How to check if being 'bugged'?

flossy_splodge

A family I know were burgled a while ago (about 2 months).
They are now concerned that they have been bugged as certain sensitive financial information appears to be getting 'out there'.
Can anyone tell me how to check?
Is there a gadget you can buy or do you need to get in the professionals?
Thanks.:o
ps it was a 'targeted' vicious burglary aimed at putting them out of business. The police agree.

fiddiwebb

Dear me, how to check for bugs to how to install keyloggers, seems this site is turning into the MoneySavingExpert's Cookbook :eek:

Could it be that the sensitive information that is "getting out there" had been taken/photgraphed/copied/passwords found for emails etc. during the burglary?

Reluctant_spender

Take advice from the Police, especially if they agree.

HO87

In this respect the police will be as much use as a chocolate fireguard and will pooh-pooh suggestions despite the fact that the technology is readily available via eBay, for example. Its use is, however, relatively unusual.

Its is possible to buy "bug" detectors but most of those that are available fall into the cheap end and have a very variable reliability. The real equipment is very expensive and to use it properly needs training and experience.

There are specific companies (mostly London-based) who will sweep premises for devices but this is clearly aimed at larger corporations and is very costly. A proper professional sweep involves not just an electronic search but a physical one as well and can be very time consuming. Carrying out a physical search is not straightforward and is best conducted by trained electricians.

If they were minded to use someone to conduct a sweep they should beware of those who claim to be able to detect everything electronically (you can't) and who then walk around around a room in 5 minutes with a "wand" antenna and give it the all clear.

I'd suggest that it is far more likely that the information that is "getting out there" was gleaned during the burglary or is being obtained as a result of it. The family would be well advised to act as if they had been subject of identity theft and change their banking arrangements, cards etc.

superscaper

Maybe an obvious question but what was burgled? I.e. any computers?

DCFC79

A few other obvious questions, do they use wireless and is it secure ? have they done a malwarebytes scan on the computer or another program

flossy_splodge

Yes they use wireless. I put on Malwarebytes for them and update and run it.
Yes computers were stolen but the info that is getting out there is very much 'current'.
The police say they can't help altho they agree about what has happened.
Thanks for the replies so far.:)

fiddiwebb

flossy

the info that is getting out there is very much 'current'

How current is current, are we talking about the same day, a few days?

I presume that all passwords for emails, banks etc if any that may have been stored/used on the stolen computers have been changed?

Is it possible it is an insider in the business who is leaking information?

cit_k

How big a company is it?
How many employees?
What sort of data is getting out.
What sort of steps have been taken already to see where the leak is.

S0litaire

Step 1) Contact bank and change password for your on-line banking (Same with Credit Card companies.)

Step 2) Change *EVERY* password to something totally different (Including passwords to the router) including online email accounts you may want to contact your ISP to change the password to your ISP's email)

Step 3) Check every machine for virus/malware. If paranoid enough Do a complete Wipe and Clean install of every machine that was left in the theft. (it's possible they left 1 machine behind with the malware installed. As that was the only machine they would initially do ALL business via that machine so the crooks get a lot of important info.)

Now into Paranoid territory:

Step 4) Check all fixtures / fittings for evidence of being opened / unscrewed, including land-line phones, if in doubt throw it out.

If electrical fittings have been tampered with get a qualified electrician to check it out (If you or the electrician sees anything suspicious connected to the power supply, don't touch it and call the police.)

and in the best tradition of CrimeWatch:
Please don't have nightmares. Goodnight...^_^

loudcox

If this is information that's held in the office, then it's most likely that the stolen computers allowed your wireless network to be compromised, probably because the password was recorded somewhere. So:

- Ensure that you have WPA2 security enabled on the router.

- Change the password for wireless to something long and complicated (a real mix of standard and non-standard characters - see http://www.microsoft.com/protect/fraud/passwords/create.aspx for help).

- Your router should be able to list devices on or recently connected to the network. Do you recognise them all? If they are listed by their MAC address rather than machine name, check this against the valid machines on your network, and if you don't recognise it, ban it from joining the network.

-Change the password on all computer logins as well. Disable or delete any user accounts that are no longer in use.

- Also ensure that day to day work accounts are not set up with Administrator rights. Only login as an admin user when necessary.

- Check any PCs that weren't stolen for things like VNC, LogmeIn. Don't rely on what's in the start menu, check "Add Remove Programs" in the control panel. These are often overlooked because MalwareBytes etc. don't pick them up!


Good luck!