adversary foreign intelligence
By Manuel Cereijo
the Cold war ended, it was widely believed that a new era of international
cooperation had begun. However, simply put, the end of the cold war has not
led to a more peaceful world.
The United States is the
target of those who challenge the status quo, and one of those is Cuba.
Furthermore, the PRC has joined efforts with Cuba in a new axis. The
deterioration in China’s relations with the United States is also being
accompanied by a warmer relationship with Russia. There are three nations that
use intensively their intelligence services to harm the interests of the
United States. These nations are: China, Cuba, Iran, and North Korea. These
nations continue to expend significant resources to conduct intelligence
operations against the United States.
These efforts are centered on
producing intelligence concerning the United States military capabilities,
other national security activities, and military research and development
activities. They have now expanded their collection efforts to place
additional emphasis on collecting scientific, technical, economic, and
proprietary information. These collection efforts are designed to provide
technologies required for the acquisition and maintenance of advanced military
systems, as well as to promote the national welfare of these nations. Each one
of these countries has the ability to collect intelligence on targeted U.S.
activities using HUMINT, SIGINT, and the analysis of open source material.
Also, Cuba, China, and Russia have access to imagery products that can be used
to produce IMINT. The United States is now the target of those who want to
challenge the existing state of affairs. Security threats, in this new era of
asymmetric warfare, will inevitable emerge more and more frequently.
The “fall of communism” has
not reduced the level or amount of espionage and other potential serious
activities conducted against the United States. Recent espionage cases
involving Russia, China, and Cuba are just the tip of the iceberg. Software is
one weapon of information-based attacks. Such software includes computer
viruses, Trojan Horses, worms, logic bombs, and eavesdropping snuffers.
Advanced electronic hardware can also be useful in information attacks. In
terms of maturity of the threat, the numbers tell the story. In July of 2004
there have been over 300 reported hacked web sites. High Performance Computers
(Hips) are important for many military applications, including processing
information acquired through espionage. HPCs provided to Cuba by the PRC could
facilitate many of Cuba’s asymmetric military modernization objectives.
The PRC has obtained the HPCs
from the United States. The contribution of HPCs to military modernization is
also dependent on related technologies such as Telecommunications,
Microelectronics, and Computer Networking, areas in which the PRC has been
assisting Cuba intensively since 1998. The principal intelligence collection
arms of the Cuban government are the Directorate General of Intelligence (DGI)
of Ministry of Interior, and the Military Counterintelligence Department of
the Ministry of the Armed Forces. The DGI is responsible for foreign
The DGI has six divisions
divided into two categories of roughly equal size: The Operational Divisions
and the Support Divisions.
The operational divisions
include the Political/Economic Intelligence Divisions, the External
Counterintelligence Division, and the Military Intelligence Division.
The support divisions include
the Technical Support Division, the Information Division, and the Preparation
Division. The Technical Support Division is responsible for production of
false documents, communication systems supporting clandestine operations, and
development of clandestine message capabilities. The Information and
Preparation Divisions are responsible for intelligence analysis functions.
The Political Economic
Intelligence Division consists of four sections: Eastern Europe, North America,
Western Europe, and Africa-Asia-Latin-America. The External
Counterintelligence Division is responsible for penetrating foreign
intelligence services and the surveillance of exiles. The Military
Intelligence Department was focused on collecting information on the U.S.
Armed Forces and coordinated SIGINT operations with the Russians at Lourdes.
Presently, it controls the Bejucal base.
Counterintelligence Department is responsible for conducting
counterintelligence, SIGINT, and electronic warfare activities against the
The full range of Cuba’s
espionage activities are a very serious matter of concern. Despite the
economic failure of the Castro regime, Cuban intelligence, in particular the
DGI, remains a viable threat to the United States. The Cuban mission to the
United States is the third largest UN delegation. The Cuban diplomats conduct
and support harmful activities in the United States. The United States’
intelligence agencies should devote their resources to the most serious
security threats, principally international terrorism, and adverse political
The recent(1998-2001) captured
of more than 12 Cuban spies, including Ana Belen Montes, have shown the way
that they communicate with the DGI in Cuba. The basic method is called
Cryptography, and Cuba’s uses the method developed in the 1970s, referred to
as symmetric encryption, secret-key, or single key encryption. There are three
important encryption algorithms: DES, triple DES, and AES.
