|
|
| Donate for the Cryptome archive of files from June 1996 to the present |
24 December 2002
These two reports describe TEMPEST deficiencies in a US Army Signal Battalion facility. Note the differences between the two reports, dated 10 months apart, for technical security scope and types of threats examined. The first addresses telephonic, audio, audio vibration, and transmission line leaks and clandestine devices, while the second covers those of the first as well as electronic, radio frequency and building element transmission leaks. This latter scope is closer to what is publicly known of current technical security and TEMPEST countermeasures. The US Army regulation cited below, AR 381-14, Technical Surveillance Countermeasures (TSCM), remains classified Secret.
In response to a 1999 FOIA request the National Security Agency released to Cryptome several declassifed TEMPEST documents:
http://cryptome.org/nsa-tempest.htm
Another report from this dossier on TEMPEST leaks: http://cryptome.org/tempest-leaks.htm
Another dossier in the released INSCOM material describes the investigation of a passive acoustic cavity resonator found in a military facility which had been unrecognized by users of the facility for several years. Most personnel inteviewed who recalled the object thought it was a discarded machine part of no signficance. The device's origin was never determined.
Surreptitious cavity resonators are passive and emit no identifying signals. They are shaped to acquire and reflect electromagnetic emanations of equipment, either constantly or when "illuminated" by a receiving device. They are customarily camouflaged as innocuous objects or concealed within unsuspicious objects.
A cavity resonator discovered in the Seal of the US Embassy in Moscow, a gift of the Soviets, was planted to listen and transmit data when "illuminated" by its operators. The book Spycatcher describes cavity resonators planted by the United Kingdom in several communications facilties of allies and foes.
Source: FOIA material received from the US Army Intelligence and Security Command, November 25, 2002. Excerpted from Dossier ZG000495W, Corps Communication Center, pages 31-41.
[11 pages.]
DOWNGRADED AT 12 YEAR INTERVALS
NOT AUTOMATICALLY DECLASSIFIED
DOD DIR 5200.10
REGRADED UNCLASSIFIED
ON MAR 18 1998
BU CDR USAINSCOM FOIPO
Auth Para 1603 DoD5200 1-R
CONFIDENTIAL
DEPARTMENT OF THE ARMY
STUTTGART STATION
766TH MILITARY INTELLIGENCE DETACHMENT
66TH MILITARY INTELLIGENCE GROUP
APO 09154
AEUTMI-O-Q(I&S) 13 MARCH 1970
SUBJECT: Counterintelligence Technical Security Inspection (U)
Commanding Officer
34th Signal Battalion
APO 09154
1. (U) INTRODUCTION: On 10 March 1970, a Coungterintelligence Technical
Security Inspection of the following elements of Headquarters, 34th Signal
Battalion, APO 09154, located in Building 1601, Krabbenlock Kaserne,
Ludwigsburg, Federal Republic of Germany, was conducted by Special Agents
[------redacted------] and [-----redacted-----] Stuttgart Station, 766th
Military Intelligence Detachment:
a. Office of the Commanding Officer
b. Office of the Executive Officer
c. Office of the Battalion Adjutant
d. Office of the S2
e. Office of the S3
A floor plan of the inspected area is attached as EXHIBIT I. The inspection
was conducted to detect the presence of technical surveillance equipment and
to determine the existence of hazards to technical security which would permit
the employment of such equipment, and to recommend technical security measures
designed to prevent successful employment of technical surveillance
equipment.
2. (C)U LIMITATIONS: Counterintelligence Technical Security Inspections
of the type conducted indicate the security status of the inspected area
at the conclusion of the inspection within the capabilities of equipment
and operational techniques employed. Admission to the inspected area of
unauthorized persons or personnel not having proper security clearances,
who are not under the escort of reliable personnel; failure to maintain
continuous and effective surveillance and control of the inspected area;
allowing repairs or alterations to or within the inspected area without
the supervision of qualified and responsible personnel; or the introduction
of new furnishings into the inspected area prior to the completion of a
thorough inspection of such furnishings, will nullify the security afforded
by this inspection.
3. (C)U FINDINGS:
a. The inspection did not locate or indicate the presence of
surreptitious technical surveillance devices.
b. The inspected area is not considered secure for classified confer-
ences or discussions until corrective action has been accomplished relative
to the following hazards to technical security:
(1) Located as listed below are Western Electric Company Model
500 telephone instruments:
(a) Office of the Commanding Officer, one.
(b) Office of the Battalion Adjutant, one.
(c) Office of the S2, one.
(d) Office of the S3, five.
