In partnership with

In This Issue

Title Story

From Havana with Bugs: China’s Cuba Spy Network

When I was an FBI counterintelligence operative, I relied on signals intelligence (SIGINT) to track spies who thought they were invisible. Without it, I couldn’t have protected the nation against countless spies and terrorists that I can never speak about (sorry, classified). SIGINT is the unseen backbone of espionage—the quiet intercept of radio frequencies, satellite transmissions, and digital chatter that reveals what adversaries want to hide. It’s also one of the most important lines of defense in counterintelligence.

That’s why the growing evidence of Chinese SIGINT facilities in Cuba should set off alarms.

For decades, Cuba has been the listening post of America’s rivals. During the Cold War, the Soviets operated the Lourdes complex outside Havana, a sprawling facility that reportedly provided Moscow with three-quarters of its military intelligence on the United States. The missiles left in 1962, but the antennas remained.

Now it’s China’s turn.

In 2023, the Biden administration confirmed that Beijing has access to spy facilities on the island. Research from the Center for Strategic & International Studies, backed by commercial satellite imagery, has revealed four locations in Cuba most likely supporting China’s intelligence efforts. Some are Cold War relics revived for a new purpose, others are recent builds.

The four suspected sites are:

• Bejucal (Havana) – expanded with a massive new antenna array.

• Wajay (Havana) – long tied to signals monitoring.

• Calabazar (Havana) – a Cold War station reactivated.

• El Salao (Santiago de Cuba) – a newly revealed facility, though construction appears stalled.

From these vantage points, China can sweep up communications across the southeastern United States—a region dense with military assets. Florida alone hosts Central Command, Southern Command, multiple Air Force bases, submarine facilities, and Cape Canaveral’s launchpads. Even private companies like SpaceX fall within range. And SIGINT antennas don’t discriminate; they scoop up everything from encrypted military chatter to commercial and civilian traffic.

This goes beyond Cuba. Beijing has poured over $30 billion into the Caribbean, building ports, telecom infrastructure, and influence. More than half of CARICOM nations have signed onto the Belt and Road Initiative. Chinese embassies in small island states—unusually large for their settings—serve not only diplomacy but intelligence. It’s the same playbook Beijing runs in the Pacific: use money, infrastructure, and political pressure to dominate small nations with big strategic value.

For Havana, the deal is survival. Cuba is facing its worst economic crisis since the 1990s “special period.” What it lacks in cash, it makes up in geography. For China, that geography is priceless.

So why does this matter? Because SIGINT isn’t abstract. It’s real-time access to America’s military posture, space launches, and critical communications. When I worked counterintelligence, I saw firsthand how a single intercepted call or a fragment of telemetry could unravel an entire operation. Now imagine that power in Beijing’s hands, sitting just 93 miles from Florida.

Cuba’s antennas are listening again. Only this time, the operators aren’t Russian. They’re Chinese. And they’re not just interested in Havana’s neighborhood—they’re focused on us.

What Should the U.S. Do?

China’s antennas in Cuba aren’t going away anytime soon. But the U.S. can blunt their impact:

1. Harden sensitive communications in Florida and the Gulf states with stronger encryption and spectrum monitoring, especially around military bases and space launches.

2. Keep eyes on Cuba with persistent surveillance—drones, aircraft, and satellites tracking upgrades to suspected SIGINT sites.

3. Offer secure alternatives to Chinese telecom and infrastructure across the Caribbean, reducing regional dependence on Huawei and Beijing-backed projects.

4. Leverage alliances and territories—from Puerto Rico to the Bahamas—to strengthen cyber defenses, port security, and economic engagement in America’s backyard.

What If?

There is one controversial school of thought that suggests the U.S. could undercut China’s influence in Cuba not through isolation, but through direct engagement. The vision is simple: help Cuba reorient itself into a peaceful tourist and trade hub, pulling it away from Beijing’s orbit. A Cuba powered by tourism and commerce is far less incentivized to “rent out” its geography for foreign spy stations.

But here’s the catch—this path would almost certainly require regime change. As long as Cuba remains under single-party communist rule, it will cling to authoritarian patrons like China. Turning Cuba back into a Caribbean paradise instead of a forward base for foreign adversaries would mean rewriting Havana’s political reality—something far easier to imagine than to accomplish. Then again, I’d love to visit Havana as a tourist, and not a spy.

Cybersecurity WIN of the Week

Operation Serengeti 2.0 Crushes African Cybercrime

Interpol’s Operation Serengeti 2.0 just delivered a knockout blow to cybercrime in Africa. Over the summer, authorities in 18 African nations, working with the UK and Interpol, arrested more than 1,200 suspects and recovered nearly $100 million linked to scams that targeted almost 88,000 victims.

