INFORMATION WARFARE (IW) :

SIGNALS INTELLIGENCE (SIGINT), ELECTRONIC WARFARE (EW) AND CYBER-WARFARE. ASIA AND CUBA

MANUEL CEREIJO

FEBRUARY 2003

Asia is now leading the world in most of the key areas of Information Warfare (IW) capabilities and operations.There are now more signals intelligence (SIGINT) stations in Asia, intercepting all sorts of high frequency (HF) and very high frequency (VHF) radio, microwave relay and satellite communications (SATCOM) transmissions than in any other part of the world, and more than either the US or the Soviet Union maintained in their world-wide SIGINT networks at the height of the Cold War.  An increasing proportion of the world's electronic intelligence (ELINT) and electronic warfare (EW) equipment, now probably exceeding a third of the world's total, for intercepting or jamming radar signals and other electronic emissions, is being procured by Asian defence forces.  And in Asia, where the 'digital divide' is large but where internet connectivity is generally high and growing rapidly, most countries have been making efforts to control and monitor Internet usage, e-mail traffic, and computer-to-computer data traffic.  Many have also developed or are in the process of developing capabilities for penetrating the computer networks in other countries and manipulating or destroying critical economic or military information.  As the Far Eastern Economic Review reported in August 2001:  'Asia is emerging as [the] early proving ground' for cyber-warfare.[1]

The increasing Asian prominence in Information Warfare is, at least in proportional terms, due partly to the global geostrategic changes which attended the end of the Cold War.  The US dismantled much of its world-wide HF radio interception network, particularly in Western Europe and the Atlantic Ocean theatres.  The Russian SIGINT establishment is less than half its size in the 1980s, with the closure of more than 150 SIGINT ground stations in Eastern Europe, more than 100 in the other states of the former Soviet Union, and nearly 50 in other countries around the world, although it still maintains active SIGINT posts in numerous diplomatic facilities, including many of its

More important than the global shifts have been the extraordinary increase in these activities in Asia and the regional issues which have generated them.  Among the larger and/or more developed countries in the region, SIGINT and EW activities more than doubled during the decade from the late 1980s to the late 1990s, whether measured in terms of budgets, SIGINT ground stations or EW sets, or personnel engaged in these activities.  The end of the Cold War produced enormous strategic uncertainty in Asia, and necessitated moves to enhanced defence self-reliance in the region.  It became imperative to know more about the diplomatic and military communications of regional neighbours.  This required large ground stations for the interception of strategic communications intelligence (COMINT) and, increasingly, SATCOM interception capabilities.[2]

Most countries in Asia have been able to afford the investments required for greater self-reliance.  In many cases, in Northeast Asia and Southeast Asia, this has involved the acquisition of maritime defence capabilities – including submarines and surface combatants as well as maritime aircraft, and often involving over-the-horizon or beyond-visual-range anti-ship missile systems.  More thorough maritime surveillance capabilities, including ELINT, were needed to police and protect the 200-mile Exclusive Economic Zones (EEZs) in the western Pacific.  Overall, Asia's share of world military expenditure doubled in the decade from 1986 to 1996, and, in the case of arms imports into the region, Asia's share of world expenditure on arms transfers has increased nearly three-fold since the early 1980s – from 15.5 per cent in 1982 to 33.24 per cent in 1993[3] to 41 per cent in 1998.[4]  Asia's share of world EW equipment increased by a similar factor as, for the first time in many instances, Asian countries acquired modern weapons systems with integral ESM (electronic support measures) and self-defence EW systems.  Effective operation of these systems necessitates the maintenance of current and comprehensive catalogues of the electronic order of battle (EOB) – the location and character of radar sites, communication transmitters, navigation beacons, and other electronic emitters in the surrounding neighbourhood and possible areas of operation further afield.  This is turn has required the acquisition of dedicated airborne and ship-based ELINT/ESM collection systems, which sometimes operate together with (or even aboard the same platform as) jamming and other electronic counter-measures (ECM) systems.

The regional interest in the acquisition of modern EW capabilities was significantly strengthened by the perceived 'lessons' of Operation Desert Storm against Iraq in January-February 1991, when Allied EW operations effectively crippled the Iraqi C3I system and rendered the extensive Iraqi air defence system impotent, allowing coalition forces to deliver ordnance with extraordinary precision and impunity.  In China's case, for example, the intelligence and EW aspects of the Gulf War were closely monitored by a special SIGINT unit located in Kashi, 1,700 miles from Baghdad, that intercepted large amounts of US and Allied military communications.[5]  Chinese defence analysts quickly appreciated both the Revolution in Military Affairs (RMA) and its IW dimension.[6]

The terrorist attacks on the US homeland on 11 September 2001, Operation Enduring Freedom in Afghanistan and the 'war on terror' more generally have been closely studied by regional strategic and defence planners.  They have been impressed by the US application of the RMA and IW in Afghanistan, and have accepted the need, insofar as resources permit, to enhance the constituent elements of C3ISREW (command, control, communications, intelligence, surveillance, reconnaissance and early warning), with the acquisition of new sensor systems, advanced communications and information technologies, and unmanned aerial vehicles (UAVs) for both intelligence collection and platforms for launching precision guided munitions (PGMs).[7]  One leading regional strategic analyst expects that some East Asian countries 'will try to emulate a scaled-back version [of US strategy in Afghanistan], adopting a limited form of network-centric warfare'.[8]  September 11 and the war on terror have also excited concerns about the vulnerability of national information infrastructures (involving telecommunications networks, banking and financial facilities, air traffic control systems, power generation and distribution systems, etc.) to cyber-terrorism.  Intelligence collection activities, including electronic surveillance by monitoring computer files, Internet connections, e-mails and computer-to-computer data traffic, is likely to become more intrusive – causing tensions with neighbours whose networks are increasingly being penetrated and diminishing civil liberties domestically. 

Asian countries are extremely diverse, with enormous disparities in their geographical areas, populations and resources, as well as their geostrategic positions, defence capabilities, intelligence interests and proficiency with advanced information technology.  No country in Asia is able to match the US in terms of the breadth and sophistication of the SIGINT, EW and cyber-warfare capabilities which the latter maintains in the region.  There is an extended and variegated hierarchy of countries, similar to and roughly paralleling that which obtains with regard to their relative abilities to absorb and employ the RMA.[9]  The best equipped and most adept in the key IW areas are Australia, Japan and South Korea, which enjoy close alliance relationships with the US, including extensive collaboration in technical intelligence collection programs.  A second tier comprises those countries with both high threat perceptions and sufficient resources to acquire extensive, but somewhat less comprehensive and/or less sophisticated, IW capabilities – such as China, India, Taiwan and Singapore in their different ways and their different circumstances.  A third tier comprises countries where threat perceptions are lower and/or defence and intelligence resources more limited, such as Burma, Indonesia, Malaysia the Philippines, Thailand and Vietnam.  These maintain extensive radio communications interception capabilities, and have been acquiring some modern ELINT/EW systems, but their employment is relatively unsophisticated.  The fourth tier consists of those countries who are finding it very difficult to function in the information age, such as Bangladesh, Cambodia, Laos, Mongolia and Papua New Guinea.  The hierarchy is transitive.  Many countries in the third tier aspire to more substantial and more advanced capabilities.  Moreover, some IW operations, such as cyber-warfare and cyber-terrorism, are attractive to some poorer countries and to non-State actors as asymmetric responses to predominant US/Allied conventional military power, and, in domestic situations, to repressive governments.