Although the Western Electric Model 500 telephone instrument is considered
the most secure for general use, the instrument is vulnerable to alteration
and modification by personnel involved in the installation and maintenance
of the instrument. The modification of a telepone instrument to establish
an extremely effective listening device requires only a few seconds and is
impossible to detect except by qualified personnel equipped with appropriate
countermeasures equipment.
(2) Located as listed below are standard US Army field telephone
instruments:
(a) Office of the Commanding Officer, one.
(b) Office of the S3, one.
Examination of the instruments revealed that all instruments were functioning
properly; however, frequent use of a field telephone instrument often results
in the retainer switch becoming too weak to hold the handset in the proper
position to cause the line switch to be activated to block audio. When such a
condition exists, one hundred percent audio from the room in which the
defective instrument is located is passed over the length of the telephone
transmission lines. The audio passed may be taken from any point along
the transmission line by attaching a small, commercial, inexpensive
amplifier to the line. Field telephone instruments constitute a constant
severe hazard to technical security even when the handset retainer switches
function properly, as many users are not aware that the handset must be
placed in the cradle firmly to activate the line switch. Additionally, it
is a common misperception that the "push to talk" switch must be depressed
for audio to be passed over the line. The "push to talk" switch only
activates a noise cancelling element of the instrument to aid the person
listening during the conversation. It does not block audio from passing
over the line via the receiver portion of the handset.
(3) Located within the Office of the Executive Officer is a multi-
line telephone instrument, Model STE 120/29, constructed by Telefonbau and
Normalzeit, a German electronics firm. Although a visual and limited
electronic inspection of the instrument was conducted, a thorough electronic
inspection, for the purpose of detecting the more sophisticated clandestine
listening devices, cannot be conducted with the equipment currently available
to United States Intelligence. A photograph of the instrument is attached as
EXHIBIT II.
(4) Located within the Office of the Commanding Officer is an
Intercom Station, Model LS 127/F1, manufactured by Webster Electric Company,
which extends to a variety of speakers which serve as slave stations for the
above mentioned master station. A photograph of one of the above mentioned
slave station speakers, located in the Office of the S3, is attached as
EXHIBIT III. The sub-stations, all of which are of the open monitor variety,
were found to pass one hundred percent audio from the rooms in which they
were located, even though the sub-station was not activated. Additionally,
the entire intercom system utilized existing telephone lines thus causing a
situation wherein each classified conversation conducted within a room containing
a sub-station is passed over uncontrolled transmission lines in the clear.
The audio passed may be obtained from any point along the transmission lines
by attaching a small, inexpensive, commercial amplifier to the transmission
lines, outside of the the headquarters building.
(5) The inspected area, located on the ground floor level, is
vulnerable to attack by clandestine listening devices. The placement of a
very effective listening device against the windows or window frames poses
no problem to a hostile intelligence agent as the outside of the building is
afforded no protection.
4. (C)U RECOMMENDATIONS: In view of the findings, the following recommenda-
tions are made for the improvement of counterintelligence technical security:
a. Reference paragraph 3b(1), above: It is recommended that each
telephone instrument be equipped with a plug and jack disconnect device
situated in a position convenient for use and that the instruments remain
disconnected from the lines at all times the instrument is not in use. It
will be necessary to install a separate ringer for each telephone number to
alert office personnel to an incoming telephone call. It is recommended
that Western Electric Model R1A or ERickson Model KLG 5103-2 ringers be
installed and that the ringers within each telephone instrument be discon-
nected and removed. Paragraph 10b(3), AR 381-14, requires all telephone
instruments located in Secondary Sensitive Areas to be equipped with a
disconnect device.
b. Reference paragraph 3b(2), above: It is recommended that the
instrument be disconnected from the line at all times except when required
by operational activities. It is further recommended that all personnel using
the instrument be instructed that the handset must be replace properly in
the cradle after each use.
c. Reference paragraph 3b(3), above: It is recommended that the
instrument be replaced with Western Electric Company Model 565 multi-line
telephone instrument. In the event that such equipment is not available,
it is recommended that the present telephone instrument be equipped with
disconnect devices and the the instrument be disconnected from the line
during periods of classified and/or sensitive conversations withing the room.
d. Reference paragraph 3b(4), above: It is recommended that the
intercom system be removed. In the event operational necessity dictates
the retention of the system, it is recommended tha appropriate assigned
personnel be made aware of the fact that all conversations conducted within
the rooms in which the sub-stations are located are being passed over un-
controlled telephone lines. The passing of audio by sub-stations is
inherent in intercom systems and constitutes a constant severe hazard to
technical security. While some commercial firms manufacture intercom systems
with built-in safeguards to prevent passing of audio when the system is
not activated, the expense of the instruments precludes their use.
e. Reference paragraph 3b(5), above: It is recommended that an
appropriate responsible individual be appointed to periodically inspect the
outside walls of the inspected area to detect placement of attachments,
wiring, etc., and to determine ther reason for placement of such items.
f. It is further recommended that the hazards to technical security
outline above be included in the initial security briefing of newly
assigned personnel, as appropriate, and that the hazards be made a point of
emphasis in subsequent scheduled security briefings.
