In our digital age of tech-savvy adversaries, we forget that there is a need to use old-school physical surveillance of a target. Many organizations use surveillance teams, either internal to government agencies or externally hired to perform a specific task. The targets of these groups range from terrorism suspects to people accused of bogus insurance claims.
While most people think that they will never be under surveillance, some professions increase this likelihood. For example, if you are a journalist who only meets your sources face-to-face, you may become a target for surveillance, especially if the source is a whistleblower or has information that his employer would prefer not to give. Also, do not consider the possibility of spying on a hacker, pentester, speaker or DEFCON participant incredible.
These surveillance teams are not lone private investigators sitting in their car at the end of the street you live on, but highly trained individuals whose job it is to remain undetected. They observe, identify your contacts, and document everything they see or hear. They tend to look like people you wouldn't be able to describe if asked. Their surveillance methods have changed very little over the decades because these methods actually work.
This report focuses on the mobile and foot surveillance techniques used by such groups. The speakers will advise how to determine if you are being watched, and how you can make life difficult for these observers.
I will note that new surveillance students like to use unofficial uniforms. It seems like they all dress differently, but they look the same, like in this slide - blue jeans and black jackets.
This is how they were dressed on the first day of training. However, having gained experience and knowledge, they will stop dressing this way. While on foot surveillance, operatives must keep each other in touch. To do this, they use wireless headphones - capsules that are inserted into the ear and which cannot be seen from a distance. If you have big ears like me, you won't see anything until you get very close to the observer.
You need to receive signals on your earphone, and for this they use an antenna - an induction loop in the form of a wire with a microphone that is worn around the neck.
The data antenna is usually located under clothing on the back and hung over the shoulders so that it forms a T-shaped outline. On the slides you see such an antenna and a complete set for radio communications for foot observers.
It's all hidden under clothing, so you won't see any buttons under the sleeve or wires sticking out of your ear. The kit is worn in a special vest, on one side of which there is a radio, and on the other - batteries, to save space and be comfortable to wear under a regular shirt.
Let's talk about clothes. Observers will use camouflage by changing their appearance. This slide shows very old photographs from the archives of the Stasi, the secret police of the GDR. It is quite possible that members of the surveillance group will still use wigs, fake mustaches and dark glasses today. Sometimes it looks comical, but this change in appearance works.
SecuritySense: we are talking about the fact that thanks to the change in the outlines of the figure, the guys on the slide look completely different, despite wearing the same shirts. We change the contours of our figure and very easily disappear into the crowd.
Agent X: One of the problems with changing the observer's appearance is the limited time for such manipulations. People who are being spied on remember their pursuers very well. And here a mistake often occurs when the surveillance operator completely changes his appearance, but leaves his favorite comfortable pair of shoes. If you are traveling on public transport, consider your fellow travelers carefully. You will be able to easily spot a part of the observer's clothing that has not changed.
SecuritySense: think about how often you look at men's shoes?
Agent X: people love their wristwatches and get used to them, and ex-military people love to wear tactical models. Such observers often forget to take them off when their appearance changes, so if you see a suspicious person, take a closer look at his watch. They may be the same as those of the person who was stalking you, who previously looked completely different. The same applies to jewelry - wedding rings, necklaces, earrings.
Let's assume the observers are behind you. What will they do?
Most likely, they will implement the standard ABC surveillance pattern. Here there is direct visual observation, in which there is always only one person A directly behind the target, who keeps the target in sight. He is followed by a second observer B, ready to go in the opposite direction if necessary if the target turns around and goes back. In this case, the first observer will let her pass by him and move on, and then, when the second observer takes his place, he will turn around and take his place. The third observer C follows parallel to the target on the opposite side of the street or along a side path, slightly behind the target so that if he turns his head to the side, the pursued person would not be able to see him. This scheme cannot be implemented with one or two observers.
The target then turns a corner, stops, and waits to see if anyone is following him. Observer C on the opposite side of the street sees this and informs the immediate pursuer of target A that she has stopped moving. As soon as the observed person continues the route, Agent C will report this and the pursuit will resume. In this case, agent A, following immediately behind the target, crosses to the other side of the street and takes the role of agent C, agent C crosses the street and settles down immediately behind the target, playing the role of A, and agent B continues to remain behind everyone.
Having reorganized in this way, the group will continue to observe the target. There can be 14 or 15 people in a surveillance group, and they will constantly change their location to limit the target's ability to detect surveillance.
In such a situation, you, as the person being observed, can use anti-surveillance techniques, taking advantage of the details of the environment. Your goal is to detect surveillance without showing your pursuers that you have detected them. One example is the mirrors in the subway, in which you can see the observer without turning your head or looking back. At the same time, you control the observers and can do what you want, getting rid of the “tail”, or when the “tail” loses sight of you.
Shop windows should be used on the street. These are excellent “mirrors” that reflect everything that happens behind you or even on the other side of the street. This way you can detect the “tail”, which is not immediately behind your back, but at a considerable distance. If you spot the same person on the other side of the street several times, he is probably spying on you.