The operation dismantled illegal cryptocurrency mines in Angola, busted a $300 million crypto investment fraud in Zambia, and shut down an inheritance scam run out of Ivory Coast. Beyond the headlines, the real win is what this shows: coordinated law enforcement across borders—backed by private-sector intelligence—can cripple sprawling cybercrime networks.

For once, the good guys scored big.

Cybersecurity Breach of the Week

No One Is Too Small to Be Taken Offline.

In Middletown, Ohio, life came to a sudden halt on August 19 when a ransomware attack shut down essential city services. Residents couldn’t get birth certificates, pay taxes, or even reach the police non-emergency line. For a community of just 50,000, it felt like waking up in the middle of a cyber warzone.

The exact entry point hasn’t been confirmed, but the evidence points to ransomware’s usual playbook: a phishing email that slipped through defenses, a weak or stolen password, or unpatched software that left a door wide open. Once inside, the attackers did what ransomware groups always do—lock down servers, encrypt critical files, and likely exfiltrate data before demanding payment. The ripple effects were immediate and painful, disrupting daily life for ordinary citizens who had no idea they were living inside a prime target.

That’s the real lesson here. Small towns and cities often assume cyberattacks are big-city problems. They’re not. Every community is fair game, and attackers know that the “heartland” often lacks the hardened systems and layered defenses of larger metros. Prevention is far cheaper than recovery. Regular backups, strong password protocols, patched software, and a clear incident response plan are not luxuries anymore—they’re the cost of doing business in the digital age.

Tech of the Week

A Drone in Your Pocket

Sometimes the coolest tech isn’t buried in a spy lab—it’s packed in your carry-on. The Hover Air X1 is a pocket-sized, autonomous drone that doesn’t need a controller. Toss it in the air, and it takes off like a loyal sidekick, following you, orbiting you, or even capturing cinematic “fly away” shots at the press of a button.

I took mine on vacation and used it for incredible family footage—including a fly away sequence from the top of a glacier in Alaska last week. For once, I wasn’t behind the camera—I was in the shot. That’s the beauty of this little drone: it makes pro-level aerial footage effortless, and in my world, anything that can blend cutting-edge autonomy with everyday use is worth watching.

Preorder Spies, Lies, and Cybercrime

My new book releases on October 7, but you don’t have to wait to make sure you are one of the first to get it delivered into your hands! Preorder now with this link.

Spies, Lies and Cybercrime will appeal to every person curious or frightened by the prospect of a cyberattack, from students and retirees to the C-Suite and boardroom. 

Join me and take up arms in the current cyber war instead of fleeing while the village burns. Only then can we begin to move the needle toward a world safe from cyber-attacks.  

Like What You're Reading?

Don’t miss a newsletter! Subscribe to Spies, Lies & Cybercrime for our top espionage, cybercrime and security stories delivered right to your inbox. Always weekly, never intrusive, totally secure.

Find out why 1M+ professionals read Superhuman AI daily.

In 2 years you will be working for AI

Or an AI will be working for you

Here's how you can future-proof yourself:

1. Join the Superhuman AI newsletter – read by 1M+ people at top companies

2. Master AI tools, tutorials, and news in just 3 minutes a day

3. Become 10X more productive using AI

Join 1,000,000+ pros at companies like Google, Meta, and Amazon that are using AI to get ahead.

Sign up and start learning AI

Are you protected?

Recently nearly 3 billion records containing all our sensitive data was exposed on the dark web for criminals, fraudsters and scammers to data mine for identity fraud. Was your social security number and birthdate exposed? Identity threat monitoring is now a must to protect yourself? Use this affiliate link to get up to 60% off of Aura’s Cybersecurity, Identity monitoring and threat detecting software!

Ready for Next Week?

What do YOU want to learn about in my next newsletter? Reply to this email or comment on the web version, and I’ll include your question in next month’s issue!

Thank you for subscribing to Spies, Lies and Cybercrime. Please comment and share the newsletter. I look forward to helping you stay safe in the digital world.

Best,
Eric

Let's make sure my emails land straight in your inbox.

Gmail users: Move this email to your primary inbox

On your phone? Hit the 3 dots at top right corner, click "Move to" then "Primary."

On desktop? Close this email then drag and drop this email into the "Primary" tab near the top left of your screen

Apple mail users: Tap on our email address at the top of this email (next to "From:" on mobile) and click “Add to VIPs”

For everyone else: follow these instructions

Partner Disclosure: Please note that some of the links in this post are affiliate links, which means if you click on them and make a purchase, I may receive a small commission at no extra cost to you. This helps support my work and allows me to continue to provide valuable content. I only recommend products that I use and love. Thank you for your support!