5. (U) EXIT BRIEFING: Major Bobby R. Harris, S2/3 Officer, was informed
of the findings and recommendations stated above at the conclusion of the
Counterintelligence Technical Security Inspection.
THOMAS C. WILKINSON II
MAJOR, MI
Commanding
Copies Furnished:
Commander-in-Chief
United States Army, Europe
ATTN: AEAGB-CI(GS)
APO 09403
Commanding General
VII US Army Corps
ATTN: AETSGB-CI
APO 09107
Commanding Officer
66th Military Intelligence Group
ATTN: AEUTMI-OP-I&S(CI)
APO 09108
[Exhibits I, II, and III, 6 pages, omitted here.]
Source: FOIA material received from the US Army Intelligence and Security Command, November 25, 2002. Excerpted from Dossier ZG000495W, Corps Communication Center, pages 275-280.
[6 pages.]
DOWNGRADED AT 12 YEAR INTERVALS
NOT AUTOMATICALLY DECLASSIFIED
DOD DIR 5200.10
REGRADED UNCLASSIFIED
ON MAR 20 1998
BU CDR USAINSCOM FOIPO
Auth Para 1603 DoD5200 1-R
CONFIDENTIAL
DEPARTMENT OF THE ARMY
STUTTGART STATION
66TH MILITARY INTELLIGENCE GROUP
APO 09154
REPORT OF COUNTERINTELLIGENCE TECHNICAL SERVICE
OF
34TH SIGNAL BATTALION
APO 09107
AEUTMI-O-Q(I&S) JAN 14 1971
Commanding Officer, 34th Signal Battalion, APO 09154
Commanding Officer, VII US Corps, ATTN: AETSGB-CI, APO 09107
Commander-in-Chief, USAREUR and Seventh Army, ATTN: AEAGB-
CI(GS), APO New York 09403
Commanding Officer, 66th Military Intelligence Group, ATTN:
AEUTMI-OA-CE, APO New York 09108
Section 1. INTRODUCTION
1. (U) A counterintelligence technical inspection was conducted during
the period of 10 and 11 December 1970 by the following representatives
of Stuttgart Station, 66th Military Intelligence Group, APO New York
09154:
[Redacted] Special Agent
[Redacted] Special Agent
[Redacted] Special Agent
2. (U) The Communication Center, 34th Signal Battalion was considered
by the requestor to be a secondary, sensitive are in accordance with
AR 381-14 (Clas).
3. (U) An examination of records regarding previous counterintelligence
technical services in the area revealed that a previous counterintelligence tech-
nical inspection was completed on 20 February 1970 by members of
Suttgart Station, 66th MI Group.
4. (C)U a. Unless otherwise indicated, this service was conducted to
detect the presence of technical surveillance equipment; to determine
the existence of technical security hazards which would permit the em-
ployment of such equipment; and to recommend technical security sur-
veillance monitoring systems.
b. This service consisted of selected application of comprehensive
visual, physical, audio, electronic, and radio frequency checks and
include an examination of the factors checked below:
(1) All exterior building surfaces, utility poles, wires, and
other associated paraphernalia.
(2) Vulnerability to hostile visual surveillance.
(3) All areas adjacent to the serviced area including those
area above and below.
(4) The interior room areas to include the wall, floor, and ceil-
ing mounted items, furniture, artifacts, and equipment.
(5) The interior and exterior surfaces and internal structure of
walls, floors, ceilings, and other structural objects.
(6) All electric and electronic equipment or circuits and compo-
nent parts of accessories thereof, to include detailed examination of all
wiring and utility channels recesses.
[Section II not used.]
Section III. LIMITATIONS
5. (u) Counterintelligence technical services of the type conducted
indicate the technical security status of the area or equipment examined
at the conclusion of the examination, within the capabilities of the
equipment utilized and the operational techniques emploued. Attention
is invited to the fact that the security afforded by this service WILL BE
IMMEDIATELY NULLIFIED BY:
a. Admission to the serviced area of persons who do not have the
proper security clearance or who are not under proper support.
b. Failure to maintain continuous and effective surveillance and
control of the serviced area.
c. Allowing repairs or alterations to or within the serviced area
without the supervision of qualified and responsible personnel.
d. The introduction of new furnisings or equipment into the serviced
area prior to a thorough examination of such items.
Section IV. FINDINGS AND RECOMMENDATIONS
6. (U) Repeated or uncorrected findings: None.