The encryption used by Cuba’s
intelligence has five ingredients:
Plaintext: This is the
original message or data that is fed into the algorithm as input.
Encryption algorithm: The
encryption algorithm performs various substitutions and transformations on the
Secret key: The secret key is
also input to the algorithm. The exact substitutions and transformations
performed by the algorithm depend on the key.
Ciphertext: This is the
scrambled message produced as output. It depends on the plaintext and the
secret key. For a given message, two different keys will produce two different
Decryption algorithm: This is
essentially the encryption algorithm run in reverse. It takes the ciphertext
and the same secret key and produces the original plaintext.
They use two basic important
A strong encryption algorithm.
They use one that, at the beginning, the opponent who knows the algorithm and
has access to one or more ciphertexts, are unable to decipher the ciphertext
or figure out the key. It was difficult, at the earlier stages to decipher
Sender and receiver (Cuba and
the agents here) must have obtained copies of the secret key in a secure
fashion and keep the key secure. Once the US intelligence discover the key and
knows the algorithm, all communication using this key is readable.
The security of this
encryption depends on the secrecy of the key, not the secrecy of the algorithm.
That is, they need to keep only the key secret. With the use of this
encryption, the principal security problem is maintaining the secrecy of the
All their encryption
algorithms are based on two general principles: substitution, in which each
element in the plaintext (bit, letter, group of bits or letters) is mapped
into another element, and transposition, in which elements in the plaintext
are rearranged. They use multiple stages of substitutions and transpositions.
Both sender and receiver use
the same key. The system is symmetric. A block cipher processes the input one
block of elements at a time, producing an output block for each input block. A
stream cipher processes the input elements continuously, producing output one
element at a time, as it goes along.
The process of attempting to
discover the plaintext or key is known as cryptanalysis. A summary follows.
The Table summarizes the various types of cryptanalytic attacks or means to
decipher Cuba’s communication with its spies. The most difficult problem is
presented when all that is available is the ciphertext only.
Central to the techniques are
the strange laws of quantum mechanics that govern the universe on the smallest
scale, and the ability to exploit physics on this scale, which has generated
huge interest in Cuba, with the development of a new nanotechnology research
and development facilities. The beginning stages of the project were
coordinated by Castro Diaz Balart. The quantum properties of photons could
make encrypted messages absolutely secure.
It is known that Cuba has
experimented already sending encrypted messages through the air over 100 Kms.,
during days and nights. Cuba expects to be able to send through its Bejucal
base these ultra-secret messages by the end of this year or early 2003. Of
course, encryption of transmitted data is just one part of keeping information
secret. It is easier for a would-be interceptor to compromise other aspects of
the overall process that are much more vulnerable than encryption, like
hacking the sender’s hard drive before the data is encrypted for transmission.
The genius of quantum
cryptography is that it solves the problem of key distribution. This ability
comes directly from the way quantum particles such as photons behave in nature
and the fact that the information these particles carry can take on this
behavior. Essentially two technologies make quantum key distribution possible:
the equipment for creating photons and that for detecting them. The ideal
source is a so-called photon gun that fires a single photon on demand. This is
an area where Cuba research and development is highly concentrated and
The facilities, and the talent,
are Cubans. But the financing is from where?
There is work currently going
on testing a portable system that can fit in the back of a small trailer and
works, on a clear night, over 65 Kms. The cost? Some $90,000. There is work
being done on a system that could, on a clear night, beam single photons to
orbiting satellites, thereby securing their transmissions. However, where
progress has been greatest and where most experimental work has been focused,
is on optical-fiber-based communications. ETECSA, the Cuban/Italian telephone
company, has just finished the installation of a secret fiber optic ring
strictly for military use, around Bejucal, Wajay, Guines, and La Habana. So
far the limitation is in the need to use repeaters. The maximum length
obtained has been 60 Kms. If distances could be increased, this will be quite
a milestone. Cuba’s Bejucal base, which started full operation on January
1998, poses a real threat to the national security of the United States.
