Even before we sit down to talk, Gavin Saul’s ‘secret’ city office speaks volumes about the covert way in which he carries out his technical surveillance operations.
There’s certainly no signage on the exterior of the building which would reveal the location of Verrimus Ltd’s £500,000 training school.
Set up in 2011, Saul and his colleagues teach firms the art of technical surveillance counter measures (TSCM).
“We’ve come a long way since the Cold War,” he says, pointing to a number of surveillance devices in the room that would astound even the most avid James Bond fan.
There’s the X-ray suite which can see through solid surfaces to find hostile devices, bugs, taps and trackers, a Bluetooth analysis system that can detect and locate Bluetooth attacks and the forensic search suite which finds physical signs of attack that are invisible to the human eye.
After 10 years as an operator for Specialist Intelligence and Security Services (SIASS) and a staff sergeant with 14 years in the British Army, Government services director Saul is well-versed in how to keep secrets and has incredible technical knowledge.
He said: “Companies, law firms, charities, governments, individuals, no one is immune from spying. The bottom line is, if you discuss valuable information that would benefit someone, be it a business competitor, then you are a potential target of electronic eavesdropping. Organisations use us to identify the gaps between their IT security and physical security.”
The firm’s work includes preventing electronic eavesdropping and detecting surveillance devices, such as covert listening and video surveillance devices.
Millions of pounds are spent in the UK by organisations which seek to threaten the privacy of competitors to gain an advantage within the market place.
And this type of voyeurism is alive and well in the UK according to Saul, who shows me a range of eavesdropping devices which are alarmingly being used by businesses and individuals to spy on each other.
Some are no bigger than a penny, while others disguised as everyday objects like light bulbs, plug sockets, clocks and even boxes of tissues.
“No one is safe,” says Saul.
“We’ve got a number of gas and oil clients who take safety very seriously indeed. When we show them just how easy it is to get confidential information, whether it be a mobile phone, memory stick, computer mouse or even a docking station, they are left in utter shock. That’s when the real message hits home that they need to start taking things even more seriously.”
“Our students receive threat awareness training, take part in search programmes, get training on specialist equipment and are evaluated by experienced operators.”
And the goal of preventing something from happening is what drives Saul and his colleagues to find out everything that does occur. But it’s not an easy task.
He admits: “There are simply too many ways in which we communicate today and technology is evolving at such speed it’s hard to keep up.”
The school currently caters for around 1,000 students a year and has five staff who work between the firm’s London office and the North East. The company hopes the school, which carries out TSCM training for commercial and Government teams from the UK and overseas, will also help it generate £1.2m in the next three years.
Although the identity of its clients remains a secret, Saul revealed they are from the financial, legal, oil and gas, defence and aerospace sectors. Its Government clients are from Europe, Asia and the Middle East.
Despite the London operations, Saul says he is keen to make Newcastle the sole location.
He said: “Three of the firm’s directors all come from the North East and so it makes sense to have the whole operation here. The region’s transport infrastructure makes it globally accessible – especially for overseas clients.”
However with the budget for such counter-surveillance equipment continuing to rocket, many companies are turning a blind eye to the risks, warned Saul.
“They think it will never happen to them, especially those here in the North East. They are the worst offenders. They think because they are so from the capital that they are removed from the threat, but that couldn’t be more wrong. It’s like a ticking timebomb waiting to go off. We live in a digital world now that is vulnerable to all attackers, but one that users think is secure. Fixing the problem is the hardest part and requires education, technology and tougher laws. We ultimately need internet technology that secures data,” said Saul.
Having played a key role in the London Olympics carrying out counter intelligence work, Saul knows only too well the threats we face here in the UK.
He said: “I’ve carried out sweeps on buildings in the UK where directors will tell me they have the best security systems in the world. They can have everything from fingerprint recognition to electronic passes, but when those boardroom passes are being handed out to everyone from director level down to the window cleaner, you’re asking for trouble.”
Saul gave an example of a recent case on a North East business park.
He said: “A client had been awarded a six-year contract and was using the building to house its contract management and operational staff. As part of the firm’s overall security, it had regular technical and network surveillance countermeasures surveys carried out in all areas where information critical to the business was created, stored and communicated. Verrimus was contracted to carry out operations to secure the area. During this, a covert camera was discovered transmitting in the area. They pinpointed the transmission and the identity of who had installed the camera was established.”
Saul says cutting down risk is the key to success in today’s technological era.
“Get rid of the potted plants in the board room, make sure staff only use company USBs and not gifted USBs from other companies. Even something as simple as a pen could be used for eavesdropping purposes.”
Saul says one of the biggest threats at the moment is information being taken from mobile phones.
He said: “We use a GSM lock and locate system which is capable of detecting, identifying and pinpointing any unauthorised mobile phone or any device which uses a SIM card to eavesdrop conversations, view videos, track locations or tap data networks. Meanwhile, a light analysis suite is also used to look at invisible light waves for signs of audio or data attack.”
He added: “First and foremost, the threat is very real and has no boundaries. It’s certainly not the tick in the box exercise that some firms see it as. I can name a number of websites selling low level eavesdropping devices from as little as £50 up to £100. Then there are the devices that capture a user’s data, it could be a mobile phone, internet chat or email. Everyone needs to take a good look at how they are using new technology and where.”