IW is practiced especially energetically and enterprisingly by non-State actors of various sorts in Asia.  This reflects, in large part, the high incidence of intra-State conflicts and challenges to governmental legitimacy, involving numerous armed insurgent groups and separatist movements that have organised radio interception, cryptological and cyber-warfare services.  In Burma, at least until the early 1990s, several ethnic insurgent groups (including the Kachin Independence Organisation, the Shan State Army, the Karenni Army and the Karen National Liberation Army, as well as the Communist Party of Burma until its collapse in 1989) maintained radio interception and cryptanalytical organisations which were superior to the SIGINT capabilities of the Burmese armed forces.[10]  More recently, the United Wa State Army (UWSA), the largest and wealthiest drug trafficking group in Burma, has acquired the capacity to intercept Thai Army radio traffic in the Burma-Thailand borderlands.[11]  In Sri Lanka, the rebel Liberation Tigers of Tamil Eelam (LTEE) have monitored Indian and Sri Lankan military, police, and security agency communications, and have successfully used SIGINT in military operations.[12]  In Papua New Guinea in the late 1990s, the secessionist Bougainville Revolutionary Army (BRA) regularly intercepted PNG Defence Force radio communications.[13]  Civil non-governmental organisations (NGOs) have also taken to intercepting communications in embattled areas.  In East Timor in September 1999, for example, foreign observers monitoring the self-determination vote intercepted the two-way radio conversations of the Indonesian special forces officers and the leaders of the local militia groups planning the post-ballot carnage.[14] 

Cyber activities, using the World Wide Web and the Internet, are both inherently trans-national and empowering to non-State actors, whether political activists, terrorists, or nihilists.[15]  The 'Love Bug' computer virus, which infected some 1.27 million computers world-wide on 4 May 2000, causing hundreds of millions of dollars of damage to businesses in the US and Europe, was released by a failed Filipino college student in Manila.[16]  In Northeast Asia since 1999, non-governmental politically-motivated cyber-warriors in the PRC, Taiwan, Japan and South Korea have attacked and damaged official web-sites and computer-based networks in other countries.  Indeed, some comparative assessments have placed non-State actors higher than most nations in Asia with respect to their proficiency at cyber-warfare.[17]

This paper describes the recent developments in SIGINT, EW and cyber-warfare activities in Asia and Cuba.  It discusses both changes in the targets of SIGINT collection operations, such as the increasing value of SATCOM SIGINT, satellite telephones (satphones), mobile (cell) phones and computer networks;and the availability of new technical capabilities, such as UAVs, SATCOM monitoring systems, and cyber-warfare capabilities.  It also notes, wherever appropriate, the strategic considerations and security concerns that have generated this activity – the strategic uncertainty, the requirements of increasing defence self-reliance, the EW elements of defence modernisation programs, the maritime surveillance obligations, the operational lessons of the Gulf War in 1991, the implications of the RMA, the study of Operation Enduring Freedom in Afghanistan, and the concerns about the threat of terrorism (including cyber-terrorism).

Cyber-warfare activities are in important technical respects a direct evolution of the SIGINT and EW activities of the past half century or so into the Information Age, where communications systems and computer networks are transfused.  They generally involve the erstwhile SIGINT agencies, the repositories of advanced IT, linguistic and mathematical expertise, and they often employ the same collection facilities – especially Embassies and other diplomatic establishments in foreign countries, and airborne systems, which are increasingly being used for cyber-warfare activities.  But there are also some profoundly novel dimensions.  From a collection perspective, a change is underway from focussing on interception of information 'in motion', as electromagnetic waves travel through the ether, to collection and manipulation of information 'at rest', stored on computer data bases, disks and hard drives.[18]  The inherent transnational and non-State attributes of cyber activities, confounding distinctions between external and internal security operations, pose not only new technical challenges but also contain new risks, in terms of both national vulnerabilities and threats to civil liberties.

Ground facilities

Ground stations of various types still account for the greatest volume of signals collection activities in Asia, although there have been enormous changes in the US and Russian dispositions in the region since the end of the Cold War, and numerous new complexes constructed by the regional countries themselves.  The US is no longer interested in covering all HF radio transmissions around the world, but the HF band is still very important in Asia.

During the 1990s, the US National Security Agency (NSA) closed down most of its world-wide HF radio interception and HF-DF network.  Most of the large circularly-disposed antenna arrays (CDAAs), which formed the nodes of this network – i.e., the AN/FLR-9 CDAAs used by the Army and Air Force SIGINT agencies, and the AN/FRD-10 Classic Bullseye (or Flaghoist) system used by the US Navy – were dismantled.  These large arrays have a nominal range exceeding 5,000 km, with a DF accuracy typically better than one-half of a degree.  The only two FLR-9s still functioning are in the Pacific – at Elmendorf, near Anchorage, in Alaska and Misawa in Japan.  Nearly all the remaining FRD-10s are also in the Pacific – at Guam;  Wahiawa, Hawaii;  San Diego, California;  and Hanza, Okinawa.  Another FRD-10 is at Diego Garcia in the Indian Ocean.  In addition, Canada has an FRD-10 CDAA at Masset, on the north coast of Graham Island in British Columbia's Queen Charlotte Islands, which is remotely operated from a master station at Leitrim, just south of Ottawa, and which functions as part of the Classic Bullseye HF-DF network in the north Pacific.[19]  The only countries in Asia which now host US SIGINT ground stations are Japan, South Korea and Thailand, although several other countries have SIGINT cooperation and exchange arrangements with the US – most notably Taiwan, Australia, New Zealand and Singapore.

During the Cold War, the US had, at different times, some 100 SIGINT sites in Japan.  Many were small and short-lived, especially in the 1950s and 1960s, but some were very large, with hundreds of US SIGINT personnel.  Since the end of the Cold War, nearly all US SIGINT collection activities in Japan have been consolidated at three sites – Misawa, in the northeast of Honshu island, which is the largest US SIGINT complex in Asia, and perhaps the largest SIGINT complex in the world, with both a FLR-9 CDAA and extensive SATCOM SIGINT facilities, maintained by some 1,800 SIGINT personnel (900 US Air Force, 700 Navy and 200 Army);[20]  Yokosuka, at the entrance to Tokyo Bay, where the US Navy has a SIGINT collection and processing station;[21]  and Hanza, Okinawa, which has an FRD-10 CDAA, and which is to be relocated to Camp Hansen, about 20 km to the northeast, by 2005.