TYPES OF ATTACK
Type of attack
Known to Cryptanalyst
Ciphertext to be decoded
Ciphertext to be decoded
One or more plaintext-ciphertext pairs
formed with the secret key
Ciphertext to be decoded
Plaintext message chosen by cryptanalist,
together with its corresponding ciphertext generated with the secret key
Encryption algorithm; Ciphertext to be
decoded; Purporpoted ciphertext chosen by cryptanalist, together with its
corresponding decrypted plaintext generated with the secret key
Encryption algorithm; Ciphertext to be
decoded; Plaintext message chosen by cryptanalist, together with its
corresponding ciphertext generated with the secret key; Purported
ciphertext chosen by cryptanalist, together with its corresponding
decrypted plaintext generated with the secret key
As our reliance on computers
has grown, so has our vulnerability to cyberattack. Virtually every critical
infrastructure system in this country, whether it be transportation, power,
communications, or finance, operates in cyberspace. It is a huge problem, and
there are few people trained in the science, or art, of computer security.
We need to have intelligence,
we need to monitor our systems all the time, to detect very early warnings.
Take digital steganography, a technique for hiding data in seemingly innocuous
messages. While it has many legitimate uses, it is also increasingly being
used by terrorist groups and countries. However, the effort of a group of
engineers has just develop a software package designed to detect digital
A cyberattack that shut down
power to an hospital or prevent fuel delivery in the dead of winter can cost
lives. In 1997 a US military exercise tested the country’s preparedness
against a cyberattack. The NSA had hired 35 hackers to invade the Defense
Department’s 40,000 computer networks. By the end of the exercise, the hackers
had gained root level access to at least 36 of the networks-enough to shut
down the power of several major cities and take control of a navy cruiser.
We must be ready, ready if our
enemies try to use computers to disable power grids, banking, communications
and transportation networks, police, fire and health services, or military
What To Do?
In the last decade, the number
of computers in use has exploded. For quite some time now, computers have been
a crucial element in how we entertain and educate ourselves, and most
importantly, how we do business. It seems obvious in retrospect that a natural
result of the explosive growth in computer use would be an even more explosive
(although delayed) growth in the desire and need for computers to talk with
each other. The growth of this industry has been driven by two separate forces
which until recently have had different goals and end products.
The first factor has been
research interests and laboratories; these groups have always needed to share
files, email and other information across wide areas. The research labs
developed several protocols and methods for this data transfer, most notably
TCP/IP. Business interests are the second factor in network growth. For quite
some time, businesses were primarily interested in sharing data within an
office or campus environment, this led to the development of various protocols
suited specifically to this task.
Within the last five years,
businesses have begun to need to share data across wide areas. This has
prompted efforts to convert principally LAN-based protocols into WAN-friendly
protocols. The result has spawned an entire industry of consultants who know
how to manipulate routers, gateways and networks to force principally
broadcast protocols across point-to-point links (two very different methods of
transmitting packets across networks). Recently (within the last 2 or 3 years)
more and more companies have realized that they need to settle on a common
networking protocol. Frequently the protocol of choice has been TCP/IP, which
is also the primary protocol run on the Internet. The emerging ubiquitous ness
of TCP/IP allows companies to interconnect with each other via private
networks as well as through public networks.
This is a very rosy picture:
businesses, governments and individuals communicating with each other across
the world. While reality is rapidly approaching this utopian picture, several
relatively minor issues have changed status from low priority to extreme
importance. Security is probably the most well known of these problems. When
businesses send private information across the net, they place a high value on
it getting to its destination intact and without being intercepted by someone
other than the intended recipient. Individuals sending private communications
obviously desire secure communications. Finally, connecting a system to a
network can open the system itself up to attacks. If a system is compromised,
the risk of data loss is high.
It can be useful to break
network security into two general classes:
methods used to secure data as
it transits a network
methods which regulate what
packets may transit the network
While both significantly
affect the traffic going to and from a site, their objectives are quite
Currently, there are no
systems in wide use that will keep data secure as it transits a public network.
Several methods are available to encrypt traffic between a few coordinated
sites. Unfortunately, none of the current solutions scale particularly well.
Two general approaches dominate this area:
Virtual Private Networks:
This is the concept of creating a private network by using TCP/IP to provide
the lower levels of a second TCP/IP stack. This can be a confusing concept,
and is best understood by comparing it to the way TCP/IP is normally
implemented. In a nutshell, IP traffic is sent across various forms of
physical networks. Each system that connects to the physical network
implements a standard for sending IP messages across that link.