SecuritySense: The CIA also trains its agents in counter-surveillance, so you should take their techniques and make full use of the urban environment. Learn to take advantage of street mirrors, find points where radio communication is lost, look in shop windows. They teach observers both surveillance and counter-surveillance routes.
Agent X: so you have to manage their choices. You must force them to follow the routes you suggest and visit the places you choose. If you are in a large shopping center, use the escalators. It is quite natural for a person on an escalator to turn his head around, look around, look up, etc. This will allow you to see suspicious people on the lower floors.
We all use mobile phones, so it begs the question of why phone booths might be needed. A telephone booth is an opportunity to stop and look around. Surveillance agents know that if the target stops, they need to stop moving too and keep you in sight. At the same time, they themselves need to hide somewhere - in the nearest store, cafe, etc. So use phone booths to force them to seek cover.
SecuritySense: this is called "cover for action." You can force them to try to trace your call, that is, force them to take some actions not included in the plan. In this case, your behavior will look quite natural.
Agent X: Let me remind you again - you can use natural “bottlenecks”, such as a deserted narrow street or an underground passage. You walk down a one-way dead-end street, at the end of which there is a lonely cafe where only regulars come in. Therefore, any person following you will immediately attract attention. You can choose the only route that gets you from point A to point B, and observers will be in a quandary. They will be forced to use detours or follow directly behind you, risking attracting attention to themselves.
You may make unexpected decisions by visiting unusual places. For example, a man will never go to a cosmetics store unless he is buying something for his girlfriend. If you walk into a store like this and another guy follows you in, it will pique your interest.
However, if there is a woman on the observer team, they can send her without arousing your suspicions. The only place she can't follow you is the men's room. I repeat: force them to make decisions and think about why you came here. This may or may not be obvious. During the Cold War, there were hidden places in toilets where people would put data or take away secret information, and this was convenient because no one would follow you into the toilet stall. So you can use the toilets to your advantage - if someone follows you there, it will be easy to spot them.
Let's consider elevators. By entering the elevator, you force your pursuers to make a decision: place someone next to you in a cramped metal booth or quickly run up the 3-4 floor stairs to catch up with you. Don't pay attention to what they show in the movies - no one is able to run 15 floors to meet you at the very top.
If someone gets into the elevator with you, this is a great way to engage with them while using your British accent: “Sorry, my watch has stopped, can you tell me the time?” Speaking about the British accent, I mean that there are amazing accents that we are familiar with from Hollywood films, they are very memorable (an excerpt from the film is shown on the screen).
So, we come to the topic of creating a hostile environment for the agents pursuing you. This is not Afghanistan or the Los Angeles suburbs, this is something that can be used as an advantage. Remember that observers always carry a radio communication kit and should wear enough clothing to cover it. Therefore, they will not follow you into the pool and will not go with you to the Turkish baths.
You can lead them astray by pointing them in the wrong direction. They are watching you to determine who you interact with, who you date, so use that to your advantage. When you meet someone on the street, shake their hand. Agents may think you passed something on to your partner. For example, when I meet my friend Trevor for a milkshake, we always hug each other.
And I’ll say it again - use your environment! When visiting a cafe, you choose where to sit. If you are reading a newspaper, when you finish reading, fold it, put it on the table and leave the cafe.
SecuritySense: Consider that this is what you “inherited.”
Agent X: observers are now forced to decide what to do if you left something important inside the newspaper. The surveillance team will be forced to send one of the agents to the cafe to inspect the newspaper you left behind. If there are several of them, then half of the team will go to the cafe, and the other half will continue to follow you. In this case, you will win by dividing the chasing team and forcing it to play by your rules.
You can also use the dress-up trick. Remember that before a target is spotted, observers are given a description of what it looks like. Let's say that a team of observers is following you for 6 hours, and all this time you have this red cap on your head.
To throw them off the scent, you can change your appearance. I'm not saying you need to carry a suitcase full of wigs and fake mustaches. Take your bag with you, take off your coat and put it there, take off your hat, and by doing so you will already change your appearance.
You may say that these are all “old school” techniques and this doesn’t happen anymore...
SecuritySense: Don't forget - shit happens everywhere and always!
Agent X: on the next slide you see Richard and Cynthia Murphy. They had a small house of their own, two small children and lived in a small town in New York State. Their neighbors considered them very nice people, but in reality they were Vladimir and Lydia Gureev, deeply secret Russian spies.
They entered the country in the late 80s and early 90s, and their children were born in America. The Russians staged a very long operation, but as soon as the Gureevs came to the attention of the FBI, they began to quickly develop this married couple. As a result, they managed to uncover a network of 10 deeply hidden Russian agents.
SecuritySense: look how unhappy the people look in this picture!
Agent X: it's because they got caught. The FBI had been monitoring these people for almost 10 years. Surveillance is a long game because the intelligence agency is not interested in these people themselves. The FBI is interested in their environment, the entire network of agents, their bosses, all members of the spy team.