In the late 1970s, the NSA established the Kunia [Pacific] Regional SIGINT Operations Center (KRSOC) at Kunia, Hawaii, to receive and process data from manned and unmanned SIGINT sites in East Asia and the western Pacific.  Two of its unmanned stations are located at Khon Kaen, in northeast Thailand, which monitors communications in southern China and Indochina, and at Taegu, in South Korea, which is targeted against communications in China and North Korea.[22]  Admiral Dennis Blair, the former Commander-in-Chief Pacific (CINCPAC), has told Congress that 'the current KRSOC is obsolete', and that a new facility is required 'to sustain the level of [cryptologic] support' in the Pacific theatre.[23]  CINCPAC wants to build a new Pacific Security Analysis Complex (PSAC), which would combine the current KRSOC and Joint Intelligence Center Pacific (JICPAC) to provide 'immediate in-depth collaboration between the premier signals intelligence and production centers [in the Pacific]'.[24]

The Soviet Union had built more than a dozen stations in Mongolia, North Korea, Cambodia and Vietnam, but these have now all been closed.  For example, a SIGINT station established in 1985 at Ramona, in the southwest corner of North Korea, and about 150 km northwest of Seoul, and staffed by 80 GRU and FAPSI personnel, was closed in 1997.[25]

The last was the station at Cam Ranh Bay in Vietnam, which ceased operations on 1 January 2002 and, after the SIGINT equipment was dismantled and flown back to Russia, was vacated in May.[26]  The SIGINT complex at Cam Ranh Bay was once described by CINCPAC as 'the [third] largest in the world outside the Soviet Union'.[27]  In 1992-93, 'some 200' Russian SIGINT personnel were stationed at the complex;  this had fallen to 'about 100' in May 1995;[28]  and by December 2000 there were only 30.[29]  Its facilities included a satellite communications intercept system, two Fix 24 HF-DF CDAAs, and a Park Drive communications satellite terminal which provided a direct communications link between the Cam Ranh Bay SIGINT complex and the Soviet Navy's Pacific Fleet Headquarters at Vladivostok 'as well as with the General Staff in Moscow'.[30]

China maintains by far the most extensive SIGINT capabilities of all the countries in Asia, with several dozen ground stations deployed throughout the country, monitoring signals from Russia, the Central Asian states of the former Soviet Union, Japan, Taiwan, India, and Southeast Asia, as well as internal communications.  The largest station is the SIGINT Net Control Station of the Third (or Technical) Department of the General Staff Headquarters, which is located at Xibeiwang, on the northwest side of Beijing.  Other large stations are attached to the HQs of each of the Military Regions (i.e., Beijing, Shenyang, Chengdu, Guangzhou, Lanzhou, Jinan and Nanjing), as well as at sites near Jilemutu and Lake Kinghathu in the northeast of China;  near Shanghai;  in the Fujian and Guandong Military Districts opposite Taiwan;  near Kunming;  at Lingshui, on the southern edge of Hainan Island;  and along the border with Vietnam.[31]  A SIGINT station was also established on Rocky Island (Shi-tao), near Woody Island (Lin-tao) in the Paracel Archipelago in the 1980s;  the site is one of the highest points in the area, and provides good coverage of signal activity in the northwestern part of the South China Sea.[32]

Many of them were expanded during the 1990s.  For example, the large SIGINT complex at Lingshui, which monitors signals from the South China Sea, Vietnam and the Philippines, was 'vastly expanded by 1995'.[33]  This SIGINT complex, where more than 1,000 SIGINT analysts work, is located about 1.5 km west of the Lingshui military airfield where the US Navy's stricken EP-3 SIGINT aircraft landed on 1 April 2001.[34]  Two large stations in Xinjiang – one at Dingyuanchen, used for monitoring communications in Russia and the Central Asian states, and the other at Changli, near Urumchi, used primarily for intercepting satellite communications – were expanded in 1999-2000.[35]

In 1991-92, Chinese technicians constructed a large SIGINT station at Great Coco Island, a Burmese island located just 50 km north of India's Andaman Islands, on the western side of the entrance to the Straits of Malacca.  The station, which is operated by the Chinese, provides intelligence on air and naval movements in the eastern Indian Ocean, and is able to intercept telemetry associated with Indian ballistic missile test launches over the Bay of Bengal.[36]  Chinese technicians also assisted with the construction of six electronic surveillance stations along Burma's coastline, which monitor shipping between the Indian Ocean and the Straits of Malacca.  These stations are located at Ramree Island, southeast of Sittwe, off the coast of Arakan;  Hainggy Island, in the estuary of the Bassein River;  Monkey Point, on the southeast side of Rangoon;  Kyaikkami, south of Moulmein;  Mergui;  and Zadetkyi Kyun (or St Matthew's Island), off Burma's southernmost point, Kawthaung (or Victoria Point).[37]

Japan has about 25 SIGINT ground stations of various sorts and capabilities, of which ten are large stations maintained by the Chosa Besshitsu, or Chobetsu, Japan's SIGINT agency, and the new Defence Intelligence Headquarters (DIH) which now incorporates the Chobetsu.[38]  These are located at Ooi, about 30 km northwest of central Tokyo, which is probably the network control station;  Wakkanai, at the northern tip of Hokkaido, which is well-known because of the KAL-007 shoot-down on 1 September 1983;[39]  Chitose, in the southwest part of Hokkaido, which the Chobetsu took over from the US in 1971, and later constructed a large FLR-9-type CDAA there, which is the main Japanese station for monitoring Russian signals traffic, and which was for many years Japan's largest SIGINT complex;  Shibetsu and Higashi Nemuro in Nemuro prefecture, in the northeast corner of Hokkaido, which monitor the approaches to the Kurile Islands;  Okushiri Island, off the southwest coast of Hokkaido, which became operational in May 1990 and which monitors Russian communications;[40]  Kobunato, near Shibata, on the west coast of Honshu;  Miho, near Yonaga, the closest point in Japan to North Korea, which has a large CDAA and is the main station for monitoring signals in North Korea;  Tachiari, on the northern side of the island of Kyushu, which intercepts Chinese communications;  and at Kikai-jima, a small island at the northern end of the Ryuku island chain, which has recently been equipped with Japan's third large CDAA system and which is Japan's most important SIGINT station for intercepting Chinese communications.  In addition, two smaller, Pusher-type unmanned CDAA HF-DF systems were installed at Shiraho, on the island of Ishigaki, just northeast of Taiwan, in the mid-1980s.  The JMSDF and JASDF also maintain numerous ELINT stations for monitoring radar emissions from ships and aircraft moving around Japan.

Taiwan has built, with NSA assistance, a large SIGINT facility on Yangminghshan Mountain, just north of Taipei.  The facility replaced a station which the US had at Shu Lin Kou, northwest of Taipei, which the US officially handed over to Taiwan in 1979, but at which US 'civilian contractors' continued to work jointly with their Taiwanese hosts.  It consists of a large antenna farm for monitoring military communications within Nanjing and Guangzhou Military Regions, and eight SATCOM dishes, some of which may be intercepting Chinese satellite communications and some are for relaying data back to the NSA HQ in Maryland.[41]

In Southeast Asia, several countries have substantial SIGINT organisations, although they are smaller and their capabilities more limited.  In the 1960s and 1970s, Vietnam developed a remarkable SIGINT organisation, with numerous ground stations (including covert interception and analysis facilities in the South), thousands of SIGINT personnel, and an ability to monitor and decrypt a large proportion of US and allied communications.[42]  However, this capability has largely atrophied.  Thailand now has the most extensive network of SIGINT ground stations, including numerous radio monitoring sites along the Burmese border which listen to the HF and VHF radio and walkie-talkie traffic of the Burmese Army and the various drug trafficking and ethnic insurgent groups in Burma.[43]  However, Thailand's SIGINT capabilities require modernisation, while the Thai intelligence organisation must be drastically reformed if the SIGINT is to better inform both policy-making in Bangkok and operations in the borderlands.