Standards for IP transmission
across various types of links exist, the most common are for Ethernet and
Point to Point links (PPP and SLIP). Once an IP packet is received, it is
passed up to higher layers of the TCP/IP stack as appropriate (UDP, TCP and
eventually the application). When a virtual private network is implemented,
the lowest levels of the TCP/IP protocol are implemented using an existing TCP/IP
connection. There are a number of ways to accomplish this which tradeoff
between abstraction and efficiency. The advantage this gives you in terms of
secure data transfer is only a single step further away. Because a VPN gives
you complete control over the physical layer, it is entirely within the
network designers power to encrypt the connection at the physical (virtual)
layer. By doing this, all traffic of any sort over the VPN will be encrypted,
whether it be at the application layer (such as Mail or News) or at the lowest
layers of the stack (IP, ICMP). The primary advantages of VPNs are: they allow
private address space (you can have more machines on a network), and they
allow the packet encryption/translation overhead to be done on dedicated
systems, decreasing the load placed on production machines.
Packet Level Encryption:
Another approach is to encrypt traffic at a higher layer in the TCP/IP stack.
Several methods exist for the secure authentication and encryption of telnet
and rlogin sessions (Kerberos, S/Key and DESlogin) which are examples of
encryption at the highest level of the stack (the application layer). The
advantages to encrypting traffic at the higher layer are that the processor
overhead of dealing with a VPN is eliminated, inter-operability with current
applications is not affected, and it is much easier to compile a client
program that supports application layer encryption than to build a VPN. It is
possible to encrypt traffic at essentially any of the layers in the IP stack.
Particularly promising is encryption that is done at the TCP level which
provides fairly transparent encryption to most network applications.
It is important to note that
both of these methods can have performance impacts on the hosts that implement
the protocols, and on the networks which connect those hosts. The relatively
simple act of encapsulating or converting a packet into a new form requires
CPU-time and uses additional network capacity. Encryption can be a very CPU-intensive
process and encrypted packets may need to be padded to uniform length to
guarantee the robustness of some algorithms. Further, both methods have
impacts on other areas (security related and otherwise- such as address
allocation, fault tolerance and load balancing) that need to be considered
before any choice is made as to which is best for a particular case.
The most common form of
network security on the Internet today is to closely regulate which types of
packets can move between networks. If a packet which may do something
malicious to a remote host never gets there, the remote host will be
unaffected. Traffic regulation provides this screen between hosts and remote
sites. This typically happens at three basic areas of the network: routers,
firewalls and hosts. Each provides similar service at different points in the
network. In fact the line between them is somewhat ill-defined and arbitrary.
In this article, I will use the following definitions:
Router traffic regulation:
Any traffic regulation that occurs on a router or terminal server (hosts whose
primary purpose is to forward the packets of other hosts) and is based on
packet characteristics. This does not include application gateways but does
include address translation.
Firewall traffic regulation:
Traffic regulation or filtering that is performed via application gateways or
Host traffic regulation:
Traffic regulation that is performed at the destination of a packet. Hosts are
playing a smaller and smaller role in traffic regulation with the advent of
filtering routers and firewalls.
Filters and access lists
Regulating which packets can
go between two sites is a fairly simple concept on the surface- it shouldn't
be and isn't difficult for any router or firewall to decide simply not to
forward all packets from a particular site. Unfortunately, the reason most
people connect to the Internet is so that they may exchange packets with
remote sites. Developing a plan that allows the right packets through at the
right time and denies the malicious packets is a thorny task which is far
beyond this article's scope. A few basic techniques are worth discussing,
Restricting access in, but not
out: Almost all packets (besides those at the lowest levels which deal with
network reach ability) are sent to destination sockets of either UDP or TCP.
Typically, packets from remote hosts will attempt to reach one of what are
known as the well known ports. These ports are monitored by applications which
provide services such as Mail Transfer and Delivery, Usenet News, the time,
Domain Name Service, and various login protocols. It is trivial for modern
routers or firewalls only to allow these types of packets through to the
specific machine that provides a given service. Attempts to send any other
type of packet will not be forwarded. This protects the internal hosts, but
still allows all packets to get out. Unfortunately this isn't the panacea that
it might seem.
The problem of returning
packets: Let's pretend that you don't want to let remote users log into your
systems unless they use a secure, encrypting application such as S/Key.
However, you are willing to allow your users to attempt to connect to remote
sites with telnet or ftp. At first glance, this looks simple: you merely
restrict remote connections to one type of packet and allow any type of
outgoing connection. Unfortunately, due to the nature of interactive protocols,
they must negotiate a unique port number to use once a connection is
established. If they didn't, at any given time, there could only be one of
each type of interactive session between any given two machines. This results
in a dilemma: all of a sudden, a remote site is going to try to send packets
destined for a seemingly random port. Normally, these packets would be dropped.
