presence and or true affiliation / identity will remain undetected. This is a surprisingly common form of espionage and the unwitting targets of this type of operation are then socially engineered to gain information on what is going on at the site.

Physical Penetration Testing

Physical Penetration Testing is the structured testing process used to test the effectiveness of security controls of sites, buildings and other locations like yachts. The testing is split into various phases and the results are reported to the Client along with coinciding recommendations of remediation which if actioned will reduce risk where vulnerabilities were identified.

Red Teaming

Red Teaming is another term which is used to refer to Physical Penetration Testing. Please see Physical Penetration Testing description for further details.

Satellite Phone Blocker

A Satellite Phone Blocker blocks the parts of the L-band radio spectrum used by satellite telephones by emitting a modulated radio signal sweeping over the band which drowns out local reception from the satellites thereby stopping the satellite phone from communicating with the satellites.


SITREP is the abbreviation of Situation Report. This is a term which originates from military use but is now more widely used by others and means to give a report of what is currently happening.

Spare Pair

The term Spare Pair describes two unused wires within a cable in a location where the unused two wires can be used to transmit audio, video or data from a covert microphone, telephone tap or other eavesdropping device to a listening post or to another transmission device which can then forward the audio on to another location for collection or review.

Telephone Tap

A Telephone Tap is equipment or software used to intercept or eavesdrop on both sides of a targets phone calls.

Tiger Testing

Is a term which is used to describe Physical Penetration Testing. For further information please see the Physical Penetration Testing description.


TSCM is the acronym which stands for ‘Technical Surveillance Counter Measures’. TSCM is the process and science of protecting a target location / person(s) / communications / discussions / data from eavesdropping.


TSCMi is the Technical Surveillance Counter Measures Institute. The TSCMi is the global Institute and trade body for the TSCM sector. It has members from around the world from both the government and commercial sectors and its aim is to raise standards of professionalism in TSCM.

TSCM Institute

The TSCM Institute is the Technical Surveillance Counter Measures Institute. Please also see the description for TSCMi.

TSCM Inspection

A TSCM inspection is a Technical Surveillance Counter Measures inspection. This is the correct professional term used to describe the structured technical and physical searching of an area(s) or room(s) for the presence of audio / video eavesdropping devices.

TSCM Survey

Please refer to the TSCM Inspection description.

TSCM Sweep

Please refer to the TSCM Inspection description.

Watcher Team

A Watcher Team is a team of operatives assigned to keep constant surveillance on a specific target individual or location.

Wire Tap

A Wire Tap is equipment or software used to intercept or eavesdrop on both sides of a targets telephone conversations.

Wire Tapping

Wire Tapping is a term used to describe the remote interception of both sides of a telephone conversation using telephone interception equipment of a telephone eavesdropping device.