Singapore has the most advanced SIGINT capabilities in terms of technical and operational sophistication, complementing two ground facilities with modern airborne systems, and capable of comprehensively and systematically monitoring communications out to about 2,000 km around the island.  One ground station is at Kranji, in the northwest of the island, which was originally established by Australia's DSD in 1971 and then taken over by Singapore in 1974, and which was used to monitor military, diplomatic, and commercial communications across Indonesia, Malaysia, Thailand, China, and the Indochinese countries.[44]  It has reportedly since been 'vastly expanded'.[45]  A second site is maintained by Army SIGINT units at Nee Soon Camp in the middle of Singapore.[46]

Australia maintains the largest and most capable SIGINT establishment in the Southeast Asian region.  Its SIGINT agency, the Defence Signals Directorate (DSD), doubled in size between the early 1980s and the early 1990s, reaching nearly 2,000 personnel in 1992 – at which time it had stations at Pearce, near Perth, Western Australia, equipped with a Pusher-type 48-element CDAA, for monitoring communications in South Asia and the Indian Ocean; Shoal Bay, near Darwin, Northern Territory, the largest station, also equipped with a Pusher, which focuses on Indonesian communications but also covers other parts of Southeast Asia;  Cabarlah, near Toowoomba, in Queensland, which has another Pusher and which monitors HF transmissions across Southeast Asia and throughout the Southwest Pacific;  Bamaga, at the tip of Cape York in north Queensland, established in 1988 to monitor communications in Papua New Guinea (and especially Bougainville), and operated remotely from Cabarlah;  and at HMAS Harman, at the southeastern outskirts of Canberra, which was originally established in 1939-40, and which has been used to monitor diplomatic traffic to foreign embassies in Canberra as well as other transmissions emanating from Southeast Asia.  A new DSD HQ was officially opened in Canberra in May 1992;  and a station was being constructed at Kojarena, near Geraldton, in Western Australia, for intercepting satellite communications (SATCOM).[47]  Since then, new investment has been directed mainly towards further enhancement of DSD's SATCOM interception capabilities and the acquisition of new airborne collection systems.  However, a large SIGINT/HF-DF station has recently been constructed at Morundah, near Wagga Wagga, in southeastern Australia, to replace the DSD station at Harman, as part of a larger effort to modernise the Australian Defence Force's HF radio communications network.  It is equipped with two Pusher-type 48-element CDAAs.[48]

Interception of satellite communications

Many countries in Asia now have the ability to monitor selected foreign communications satellites (COMSATs), as well as record, process, decrypt, translate, and analyse the intercepted material – including telephone conversations, faxes, e-mails and other electronic communications.   

The US maintains the most extensive SATCOM SIGINT capabilities in the Asia-Pacific region.  The first US station established to intercept international satellite communications in the region was located at Yakima, in Washington State in the northwest US.  It became operational in the early 1970s, and for a decade was equipped with a single large dish antenna for intercepting communications passing through the INTELSAT COMSAT stationed over the Pacific Ocean.[49]  In 1995, it had five dish antennas, three facing westwards, one of which 'appears to be the UKUSA site for monitoring the Inmarsat-2 satellite that provides mobile satellite communications in the Pacific Ocean area'.[50]  Code-named Cowboy, the Yakima station was one of the original stations in the Echelon system, the global system organised by the UKUSA countries for monitoring the non-military telecommunications of other governments, businesses and private organisations.[51]  The largest US station in the region is at Misawa, in northern Honshu, Japan.  Code-named Ladylove, the SATCOM SIGINT facility achieved an interim operational capability in 1982.[52]  The permanent complex became operational in 1987, at which time there were six radomes at the site.  It grew rapidly over the next several years, reaching 13 radomes in 1991.  There were 14 radomes in 1997.[53]  The Ladylove project was originally designed to intercept communications from Soviet elliptically-orbiting Molniya and geostationary Raduga and Gorizont communications satellites.  The expansion in the late 1980s and early 1990s included capabilities for intercepting Chinese satellite communications and INTELSAT communications.[54]  In 1993, the Ladylove operation at Misawa was incorporated into the Echelon system.[55]  Another SATCOM intercept station is evidently located on Guam, at which an Echelon unit (code-named Project Marlock) was activated in 1995.[56]

Russia has a Big Ear SATCOM SIGINT station at Andreyevka, near Vladivostok, for monitoring satellite communications in northeast Asia.  The Japanese Chobetsu/DIH maintains a SATCOM SIGINT station at Chitose, near Sapporo, in the southwest part of Hokkaido, for intercepting transmissions from Russia's Molniya and Gorizont communications satellites.[57]

China has also developed SATCOM SIGINT capabilities for monitoring international satellite communications.  In December 1968, for example, it was reported that China had established 'a ground station for intercepting signals transmitted through the US and Russian communication satellite systems', together with an associated decryption capability, on Hainan Island.[58]  The station is situated at the Lingshui SIGINT complex.[59]  A second SATCOM SIGINT station is located outside Beijing.  On 4 June 1989, for example, Chinese authorities intercepted unedited video relating to the Tiananmen massacre which was transmitted by the American Broadcasting Corporation via satellite (and which was then used by the Chinese authorities to track down and arrest one of the leading dissidents).[60]  A third station is located at Changli, in western China, for monitoring satellite communications in central Asia.[61]  China has also established a SATCOM SIGINT station at Santiago de Cuba, at the eastern end of Cuba, to intercept US satellite communications.[62]  A satellite tracking and control station at Kiribati, which sits astride the equator in the central Pacific, is also capable of intercepting selected (S-band) satellite communications in the mid-Pacific.[63]

Taiwan is able to intercept Chinese satellite communications.  In India, the Research and Analysis Wing (RAW) of the Cabinet Secretariat maintains a number of SATCOM SIGINT stations, one site of which is Sikandarabad, across the Yamuna from Delhi.[64]

Australia has the most extensive SATCOM SIGINT capabilities in the Southeast Asian region.  The main station is at Kojarena, near Geraldton, in Western Australia.[65]  It became operational in 1993, and monitors a wide range of the communications satellites stationed in geostationary orbits over the Indian Ocean and Southeast Asia.  One of its primary functions was to replace the joint GCHQ-DSD SATCOM SIGINT station at Chung Hong Kok in Hong Kong (Project Kittiwake), which intercepted Chinese satellite communications, but which was closed in 1995.[66]  The station intercepts both regional geostationary satellites (such as Russian, Chinese, Japanese, Indian and Pakistani communications satellites) and international communications satellites (including INTELSAT COMSATs and INMARSAT maritime COMSATs).[67]

DSD also maintains a large SATCOM SIGINT station (Project Larkswood) at Shoal Bay, near Darwin, for monitoring Indonesian satellite communications.  It had eleven SATCOM dishes as at September 1999, and was one of the most lucrative sources of intelligence about the role of the Indonesian military and police, and their militia surrogates, in the violence in East Timor in 1999.[68]

New Zealand has a SATCOM SIGINT station at Waihopai (code-named Flintlock), which became operational in 1990, and which focuses on satellite communications in the southwest Pacific area, working in close cooperation with the NSA station at Yakima and the DSD station at Kojarena.[69]

In Southeast Asia, Singapore is the only country with a functioning foreign SATCOM SIGINT facility.  It intercepts the down-links of both regional and international COMSATs, including INMARSATs.