However, modern routers and firewalls now support the ability to dynamically
open a small window for these packets to pass through if packets have been
recently transmitted from an internal host to the external host on the same
port. This allows connections that are initiated internally to connect, yet
still denies external connection attempts unless they are desired.
Dynamic route filters: A
relatively recent technique is the ability to dynamically add entire sets of
route filters for a remote site when a particular set of circumstances occur.
With these techniques, it is possible to have a router automatically detect
suspicious activity (such as ISS or SATAN) and deny a machine or entire site
access for a short time. In many cases this will thwart any sort of automated
attack on a site.
Filters and access lists are
typically placed on all three types of systems, although they are most common
Another advancement has been to have a router modify outgoing packets to
contain their own IP number. This prevents an external site from knowing any
information about the internal network, it also allows for certain tricks to
be played which provide for a tremendous number of additional internal hosts
with a small allocated address space. The router maintains a table which maps
an external IP number and socket with an internal number and socket. Whenever
an internal packet is destined for the outside, it is simply forwarded with
the routers IP number in the source field of the IP header. When an external
packet arrives, it is analyzed for its destination port and re-mapped before
it is sent on to the internal host. The procedure does have its pitfalls;
checksums have to be recalculated because they are based in part on IP numbers,
and some upper layer protocols encode/depend on the IP number. These protocols
will not work through simple address translation routers.
Application gateways and
proxies: The primary difference between firewalls and routers is that
firewalls actually run applications. These applications frequently include
mail daemons, ftp servers and web servers. Firewalls also usually run what are
known as application gateways or proxies. These are best described as programs
that understand a protocol's syntax, but do not implement any of the
functionality of the protocol. Rather, after verifying that a message from an
external site is appropriate, they send the message on to the real daemon
which processes the data. This provides security for those applications that
are particularly susceptible to interactive attacks. One advantage of using a
firewall for these services is that it makes it very easy to monitor all
activity, and very easy to quickly control what gets in and out of a network.
There are two basic types of
network security, transit security and traffic regulation, which when combined
can help guarantee that the right information is securely delivered to the
right place. It should be apparent that there is also a need for ensuring that
the hosts that receive the information will properly process it, this raises
the entire specter of host security: a wide area which varies tremendously for
each type of system. With the growth in business use of the Internet, network
security is rapidly becoming crucial to the development of the Internet. Soon,
security will be an integral part of our day-to-day use of the Internet and
Submarines prowl the ocean
floor, while ships above carefully skirts the limits of international waters.
On dry land, guards patrol high fences surrounding acres of huge golf ball-shaped
radar domes. In the skies, airplanes knife through the stratosphere, while
higher up orbiting electronic ears listen to whispers from the planet below.
They are trolling a vast sea
of electromagnetic signals in hopes of catching a terrorist plot in the making,
a shady arms deal, economic intelligence, or a rogue nation building a weapon
of mass destruction. This so called signals intelligence, or Sigint, has been
vital to the United States and its allies for decades. This is also vital for
Cuba, and China, through the Bejucal base.
The question now is: how
useful is the system against terrorists who know not to trust their satellite
phones? How effective can it be in an age when almost untappable fiber-optic
lines carry information at stupefying rates and cheap, off-the shelf
encryption systems can stump the most powerful supercomputers on earth?
Rather than the creation of
ever more sensitive receivers or code-breaking computers, the hot areas of
cloak-and-dagger information gathering include tapping fiber optic cables,
even at the bottom of the sea; using tiny bugging devices and old fashioned
bribery, blackmail, and burglary to get at data before it can be encrypted;
exploiting software flaws and poorly configured communications systems to
bypass data security measures; and automatically winnoving the vast amounts of
The old workhouse surveillance
system, run by the United States-with the United Kingdom, Canada, Australia,
and New Zealand as junior partners, was created in 1947 under the secret UKUSA
agreement. It is often referred to as Echelon in the popular press.
Whether or not the modern
Sigint system is of value boils down to a technical question: in the face of a
telecommunications explosion that has brought e-mails, cellphones, beepers,
instant messages, fiber optic cables, faxes, video-conferencing, and the
Internet to every corner of the World, can the UKUSA intelligence agencies
attain enough access to know what’s going on?
