FaberBrent_Drilling_1_image.jpg

Drilling

Drilling is the process of performing drills to establish what kind of data leak you may be suffering from. For this to be successful you must keep total compartmentalisation of the process and be both disciplined and patient for results.

Be cautious, the bad guys are aware of drilling so this must be a natural process to succeed. Do not make anyone aware you are suspicious.
 
Something ‘interesting’ should be information irresistible to the potential eavesdropper; spurious redundancies are very good for a business environment as are spurious love affairs for a personal environment.
 
Drilling is a process of elimination so be careful not to cover two potential threats with one drill.
 
Drilling is just one of many techniques to discover data leaks.
 
A little bit paranoid is nearly always better than a little bit complacent
 
  • To check for email monitoring - On an unrelated computer set up a random free email account (internet cafĂ©’s are good for this). Send an interesting email from your regular account to your new account and wait to see if any of it gets back to you
  • To check for Spyphone software - Pre-arrange a call and/or SMS with a trusted partner (choose carefully or contact us for help). Make the call and/or send the message (containing something interesting) and see if any of it comes back to you
  • To check individuals for leaks - Provide one false piece of unique interesting information per person (one to one conversation, not in a known location) and wait to see if any of it comes back to you
  • To check for phone bugs - Pre-arrange a call with a trusted partner (choose carefully or contact us for help). Make the call, discuss something interesting and see if any of it comes back to you
  • To check for GPS tracking - Make a journey to somewhere interesting and see if your movements come back to you
  • To check for room bugs - Whilst on your own (in the room you are concerned about) simulate a phone call without actually making a real call. Discuss something interesting and see if anything gets back to you. NB. This may also detect acoustic leakages; in other words the secretary outside can hear everything that goes on in your office
  • To check for vehicle bugs - Whilst on your own (in the vehicle you are concerned about) simulate a phone call without actually making a real call. Discuss something interesting and see if anything gets back to you
  • To check for intruders - Create an interesting document and leave it on your desk overnight. Wait to see if any of it comes back to you