In addition to intercepting foreign/international satellite communications for intelligence purposes, some countries have acquired capabilities for jamming selected satellite broadcasts and down-links.  Both the US and the Soviet Union developed SATCOM jamming capabilities during the Cold War.  China has also developed limited SATCOM jamming capabilities.[70]  India has constructed a station at Jalna, in Maharashtra state, some 300 km northeast of Bombay, 'to monitor and possibly screen out foreign [satellite television] broadcasts'.[71]  Indonesia (according to the commander of the US Space Command) has 'relatively primitive' anti-satellite jammers, involving 'basic radio-frequency transmitters', which it has used on several occasions since 1996 to interfere with the COMSATs of commercial rivals or to jam politically or ideologically objectionable transmissions.[72]  In 1996, Indonesia jammed a (C-band) communications satellite following a commercially-inspired dispute with Tonga over claimed satellite orbital positions.[73]  In May 2001, Secretary of Defense Donald Rumsfeld said that there has been 'instances' where Indonesia had jammed a Chinese satellite which was evidently broadcasting information to Muslim fundamentalists and which it found objectionable.[74]  Some non-State organisations, such as the Falun Gong movement in China, have also demonstrated the ability to jam (and even hijack) satellite transmissions.[75]  There has also been a growing appreciation that some forms of SATCOM transmissions, including those involving satphones and GSM cell phones, can be used for targeting purposes – as demonstrated in April 1996 when Russian authorities killed the president of Chechnya with an air-to-surface missile while he was talking on a satphone via the INMARSAT network, and in August 1998 when the US used Osama bin Laden's satphone transmissions to target cruise missiles in the attack against the al-Qaeda base at Khowst.[76]  In July 1999, the Pakistan Army reportedly used intercepts of satphone transmissions by Indian television reporters accompanying Indian Army troops in the Kargil region to direct a deadly artillery bombardment on the Indian position.[77]

Of course, every country has the ability to intercept (and sever or jam) international satellite communications entering national gateways.  In some countries this is done by SIGINT/cyber cells co-located with the national gateway stations, or utilising the facilities at national SATCOM ground control stations.  In Burma, for example, all international telecommunications are intercepted by the Directorate of Defence Services Intelligence (DDSI) at the SATCOM ground station in Thanlyin, across the Bago River from Rangoon.[78]  In Singapore, the facilities of Singapore Telecommunications (SingTel) are used by various government agencies for intercepting all telephone and fax traffic.[79]  In democratic countries, such as Australia, access to domestic communications is subject to due legal process (typically involving issuance of warrants by judicial authorities).

Airborne SIGINT capabilities

The extent, variety and sophistication of airborne SIGINT operations has increased markedly in Asia over the past decade.  Russian SIGINT flights around Japan have been greatly reduced, and the Bear D operations to and from Cam Ranh Bay, over the East and South China Seas, have ceased entirely.  But US airborne activities in the western Pacific have been upgraded, while eight regional countries have been acquiring their own capabilities – viz.:  Japan, South Korea, China, Taiwan, Australia, Singapore, Thailand and India.  Airborne systems are very expensive to operate and maintain, but they provide the only cost-effective means for regular, real-time surveillance of the electromagnetic emissions in important parts of the spectrum that are undetectable from ground sites.

The primary airborne collection mission is electronic intelligence (ELINT), involving 'ferret' flights designed to intercept and record the emissions of radars and other radio/electronic systems – garnering data about the signal sources, strengths and characteristics (such as operating frequencies, pulse repetition rates, antenna rotation speeds, etc.), to map air defence networks, airfields and missile batteries for target planning purposes.  These flights are sometimes deliberately provocative, intending to generate programmed responses.  Others are equipped for interception of naval radars and emitters, enabling them to locate, identify and track (and plan electronic or missile attacks against) surface ships.  For many countries in Asia, airborne ELINT systems provide the primary means of ocean surveillance.  Some aircraft carry both passive ELINT and active EW systems, such as jammers and electronic counter-measures (ECM) equipment, allowing them to monitor and record some signals for intelligence purposes while jamming or manipulating and deceiving other electronic systems.  Others are configured for COMINT, loitering for hours in favourable radio reception areas to intercept HF and VHF radio communications.  More specialised aircraft focus on the interception of the telemetry and associated signal traffic generated during foreign missile tests, or on special types of communications. 

The most modern US systems are able to intercept e-mail and computer-to-computer data traffic, as well as cell phone traffic, serving cyber-warfare tasks rather than more conventional SIGINT collection missions.  Special receivers have been installed on at least one US Air Force SIGINT aircraft, and were reportedly also carried by the Navy EP-3 involved in the incident off Hainan on 1 April 2001, which intercept the proforma data codes used in computer-to-computer data exchanges.  The proforma include the dial tones of protocols and link-ups that determine the signalling method (such as data transfer multiplexers and private branch exchanges) and the paths and speeds of data transmission.  The airborne cyber-warriors are reportedly able to 'conduct intrusions of foreign computer systems', and hence manipulate, deceive or disable them.[80]

The US continues to operate by far the largest and most active, as well as the most advanced, fleet of SIGINT aircraft in the Asia-Pacific region.  More than 30 US aircraft are engaged, several of them on a daily basis, in collecting SIGINT of some sort or another around East Asia and the western Pacific.  The US now flies more than 400 reconnaisance missions a year along the periphery of China, or an average of more than one per day,[81] mostly for SIGINT purposes, and mostly with flights originating from bases in Japan.  The US Air Force has a base for RC-135V/W Rivet Joint SIGINT aircraft at Kadena in Okinawa, Japan, where 1-2 of them are normally stationed.  Another 1-2 are sometimes based at Misawa.  These aircraft, which carry a SIGINT crew of some 21-27 radio and radar intercept officers, linguists and maintenance technicians, as well as three pilots and two navigators, and which can stay aloft (with aerial refuelling) for 10-30 hours, are used for intercepting both communications and electronic signals.  Three RC-135S Cobra Ball aircraft, which are based at Eilson Air Force Base in Alaska, and which sometimes deploy to Misawa, are designed to intercept telemetry from foreign missile tests.  For example, Cobra Ball aircraft were dispatched to Misawa in September-December 1997, when a full-range test of North Korea's Nodong-1 intermediate-range ballistic missile (IRBM) was expected,[82] and in August 1999 and August 2000, when test flights of North Korea's Taepodong-2 missile were expected.[83]  The US Air Force also has 1-2 U-2R Senior Spear SIGINT aircraft based at Osan Air Base, South Korea, which fly Olympic Game missions to intercept Chinese and North Korean communications.[84]  The US Navy has a squadron (VQ-1) of six EP-3E ARIES (Advanced Reconnaissance Integrated Electronics System) II SIGINT aircraft, based at Whidbey Naval Air Station in Washington, but with a permanent detachment of 1-2 aircraft at Misawa, and a forward operating base at Kadena.  (The EP-3E aircraft involved in the April 2001 incident operated from Kadena.)  Another eight ES-3A Shadow aircraft are used for carrier-based SIGINT operations, with six home-based at the North Island Naval Air Station in San Diego, California, and two at Misawa.