Of course, some communications
are easier than others. Wireless communications in particular offer two key
advantages-you can intercept them without physically tapping into the target’s
communications systems, and there is no way to detect that they have been
intercepted. Microwave, radio, telephone, walkie-talkie-communications that
are all in the air are all interceptible by some sort of antenna in the right
The advantage of the Bejucal
base is that it spies, listen to, the United States. However, the disadvantage
of the United States is that it has to cover a wide range of territories,
disperse terrorist groups, countries. The United States has to go after
sporadic miniwars and terrorism.
Fiber optic systems
Before the widespread use of
fiber-optic cables, geosynchronous satellite constellations, such as Intelsat,
Intersputnik carried much of the international communications traffic. Such
links can be comprehensively monitored by placing a receiving station in each
satellite’s transmission footprint. In contrast, cables have to be tapped
directly. While this is easy enough to do if the cable makes a landfall in a
territory controlled by a UKUSA country, someone has to visit the cable
clandestinely if it doesn’t, typically in a submarine.
Fiber optic cables are the
toughest to crack: fibers don’t radiate electromagnetic fields that can be
detected. Eavesdroppers first solved this problem by targeting the signal
boosting repeater stations strung along the cables. But the development of
erbium-doped fiber amplifiers, in which the signal is boosted without ever
being converted into electricity, called for a new approach.It is not
impossible to tap, but the fiber being one of a dozen hair-thin strands of
glass, which are embedded inside a laser welded, hermetically sealed, 3 mm
diameter stainless steel tube, makes it harder. This tube is in turn covered
by a few centimeters of reinforcing steel wire and cables carrying 10 Kvolts
of DC power, all at a depth of of a couple of thousand meters.
It is not impossible, but very
difficult. The easiest interception technique is to open up one of the
repeaters to get at the fibers. , but it is very difficult, because you have
to do it perfectly. Parts must either be sourced from the manufacturer or
A big remaining challenge is
fiber optic cables that stay on land. One of the things that special troops (including
Cuba’s elite troops) spend a fair amount of time is going ashore and walking
to the nearest line.
By bugging a computer or
communication system, information can be captured before it is sent through a
fiber optic cable. A tiny microphone dropped into a key-board can pick up the
sound made by the keys as they are struck and transmit the sounds to a nearby
receiver. ( The Cuban Red Avispa ring was trying to do this). Different keys
sound different, each has a specific signature.Those signatures can be used to
reconstruct what was typed.
The rise of ubiquitous
computer communications has allowed the emergence of widely available strong
cipher systems, such as public key cryptography, which rely on mathematical
functions that would take the greatest supercomputers on earth to break. For
example, the HPCs, that China acquired from the USA in the 1990s, and that
supposedly Cuba got two of them from China.
Speech recognition is already
widely used in commercial applications, but it is much harder to convert
speech into text when subjects have no intention of getting their meaning
across to a computer. Talk printing may give an idea of where the state of the
art is going. Variations in pitch, rhythm, and speech volume-information that
speech recognition programs typically throw out-to refine word and sentence
recognition, to identify speakers, and even to tell casual chats from serious
discussions or the dissemination of orders and instructions.
It is assumed that speech
recognition is available at the Bejucal base because from 1995 to 1997 Russia
had already this technology. It is also assumed that now, with the assistance
of PRC, they are trying to develop this latest technology.
Bejucal Base: conclusions
This is where the importance
of the Bejucal base lies. New technologies, association with the PRC,
proximity to the United States, Cuba’s elite troops, trained at the Baragua
school, in El Cacho, Los Palacios, Pinar del Rio, and the talent of
approximately 1,200 Cuban engineers and Computer Scientists working at the
The Base coordinates its
activities with: the Wajay facility, the Santiago de Cuba antenna farm, and
the base at Paseo, between 11 and 15 Streets.
Is Cuba a conventional
military threat to the United States? Of course not, in the conventional
military parameters. it has never been a threat. Presently, there is no
country that can be said that it represents a conventional military threat to
the United States. Is Cuba an asymmetric military threat to the security of
the United States? Yes, of course. Through biological and cyber attacks. Due
to its proximity to the United States, Cuba’s facilities in bio and cyber
developments, and the relative free flow of persons between Cuba and the
United States, that has made possible that Cuba be the country with more
convicted spies inside the United States in the last 10 years, Cuba possibly
represents a higher threat than other rogue nations