Many foreign telecommunications companies are owned or controlled by the government. Even those not government-owned or controlled are regulated by the government and will normally cooperate when their government requests assistance in monitoring specific lines.
Under these circumstances, it is easy to intercept and monitor telephone, fax, e-mail, computer, and any other form of electronic communications. A typical communications monitoring scenario might be as follows:
The cost and technology for developing a significant intercept capability is now well within the capability of many corporations, criminal syndicates, or terrorist groups in addition to foreign governments. The equipment for this can be obtained easily by almost anyone.
You must assume that all overseas telecommunications that would be valuable to another government, company, or group will be intercepted, recorded, organized into reports, and reviewed by the persons for whom that information has value. Although that will not be true in every case, the likelihood is sufficiently great that you cannot afford to assume otherwise if compromise of the information would be a significant loss. In most cases, it is virtually impossible to detect when telecommunications are being intercepted and monitored.
This leaves three alternatives:
Access to telephones, fax machines and computers should be controlled to reduce the possibility of tampering. Telephones can be adjusted so that they act as transmitters even after they are hung up. Conversations near a phone may be transmitted to the foreign countrys phone system switching facility and can be monitored from anywhere between the phone and that facility. Computers and fax machines can be tampered with to facilitate monitoring that bypasses the encryption system.
Security procedures should be followed carefully when operating any computer linked to an outside network or telephone system.
Related Topics: For more technical information on various types of technical operations, see Intercepting Your Communications, Computer Vulnerabilities and Bugs and Mikes in the Vulnerability to Technical Operations module.