Table 1

US SIGINT aircraft based in the Asia-Pacific region

The US Army's 3rd Military Intelligence Battalion, 501st Military Intelligence Brigade, based at Camp Humphreys, near Pyongtaek, about 90 km south of Seoul, has 12 Beech RC-12 Guardrail and three RC-7B ARL-M (Airborne Reconnaissance Low-Multifunction) aircraft.  The Guardrail aircraft, which usually fly in sets of three for DF/triangulation purposes, carry COMINT and ELINT (Quick Look) systems;  they have a flight endurance of 4-5 hours, and can monitor radio communications in the 20-70 MHz, 100-150 MHz and 350-450 MHz frequency bands.[85]

Japan now has about 16 dedicated SIGINT-collection aircraft, half a dozen electronic warfare (EW) training aircraft with some ELINT capabilities, and 13 E-2C Hawkeye and four E-767 airborne early warning and control (AEW&C) aircraft with substantial secondary ELINT capabilities.[86]  In 2000-01, South Korea acquired four specially-equipped Hawker 800 SIGINT aircraft, containing both COMINT and ELINT sub-systems (with coverage of up to 40 GHz), together with an associated ground station for data processing.[87]

The Chinese Air Force operates four Tu-154M long-range transport aircraft modified for SIGINT collection.[88]  Another Tu-154M SIGINT aircraft is operated by China United Airlines (CUA), the commercial arm of the Air Force;  it uses civil markings (CUA B-4138), but was equipped in 1995 with a synthetic aperture radar (SAR) as well as COMINT and ELINT equipment for covert SIGINT operations.[89]  Taiwan has a SIGINT-equipped C-130H Hercules aircraft, operated by the 6th Electronic Warfare Squadron of the 20th EW Group, based at Pingtung Air Base on the southeast coast;  and two S-70C(M) Thunderhawk helicopters, operated by the Navy's 701 Squadron based at Hualien on the west coast.[90]

In Southeast Asia, Singapore acquired modest but sophisticated airborne SIGINT capabilities in the early 1990s.  Two of the Air Force's C-130H Hercules aircraft have been equipped with extensive suites of Israeli-supplied COMINT, ELINT and EW systems for strategic, operational and tactical SIGINT mission.[91]  They have been reported undertaking collection in Australia;  over the Andaman Sea and along the western coasts of Malaysia, Thailand and Burma, with stop-overs in Rangoon and Dhaka;[92]  and 'as far west as Pakistan'.[93]  Singapore also has six Fokker F-50 Maritime Enforcer Mark-2 maritime patrol aircraft, which are equipped with modern SIGINT systems, and which operate around Southeast Asian waters from the Andaman Sea to the South China Sea.  One of them is reportedly equipped with an ArgoSystems AR-7000 Black Crow SIGINT system, provided by Fokker, while the other five carry Israeli-supplied SIGINT systems.[94]  Since early 2001, Singapore has also been examining possible aircraft 'for an emerging requirement for a high-altitude ELINT/SIGINT platform'.[95]

Table 2

SIGINT aircraft, Asian countries

In 1995-98, the Royal Australian Air Force acquired two EP-3C Orion aircraft which had been specially configured for SIGINT operations,[96] which were used extensively around Timor in 1999-2000, and which were more recently used in the Persian Gulf in support of Operation Enduring Freedom.[97]  The RAAF reportedly also operates a SIGINT-configured C-130H Hercules aircraft;  the Australian Army has a King Air 200 fitted for ELINT operations;  and the Navy has a Learjet specially equipped for ELINT and electronic warfare activities.[98]

Unmanned aerial vehicles (UAVs)

In recent years the defence forces in many Asian countries have become interested in the acquisition of some type of unmanned aerial vehicle (UAV), primarily for surveillance and reconnaissance, but also for EW activities and fire support.  Not only are UAVs much cheaper to operate and maintain than manned aircraft, but they have improved enormously in terms of reliability, endurance, payload capacity, and operational versatility.  They are also relatively expendable, and can be used on technical intelligence collection missions that would be too dangerous for manned systems to undertake.  The regional interest was palpably quickened by the capabilities demonstrated in the UAV operations in Operation Enduring Freedom in Afghanistan.

Reconnaissance drones were first developed by the US for spying on Vietnam, China and North Korea in the 1960s and early 1970s.  In August-October 1964, following the Gulf of Tonkin incident and in the context of US preparations for large-scale military intervention in Vietnam, the US began to use Ryan Model 147 drones, called Lightning Bugs, for reconnaissance flights over southeastern China.  The Lightning Bugs, together with DC-130 Hercules 'mother aircraft', were based at Kadena on Okinawa.  The typical mission involved launch of the drones from airspace near Hainan Island, after which they would climb to some 60,000 feet and fly over Hainan, Guandong and Fujian, and land at Taoyuan air base in Taiwan, mapping Chinese intelligence and air defence facilities in these areas.  Some flights were accompanied by US ELINT aircraft, which would record and analyse the electronic activity generated by Chinese air defence systems attempting (often successfully) to shoot down the drones.[99]

The first SIGINT flights began in October 1965, using Model 147E Lightning Bugs, flown from Bien Hoa Air Force Base in South Vietnam.  A particularly memorable flight took place on 13 February 1966, when a 147E drone was able to 'sniff' the emissions associated with the proximity fuze on SA-2 surface-to-air missiles, and to relay the vital information before being destroyed.[100]  After a US Navy EC-121 SIGINT aircraft was shot down by North Korean fighters in April 1969, another version of the Lightning Bug, called the Model 147TE or Combat Dawn, was developed for SIGINT operations against North Korea.  A larger model, the 147TF, with an 8-hour time-on-station and 'improved SIGINT gear', became operational in 1973.  These UAVs flew almost 500 missions from 1970 to 1975.[101]

More recently, not only has the US aerospace industry designed a wide variety of UAVs and associated sensor systems, but most countries in Asia are now also able to produce and/or assemble light airframes, small turbojet engines, GPS navigation systems and some sorts of sensors.

