Signals Intelligence (SIGINT) is a cornerstone of modern intelligence operations, encompassing the interception and analysis of electronic communications and emissions. SIGINT has in fact become the primary “INT” for the collection of highly sensitive information by all of the major powers that engage in global espionage. As geopolitical tensions escalate between the United States and the People’s Republic of China (PRC) and PRC allies, the strategic deployment of SIGINT assets has become a grave peril to U.S. national security. China has established multiple SIGINT facilities in Cuba, raising concerns about the potential threats to the United States and indeed its allies.
The Importance of Signals Intelligence (SIGINT)
SIGINT involves the collection and analysis of electronic signals to gather intelligence on foreign entities. It is divided into Communications Intelligence (COMINT), focusing on intercepted communications, and Electronic Intelligence (ELINT), which pertains to electronic emissions from devices such as radars. SIGINT provides critical insights into adversaries’ capabilities, intentions, and activities, supporting decision-making at strategic, operational and tactical levels. It enables the monitoring of military movements, the detection of threats, and the protection of national interests.
China’s Proficiency in SIGINT Operations
China has developed extensive SIGINT capabilities, positioning itself as a formidable player in this particular intelligence discipline. The PRC operates numerous ground-based SIGINT stations across its territory, including significant facilities on Hainan Island deployed to monitor U.S. naval activities in the South China Sea. Additionally, China has invested in spaceborne ELINT systems mounted on satellites, enhancing its global surveillance reach. Clearly, China’s SIGINT operations are not confined to its borders. The PRC has established overseas facilities and deployed collection vessels to monitor foreign military operations. These efforts are part of a broader strategy to expand China’s intelligence-gathering capabilities and assert its global influence.
Chinese SIGINT Facilities in Cuba: Threat Surface and Geographic Reach
The establishment of Chinese SIGINT facilities in Cuba represents a strategic move to enhance surveillance capabilities in proximity to the United States. Reports suggest that China operates multiple SIGINT sites on the island, including facilities in Bejucal, Santiago de Cuba, and Paseo. These installations are equipped with advanced technologies, such as Circularly Disposed Antenna Arrays (CDAAs), capable of intercepting signals over vast distances. The Bejucal site, for instance, can reportedly monitor radio signals from 3,000 to 8,000 miles away, encompassing key U.S. military installations and even Washington, D.C. The geographic proximity of these facilities to the U.S. mainland allows for the potential interception of sensitive communications, posing significant risks. The ability to monitor U.S. military movements, disrupt critical communications, and gather intelligence on defense operations underscores the strategic value of these Cuban installations to China’s intelligence apparatus. The installations also pose a grave threat to U.S. intelligence and defense allies throughout the Caribbean and Latin America.
U.S. Counterintelligence Measures to Thwart Foreign SIGINT Threats
In response to the growing threat posed by foreign SIGINT operations, the United States has implemented a comprehensive counterintelligence strategy. The National Counterintelligence and Security Center (NCSC) leads efforts to identify, deceive, exploit, disrupt, and protect against espionage activities conducted by foreign powers. Adequate countermeasures may significantly neutralize the threats posed by Chinese FIS SIGINT activities and reduce perils to the integrity of U.S. intelligence and defense operations, to wit;
Enhanced Surveillance and Monitoring
The United States employs an integrated suite of ground-based, airborne, maritime, and space-based systems to detect and track hostile intelligence collection efforts, including SIGINT platforms positioned near U.S. territory. Ground-based monitoring stations operated by the NSA and partner agencies use highly sensitive direction-finding systems and frequency analysis to identify anomalous electromagnetic emissions, often correlating these signals with known adversary signatures cataloged in classified ELINT databases. Aerial and UAV platforms equipped with hyperspectral and electronic surveillance payloads patrol maritime peripheries, particularly in the Gulf of Mexico and Caribbean airspace.
Department of Defense programs such as those operated via Special Access Programs (SAPs) mechanism enable geo-location of foreign collection antennas and triangulation of suspected listening posts. Tasking of National Technical Means (NTMs), including SIGINT satellites (e.g., the Advanced Orion/Trumpet series), is adjusted in response to emerging threats. Further, electromagnetic deception operations (EMDEPs) that broadcast decoy signals can saturate and/or confuse Chinese FIE collectors operating from proximate offshore platforms or Cuban bases.
Cybersecurity Initiatives
U.S. cybersecurity strategy accomplished through the NSA’s Cybersecurity Directorate, U.S. Cyber Command (USCYBERCOM), and the Department of Homeland Security, focuses on both defensive and offensive operational postures. Defensive mechanisms include zero-trust architectures for federal systems, the implementation of hardware-based root-of-trust (e.g., TPM modules), and AI-enabled intrusion detection systems (IDS) capable of parsing massive volumes of network telemetry for command-and-control (C2) beaconing which is indicative of foreign APTs (Advanced Persistent Threats).
U.S. operations conducted under Title 10 and Title 50 allow the employment of hunt-forward teams, specialized cyber units deployed to partner nations to observe adversary TTPs (tactics, techniques, and procedures) in real-time. These teams report findings back to fusion centers like the NSA’s Threat Operations Center (NTOC). Simultaneously, Project RAVEN-type initiatives and signals denial campaigns target adversary collection nodes via cyber disruption, occasionally using polymorphic malware or firmware sabotage targeting China’s collection infrastructure or its remote access trojans (RATs).