SecuritySense: all surveillance schools operate from the same textbooks, and the Soviet, sorry, Russian surveillance system is no different from the American one. Everywhere agents use the same techniques, because nothing better has yet been invented, they have the same makeup, the same equipment. Nobody in this area is going to “reinvent the wheel” and use what old school surveillance has created.
Agent X: The interesting part of this operation began after the US deported all these spies from the country. The FBI released video footage of the surveillance. As you can see, the filming is being done from a very strange angle, because the hidden camera is located in the tree trunk and is directed downward. We see a man bending down, raking leaves and taking a package out of an old mailbox lying in the ground. He must act very quickly, not dig anywhere, so as not to attract attention, which is why such a convenient container was used for the parcel.
At this point, the surveillance team uses the video camera image, and then, as soon as the person moves away from the excavation site, they move on to regular surveillance. Here the agents took advantage of surveillance technology. But such a mailbox can only be used once, because when you return to it, there may already be a camera installed there.
SecuritySense: look further - this is completely normal, and we all do this when we walk in the park. We cross the bridge, go down under it and take something out of it (laughter in the audience).
Agent X: children often play like this.
SecuritySense: that's it. The following video shows how carelessly they work. And these are people whose lives are at stake and who have been engaged in espionage for 10 years!
Agent X: This is a stairwell on a busy street. You see two men walking up the stairs towards each other. They have identical packages in their hands, and meeting in the middle of the stairs, they exchange them. This is a classic of the genre (laughter in the audience).
SecuritySense: There's nothing unusual about that either, is there? I always do this when I use the underpass in New York: “hey man, here's my grocery, fancy products, let's switch!” No, this guy is not a spy at all!
Agent X: indeed, he needs to continue his studies at spy school! This video shows a man on the subway. He turns his head, looking into the tunnel, as if a train could appear from any direction. I don't know how long the FBI filmed it, maybe they edited the recording later. The man disappears from the frame, then reappears on the platform, as if he was just there to hang out. Next, the camera filmed a scene similar to the previous one - the same man climbs up the stairs from the subway, meets with some guy and opens his backpack. He snatches some papers from him, takes them and hides them in his bag as he goes. The men disperse - one goes up, the other goes down in the subway.
SecuritySense: you see with what carelessness they do all this. This is probably a characteristic feature of Russians.
Agent X: remember what I said - you have to manage your environment. When you enter a cafe, you choose a place from which you can see the whole environment.
SecuritySense: The target of FBI surveillance is the two guys in the middle of the frame.
Agent X: what they are doing looks very suspicious - they are exchanging the contents of their bags at the side of the table, so it is clearly visible. These images were taken by a hidden video camera located inside a bag lying on a nearby table, approximately 6 feet from the target. We see that Russian agents not only did not take advantage of the environment, but also allowed observers to approach them at the distance required for filming.
SecuritySense: the observation group was located quite close to the target. I mean that this is a dangerous distance at which you can get burned. Another person's leg is visible in the footage, and I think there were at least 3 FBI agents in the cafe, but none of them were spotted by those observed.
Agent X: We can't cover every aspect of countersurveillance in 45 minutes, so I'll try to summarize the above. So, if you are being followed, use your environment, control the situation, choose where to go to get them to follow you. There is no need to show up where they are waiting for you.
SecuritySense: You yourself can set the pace of the chase, because you are the leader, so lead this race! Vary this tempo as you wish.
Agent X: make unexpected decisions. This will force them to make a choice, disrupt their plans, create confusion, and force them to make mistakes. You make decisions that are beneficial for yourself, they are unprofitable for them. This way they can reveal themselves and fail the surveillance.
The best thing is if you can follow the principle of “divide and conquer”. You can divert their attention in the wrong direction and split the team so that only half of the observers are acting against you.
Always make toast! (the speaker is referring to the picture from the first part, where the degree of “heating” of the surveillance is demonstrated using the example of toasting). If you find yourself the target of stalking, try to do something you wouldn't normally do. Anyone present probably wouldn't want to be under surveillance. If you are going to meet someone, then try to organize the meeting in some special way.
The final rule is that if you suspect you are being monitored, cancel your scheduled appointments. If you don't do this, you could drag someone else into the surveillance circle.
Everything we have said here is in the public domain. I have not revealed any secrets, so please do not arrest me when I leave your country.
SecuritySense: yes, everything you heard can be read in books about surveillance.
Agent X: If you have any questions, you can ask us in the recreation area. Thank you for your attention!
Some ads 🙂
Thank you for staying with us. Do you like our articles? Want to see more interesting content? Support us by placing an order or recommending to friends, , a unique analogue of entry-level servers, which was invented by us for you: (available with RAID1 and RAID10, up to 24 cores and up to 40GB DDR4).
Dell R730xd 2 times cheaper in Equinix Tier IV data center in Amsterdam? Only here in the Netherlands! Dell R420 - 2x E5-2430 2.2Ghz 6C 128GB DDR3 2x960GB SSD 1Gbps 100TB - from $99! Read about
Source: habr.com