The pre-eminent UAV is the high-altitude (above 60,000 feet), long-endurance (20 hours) Global Hawk, which was first used operationally in Operation Enduring Freedom in Afghanistan.  The Global Hawk's 'baseline payload' consists of electro-optical (EO) and infra-red (IR) sensors and a synthetic aperture radar (SAR), but there are plans to produce a version with a 3,000 lb SIGINT payload by 2004-05.[102]  To start with, a Global Hawk which flew to Australia from California in April 2001, the first non-stop flight across the Pacific Ocean by an autonomous aircraft, was equipped with an L-100 ELINT/ESM system to intercept ships' radio-frequency emissions and relay the approximate positional information of vessels to ground controllers, to aid the development of a future SIGINT system.[103]

Australia plans to acquire six Global Hawk UAVs in 2004 for broad-area surveillance purposes, at a cost of US $200 million.  Australian officials have said that they would like to include a SIGINT capability in this program.[104]  Japan is also a likely customer for the Global Hawk system.[105]

In northeast Asia, China is the only country with an operational UAV capability, including ELINT and EW systems.  The Chinese Air Force's primary long-range UAV is the WZ (Wu Zhen, or unmanned reconnaissance) -5, better known as the Chang Hong-1, based on US reconnaissance drones shot down over China in the 1960s.  Production began in the late 1970s, and some were used in the Sino-Vietnam border conflict in 1979.[106]  The latest version of the Chang Hong is a prospective ELINT platform.[107]  In addition, according to a report by the US Department of Defense, 'China already has a number of short-range and longer-range UAVs in its inventory for reconnaissance, surveillance, and electronic warfare roles', and has 'several developmental UAV programs underway related to reconnaissance, surveillance, communications, and EW'.[108]  In early 2000, for example, China Aviation Industry Corporation (AVIC) released a photograph of a 'concept stage' UAV configured for ELINT and EW missions.[109]

In Southeast Asia, Singapore was the first country to invest in a substantial UAV capability.  In the 1980s, the Royal Singapore Air Force acquired a batch of Scout UAVs from Israel, and some 40 Searcher Mark II UAVs were acquired in 1995-1997.  Although these are normally equipped with electro-optical (EO) and thermal imaging sensors, some of them have undoubtedly been re-equipped for SIGINT collection missions.  Singapore has also been indigenously developing several types of UAVs, including larger vehicles such as the Firefly, which could carry SIGINT systems as well as other sensors.  At the Asian Airospace 2002 show in Singapore in February 2002, another Israeli company, Elisra Electronic Systems, exhibited a UAV-mounted, 20 kg ELINT system, priced at just US$10 million, which can be fitted 'on any type of UAV the customer wants';  the President of Elisra said that 'negotiations had begun with Asian armies wishing to upgrade their intelligence capabilities with a fairly cheap system'.[110]

Indonesia has been negotiating with Israel for the procurement of ELINT-equipped surveillance drones since 2000.[111]  The Malaysian Ministry of Defence has begun flight testing a locally-produced Eagle UAV system, complete with a ground control station and a remote receiving station, and with a 60 kg payload capacity for carrying various sensors or EW equipment.[112]

Listening from space:  SIGINT satellite programs

Three countries have space-based SIGINT systems, though only the US possesses geostationary SIGINT satellites able to intercept terrestrial VHF and microwave communications and missile telemetry.  The current US geostationary satellites, called Advanced Orion, which are controlled from Pine Gap in central Australia and can intercept signals emanating from designated points on or near the earth's surface from about 40◦E to about 180◦E, are much more advanced than their predecessors.  The two satellites launched so far (14 May 1995 and 8 May 1998)[113] not only have a much larger primary signals interception antenna array (the diameter of the primary parabloid reflector antenna on the previous Magnum/Orion satellites was about 100 metres), but also carry a log-periodic antenna forest and a variety of other secondary antennas for more specialised interception missions (including interception of mobile telephone conversations from fast-moving passenger aircraft).[114]  The Pine Gap facility, which had 876 staff (428 US and 448 Australian) and 26 satellite antennas (14 in radomes) as at March 2002,[115] is the largest SIGINT satellite ground control and data processing station in the world.

The US Navy and Air Force have had a variety of ELINT satellite programs for intercepting and recording ground- and ship-based radar transmissions and locating the positions of the transmitters.  These ELINT satellites provide intelligence about the ranges and signal characteristics (such as operating frequencies, pulse repetition rates, antenna rotation speeds, etc.) of radar systems, which is used to map air defence networks and shipping movements for targeting purposes.  The US Navy, for example, developed the Naval Ocean Surveillance System (NOSS), which involves a triplet of sub-satellites, is able to detect, identify, precisely locate (through triangulation) and track surface ships and relay this information in real-time to US and Allied naval command centres and weapons platforms.  This system was evidently incorporated during the 1990s into a joint US Navy-Air Force program called the Space Based Wide Area Surveillance System (SB-WASS), which can locate both land- and ship-based radar and radio transmissions.  The first of these satellites was reportedly launched on 8 September 2001.[116]  Three of the US Navy's five Classic Wizard ground stations for controlling the NOSS satellites, and processing and disseminating the ELINT, have been closed (i.e., the stations at Edzell in Scotland, Adak in Alaska and Winter Harbor in Maine), leaving Guam in the Pacific and Diego Garcia in the Indian Ocean.  These remaining stations are jointly maintained by US Army and Air Force SIGINT personnel as well as Navy counterparts, indicating that the new program collects ELINT from both land-based and ship-based emitters.[117]

Russia still maintains two ELINT satellite programs, but the level of activity has declined greatly since the demise of the Soviet Union.  More than 200 ELINT satellites were launched from 1967 to 1991, or about nine a year, whereas it has averaged just 2.5 launches a year since 1992.[118]  The GRU, the Russian military intelligence service, runs the Tselina ('virgin lands') -2 radar-monitoring system, which involves two operational satellites (in circular orbits with altitudes of about 850 km), the most recent of which, Kosmos 2369, was launched on 3 February 2000.[119]  The Tselina-2 satellites operate in a near real-time mode, downlinking their data via Geyser geostationary communications relay satellites, and can probably locate emitters to an accuracy of 4-5 km.[120]  The Russian Navy maintains an ELINT Ocean Reconnaissance Satellite (EORSAT) program, which became operational in 1979, but which was also hit by the cutbacks in Russian military space programs in the 1990s.  Indeed, for five weeks in November-December 1999, and for four weeks in November-December 2001, Russia had no operating EORSAT.[121]  The most recent EORSAT launch occurred on 21 December 2001 (Kosmos 2383).  The EORSATs are able to detect, identify and track surface ships, to provide targeting data of about 2km accuracy, and to relay this data in near real-time to anti-ship missile platforms (such as other ships, helicopters, etc.).[122]

China has evinced a limited interest in development of an ELINT satellite capability, and has experimented with several systems, although it still does not have an operational system.  A 1,108 kg ELINT satellite was launched from the Shuang Cheng Tzu Missile Range (SCTMR) in the Gobi Desert on 30 August 1976.  It decayed from orbit on 25 November 1978. [123]  On 19 September 1981, three SJ-2 satellites were launched on a single booster from the SCTMR, providing a capability for determining the location of radio and electronic emitters as well as for recording the emissions.[124]  The doublet DQ-1 launched on 3 September 1990 could have involved ELINT applications.[125]  It is also likely that ELINT packages of various sorts have been launched aboard subsequent Chinese photographic intelligence (PHOTINT) and/or communications satellites.  In 1999, the Heritage Foundation reported that China has an 'advanced electronic intelligence (ELINT) satellite program' in the development stage.[126]

Electronic warfare

The rapidly developing EW capabilities in the Asia-Pacific region reflect the widespread efforts to achieve national self-reliance, the general recognition of the value of EW as a force multiplier, the defence modernisation programs (which necessarily include significant electronic components), and the ability of many countries in the region to indigenously produce advanced electronic systems (or the desire to promote the development of indigenous electronic sectors through local design and production).  ELINT is an essential ingredient in both the design and operation of EW capabilities.