Diplomatic Engagements
The United States utilizes a range of bilateral and multilateral mechanisms to limit adversarial intelligence penetration. Bilaterally, intelligence-sharing arrangements such as the ‘Five Eyes’ alliance, the Defense Intelligence Enterprise, and regional partnerships (e.g., Joint Interagency Task Force South) enable coordinated monitoring of Chinese SIGINT activity. Cuba is a unique case as formal diplomacy simply doesn’t exist in any meaningful way. Thus, diplomatic backchanneling via neutral third parties and pressure through the Organization of American States (OAS) are appropriate mechanisms to discourage Cuba from inviting foreign military basing and dual-use infrastructure development.
The Department of State embeds intelligence and security liaisons in embassies to collaborate with host nations’ internal security services. These attachés assist in countering influence operations and foreign direct investment in critical telecom sectors (think “Huawei-linked 5G nodes”), which may serve as covert SIGINT enablers. Foreign assistance programs such as the International Narcotics and Law Enforcement (INL) initiative can also be leveraged to enhance allies’ counterintelligence capabilities in the Dominican Republic, Central and South America.
Legislative Actions
Congress has passed a suite of legislative instruments aimed at mitigating foreign intelligence risks. These include the Foreign Investment Risk Review Modernization Act (FIRRMA), which expanded the jurisdiction of CFIUS to scrutinize Chinese acquisitions of U.S. technology companies. Additional statutory provisions under the Intelligence Authorization Acts have appropriated classified funding for the expansion of counterintelligence platforms targeting China’s Ministry of State Security (MSS) and People’s Liberation Army Strategic Support Force (PLASSF). Further, the Secure and Trusted Communications Networks Act mandates the removal of high-risk equipment (such as Huawei and ZTE hardware) from federal and contractor systems. Further, targeted sanctions under IEEPA (International Emergency Economic Powers Act) have been used to deny export privileges and financial access to Chinese firms known to support Beijing’s global surveillance infrastructure. New initiatives that “double down” on these resources is imperative.
The deployment of Chinese SIGINT facilities in Cuba is a dangerous expansion of China’s intelligence capabilities, directly impacting U.S. national security. The proximity of these installations to the U.S. mainland enhances their potential to intercept sensitive communications and monitor military activities. Without cooperation from the Cuban government, counterintelligence efforts to detect, deter, and neutralize Chinese FIE threats must evolve to address the “near home” espionage, subversion and/or sabotage capability. As global power dynamics change, largely due to the PRC’s efforts to remake the international order to suit its strategic needs, robust SIGINT capabilities of our own and vigilant counterintelligence measures remain essential methods of addressing the “Cuba is a PRC Espionage Platform” paradigm.
Bibliography
Bureau of Industry and Security, U.S. Department of Commerce. Entity List Additions: Huawei and Affiliates. Washington, D.C., May 16, 2019. https://www.bis.doc.gov.
Center for Strategic and International Studies. “Secret Signals: Decoding China’s Intelligence Activities in Cuba.” Hidden Reach. May 2025. https://features.csis.org/hiddenreach/china-cuba-spy-sigint/.
———. “A Snapshot of New Activity at Cuban Spy Sites.” Hidden Reach Snapshots. May 2025. https://features.csis.org/hiddenreach/snapshots/cuba-china-cdaa-base/.
Congressional Research Service. Foreign Investment and National Security: Economic Considerations. CRS Report R46554. Washington, D.C., 2023. https://crsreports.congress.gov.
Director of National Intelligence. National Counterintelligence Strategy of the United States of America, 2020–2022. Washington, D.C.: Office of the Director of National Intelligence, 2020. https://www.dni.gov/files/NCSC/documents/features/20200205-National_CI_Strategy_2020_2022.pdf.
Gertz, Bill. “China Suspected of Using Four Cuban Bases to Spy on U.S.” The Washington Times, May 7, 2025. https://www.washingtontimes.com/news/2025/may/7/inside-ring-china-suspected-using-4-cuban-bases-spy-us/.
Information Resource Program. China: Signals Intelligence. Federation of American Scientists (FAS). Last modified 2017. https://irp.fas.org/world/china/program/sigint.htm.
National Security Agency. “Cybersecurity Collaboration Center: Threat Intelligence Sharing.” Accessed May 24, 2025. https://www.nsa.gov/Cybersecurity/Cybersecurity-Collaboration-Center/.
Office of Foreign Assets Control. Sanctions Programs and Information. U.S. Department of the Treasury. Accessed May 24, 2025. https://home.treasury.gov/policy-issues/office-of-foreign-assets-control-sanctions-programs-and-country-information.
U.S. Congress. Foreign Investment Risk Review Modernization Act of 2018. Public Law No: 115-232, §1701-1728. 132 Stat. 2173.
U.S. Department of Justice. China Initiative Cases Summary. Accessed May 24, 2025. https://www.justice.gov/nsd/information-about-department-justice-s-china-initiative-and-compilation-china-related.
U.S. Department of State. Bureau of International Narcotics and Law Enforcement Affairs (INL): Program Summaries. Washington, D.C., 2024. https://www.state.gov/inl-programs/.
U.S. Government Accountability Office. Cybersecurity: Agencies Need to Fully Establish Risk Management Programs and Address Challenges. GAO-19-384. Washington, D.C.: GAO, July 2019. https://www.gao.gov/products/gao-19-384.
U.S. House Permanent Select Committee on Intelligence. The Threat of Foreign Surveillance: Hearing Before the House Intelligence Committee. 117th Cong., 2nd sess., February 2024.
