Cuba on the Brink: Protests, Sanctions, and the Heightened Security Risk (US-Cuba Relations)

Jacob Braymiller, research analyst for OnSolve, conducted the risk analysis for this post.

An ever-worsening economic crisis in Cuba is leading to increased domestic tensions and magnifying the importance of U.S.-Cuba relations. In March 2024, Cuba faced rare protests as hundreds took to the streets to demonstrate against rising inflation, food shortages and power outages throughout the nation. In response to the unrest, the Cuban government summoned the United States ambassador to Cuba, Benjamin Ziff, to a meeting and claimed the U.S. is stoking unrest through persistent economic sanctions.

As relations between the two countries remain tense, there is likely a heightened security risk in the region. This includes an increased risk for incidents occurring via the electro-magnetic spectrum (EMS).

“Havana Syndrome” and the Embassy Incident

Throughout 2016 and 2017, incidents often referred to as “Havana Syndrome” occurred at the United States Embassy in Cuba. During this period, at least 16 U.S. government employees reported strange health symptoms ranging from unusual sounds and vibrations to headaches and hearing loss. U.S. officials stated the symptoms can result from covert sonic devices and directed energy waves to the area. There was a lengthy follow-up investigation over fears of electronic attacks. In response, the U.S. government removed a significant number of employees from Cuba and expelled two Cuban diplomats from the country due to perceived involvement in the incident. Furthermore, since 2016, there have been several hundred cases of similar symptoms in U.S. overseas facilities globally. There are recent reports as of 2024 that Russian intelligence units are behind these continued “Havana Syndrome” incidents.

Cuba Tightening Relations with China and Russia

As the economic turmoil deepens, the Cuban government is looking for outside aid from foreign investors. Reports throughout the last year suggest growing alliances with Russia and China as they provide significant resources to the island. Both countries entering bilateral relationships with Cuba will likely allow for a stronger foothold in the region, and U.S. intelligence services will continue to monitor for potential electronic warfare threats.

As such, it was reported in June 2023 that China and Cuba reached an agreement to install an “electronic eavesdropping facility” only 90 miles from Florida. The U.S. Department of Defense spokesperson refused to confirm these reports but expressed concerns over the Chinese presence in Cuba. If Russia and China continue to invest and expand in Cuba, there is likely an increased cybersecurity threat—especially if the United States continues with harsh sanctions against Cuba. 

What Are the Risks for U.S. Businesses?

Under current sanctions, U.S. businesses are prohibited from doing business or investing in Cuba unless authorized by the Office of Foreign Assets Control (OFAC). However, there are still risks for U.S. businesses to monitor, such as protecting private assets. Reported financial investments for “eavesdropping” facilities in Cuba emphasize a desire for increased access to private U.S. facilities. Government facilities and partners, large corporations and businesses in the southern U.S. (such as Florida) are likely at the biggest risk. Furthermore, there is an ever-present threat of further “Havana Syndrome” incidents. The use of covert listening devices and electronic signals remains in the region. This risk grows as Russia becomes more involved in Cuba due to known Russian history with these tactics. This can have potential health impacts on employees and other people in the area.

How Can I Protect My Business?

Unfortunately, most businesses have limited options to actively combat spying or sonic attacks. One proven method to defend against these threats is the use of Sensitive Compartmented Information Facilities (SCIFs). SCIFs are commonly used in government buildings to protect important and sensitive information. However, implementing a SCIF is likely not feasible for most businesses due to the high cost and complexity.

An initial security measure for typical businesses can be a threat and vulnerability assessment (TVA). A TVA provides invaluable information about current preparedness for an identified risk and helps a business answer the question: Are my current levels of preparedness adequate to not only manage the identified threat(s), but also keep operations running, maintain employee safety and ensure overall business continuity?

With respect to Cuba, businesses could conduct a TVA of their physical location(s) and information systems. Of course, reliable data should be the foundation of any risk assessment. This includes evaluating the facility's proximity to the region and assessing whether information handled by the business is potentially valuable to outside parties. Security managers should catalog vulnerable systems and prioritize potential risk areas. A range of questions can serve as waypoints, including: Do we need more physical security at a particular location? Has our staff been familiarized with the identified threat? Should our standard operating procedures be revised to address any gaps? Which of our systems require active updates to be as secure as possible?

Finally, it is important to establish protocols for handling irregular health circumstances, such as multiple employees presenting with similar, unusual symptoms. Ensure there is a procedure in place to monitor trends in reported cases, document those instances accurately, and communicate with employees and agencies as required.

The mission can feel daunting and the path forward unclear. If you’d like to continue this discussion, provide feedback, or are looking for assistance, OnSolve is here to help.

OnSolve

OnSolve® is a leading critical event management provider that proactively mitigates physical threats, allowing organizations to remain agile when a crisis strikes. Using the most trusted expertise and reliable AI-powered risk intelligence, critical communications and incident management technology, the OnSolve Platform enables enterprises, SMB organizations and all levels of government to detect, anticipate and mitigate physical threats that impact their people, places and property. With billions of alerts sent annually and proven support for both the public and private sectors, OnSolve is used by thousands of entities to save lives, protect communities, safeguard critical infrastructure and enable agility for the organizations that power our economy.