7. (C)U a. The service did not locate or indicate the presence of tech-
nical surveillance devices.
b. The serviced area does not meet the criteria for a secondary
sensitive area as defined in AR 381-14 (Clas) and is not considered secure
for the discussion of sensitive classified information until corrective
action is taken on the following technical security hazards:
(1) Finding: The electrical wiring within the inspected area
was not strictly limited to the established lighting system and electronic
devices considered essential to the operation of the sensitive area.
(AR 381-14 (Clas), para 10.b.(3))
Recommendation: All excess wiring should be removed.
The electrical wiring in the inspected area should be limited as indicated
above.
(2) Finding: The door of the inspected area is passing audio and
audio vibrations from the inspected area. (AR 381-14 (Clas), para
10.b.(1))
Recommendation: The interior of the door should be covered
with a sound proofing material, such as acoustical tile, or sound proof-
ing drapes. The door between the operations office and the hall door
should be closed at all times.
(3) Finding: The pipes in the following areas are passing audio
vibrations from the inspected areas: (AR 381-14 (Clas), para 10.b.(2))
a. Main Telethype Room
b. Rack Room 26
c. Room 29
Recommendation: The pipes should be covered with sound
absorbant material from their point of entrance to their point of exit and
secured at the inner wall openings to minimize acoustical leakage.
(4) Finding: The air condition exhaust duct located on the south
wall of the Operations Office is passing audio and audio vibrations from
the inspected area when the exhaust motor is not operating. (AR 381-14
(Clas), para 10.b.(2))
Recommendation: A cabinet of sound absorbent material
with a series of internal baffles, or a baffled cabinet with soung ab-
sorbant material attached to the outside should be constructed around
the exhaust motor.
(5) Finding: Two Western Electric Company Telephones, Model
500 which are located in the operations office are connected to a ten
terminal connector block. These telephones are not equipped with De-
partment of the ARmy approved disconnect systems. (AR 381-14 (Clas),
para 10.b.(3))
Recommendation: All telephones in the inspected area
should be equipped with a Department of the Army approved disconnect
system, to include plugs, jacks, and separate ringers. The ten connector
terminal block should be replaced with a single T 41 block that will
accommodate the two lines that are used in the facility.
(6) Finding: The fifteen inch fan in Room 29 with 2 feet of
duct leading to the exterior of the building is passing audio and audio
vibrations from the inspected area.
Recommendation: A cabinet of sound absorbant material
with a seris of internal baffles should be constructed around the in-
tgerior opening of the duct. Sound absorbant baffles should be con-
structed within the duct. Ducts with internal measurements greater tha
eight by ten inches should be secured by metal grates permanently
affixed withing the duct at a maximum distance from the inspected area
and such a location that they may be readily inspected for evidence
of unauthorized tampering.
(7) Finding: The heating duct which runs from Room 29 to the
unrestricted hallway is passing audio and audio vibrations from the in-
spected area. (AR 381-14 (Clas), para 10.b.(2))
Recommendation: This duct should be wrapped with a sound
absorbant material from the point of entrance to its point of exit.
(8) Finding: The air conditioning duct which runs from the
main teletype room to the exterior of the building is passing audio and
audio vibrations from the inspected area. (AR 381-14 (Clas), para 10.b.(2))
Recommendation: This duct should be wrapped with a sound
absorbant material from the point of entrance to its point of exit.
(9) Finding: The ductway which extends from the Communica-
tions Center to the storage closet on the first floor is passing audio and
audio vibrations from the inspected area.
Recommendation: The door to this closet should be secured
with a Sargent & Greenleaf Combination Padlock at all times to preclude
anyone using the area to gain information from the inspected area. The
combination to this door should be maintained by the Signal Officer or
his designated representative.
8. The Commanding Officer is reminded that paragraph 12e,
USAEUR Regualtion 380-5, dated 12 March 1970, requires that this re-
port be indorsed through command channels to CINCYSAEUR, ATTN:
AEAGB-CI(GS), APO New York 09403, with a listing of corrective
action and/or Commander comments for each recommendation made in
this report.
Section VI. EXIT BRIEFING
9. (U) All findings, recommendations, and limitations of service
were discussed during an exit briefing on 11 December 1970 for the
following unit representatives:
TRAINER Leonard L., Major
Ass't VII Corps Signal Officer
KECK Michael A., 1LT
VII Corps Commo Center Officer
GILLIKIN John M., 2LT
34th Signal BN Plt Ldr
BETSINGER Gary W.
Commo Center CIC
[Signature]
DAVID C. UNGERER
MAJ, MI
Commanding
Tp: Stgt Mil (2721) 8357/JEW/mm