Sophisticated SIGINT and EW capabilities are in fact integral to the operation of the modern weapons systems which are currently being acquired throughout the Asia-Pacific region.  Modern missile systems, for example, simply cannot be effectively utilized without real-time intelligence and surveillance information, supported by a thorough and comprehensive catalogue of the electromagnetic environment in the area of operations. 

Most of the countries in the Asia-Pacific region have recently acquired long-range anti-ship missiles, such as Harpoon or Exocet, which are designed for use at beyond-line-of-sight or over-the-horizon ranges.  SIGINT is invaluable to the effective operation of these systems.  HF and VHF DF systems provide the principal means of detecting and locating enemy ships;  analysis of the communications and radar emissions is a primary means of determining the nationality, class, and even the identity of particular ships;  and, together with other electro-optical techniques, a means of precision-guidance of the missiles to the targeted ships.  Modern air defence systems utilize ELINT together with active radar for threat warning and location.  A whole class of anti-radiation missiles (ARMs) exists for attacking radars on the basis of their signal emissions (frequency, power, pulse rates, and characteristics, and so forth).  It has been widely recognized that defence operations on the modern electronic battlefield simply cannot be effectively conducted without full and real-time intelligence concerning the adversary's electronic order of battle (EOB) – that is, catalogues of the plethora of communications systems, radars, and other electro-magnetic emitters which might be expected in area of operations.

Moreover, countries in the region attempting to achieve greater defence self-reliance generally recognize the value of capitalising on 'force multipliers', of which electronic warfare is one of the most potent.  The acquisition of EW systems can be traded off against that of expensive platforms to achieve greater defence capabilities within given budgetary and other resource constraints.

In the Asia-Pacific region, Japan is clearly the leader with respect to the acquisition of advanced EW equipment.  All of the major platforms of the JASDF and JMSDF have advanced ESM systems for detecting, identifying and informing counter-measures against electronic threats – such as the J/APR-4A and J/APR-6 radar warning receivers installed on the F-15J and F-4EJ fighters, the NOLR-6C and NOLR-9 ESM systems on the JMSDF's new destroyers, and the ZLR-7 system on the new Oyashio-class submarines.

Cyber-warfare

Asia's emergence as the 'early proving ground' for cyber-warfare is a product of the high level of Internet access – in March 2002, Asia accounted for 22 per cent of the half billion people world-wide connected to the Internet, and was the region with the highest growth rate in connections[127] – and the virulence of inter-State political conflict (especially in Northeast Asia), the insistence by many regimes on the maintenance of tight internal control, and the determination of other States and non-State actors to break this control.  The operational complexities are profound.  They involve both defensive and offensive programs, although the processes of monitoring uncooperative Internet users and instituting anti-hacking countermeasures inevitably blurs the distinction.  Nationally, a plethora of authorities are invariably involved, including intelligence and security agencies, police departments, and telecommunications authorities, often with poor coordination.

Numerous justifications have been articulated for monitoring the Internet.  There are general concerns about e-fraud, pornography, and hacking.  In Singapore in May 1999, it was revealed that Singnet, the country's largest Internet Service Provider (ISP) had over the previous several weeks scanned the computers of its 200,000 subscribers without their knowledge.  The company said it was checking subscribers' accounts for evidence of 'Trojan Horse' viruses.[128]  Many countries in Asia are worried about the Internet's ability to facilitate communication between political dissidents or its use to disseminate uncensored information.  China has promulgated rules prohibiting hacking and dissemination of computer viruses, but also use of the Internet 'to incite unrest, spread rumours or harm the reputation of state institutions' or for publishing information that is 'damaging to the security and stability of Chinese society'.[129]  The terrorist attacks of 11 September 2001 have also prompted wide-ranging initiatives to increase electronic surveillance, including monitoring of electronic financial transactions.[130]  At the same time, several countries have established cyber-warfare agencies whose tasks include destroying or incapacitating the critical information infrastructure of notional adversaries (including their defence C3I systems).

The Web and the Internet provide multifarious entry points for intelligence collection and cyber-warfare operations.  Satellite-borne e-mails and computer-to-computer data traffic, as with telephone conversations and faxes, are intercepted at dedicated SATCOM SIGINT ground stations.  The Echelon system maintained by the UKUSA countries is the most comprehensive and the most sophisticated system, but, as noted earlier, every country is able to intercept satellite communications entering their national gateways.  Access is also obtained through control of or accommodation arrangements with ISPs.  Special equipment for intercepting the proforma data codes used in computer-to-computer exchanges is maintained in Embassies and aboard SIGINT aircraft, as well as on land-based vehicles, and even in private homes, exploiting so-called 'microwave alleys' and the side-lobe emissions of microwave relays.[131]  Massive computers in cyber-warfare agencies, as well as PCs and laptops in some 120 million private homes in Asia, provide ingress to the Web.

About half of the countries that have the strictest controls over Internet usage are in Asia (including Central Asia).[132]  In China, North Korea, Vietnam and Burma, the citizens are forced to subscribe to government-owned or government-controlled ISPs.  Filters are used to block access to Web sites regarded as critical of the government or otherwise unsuitable, and the ISPs report to the government about their subscribers.  In China, where the government has both welcomed IT as a means of developing global economic power but has also erected a 'national firewall' around its Internet capacity, ISPs 'must accept the security supervision, inspection and guidance' of the Public Security Bureau (PSB), and must provide monthly reports on Internet users and their profiles to the PSB.[133]  In Singapore, 'all ISPs are operated by government-controlled or related organizations and reportedly provide information on a regular basis to government agencies'.[134]  In South Korea, the ISPs are mandated to block North Korean Web sites – a practice begun in June 1996, perhaps the first instance of cyber-warfare in the region.[135]

China has the most extensive and most practiced cyber-warfare capabilities, although the technical expertise is poor.  China began to implement an IW plan in 1995, and since 1997 has conducted several exercises in which computer viruses have been used to interrupt military communications and public broadcasting systems.  In April 1997, a 100-member elite corps was set up by the Central Military Commission to devise 'ways of planting disabling computer viruses into American and other Western command and control defence systems'.[136]  In 2000, China established a strategic IW unit (which US observers have called 'Net Force') designed to 'wage combat through computer networks to manipulate enemy information systems spanning spare parts deliveries to fire control and guidance systems'.[137] 

In August 1999, following a spate of cross-Straits attacks against computer networks and official web sites in Taiwan, the Minister for National Defense in Taipei announced that the MND had established a Military Information Warfare Strategy Policy Committee and noted that 'we are able to defend ourselves in an information war'.[138]  In January 2000, the Director of the MND's Communication Electronics and Information Bureau announced that the Military Information Warfare Committee had 'the ability to attack the PRC with 1,000 different computer viruses'.[139]  In August 2000, Taiwan's Hankuang 16 defence exercise included training in cyber-warfare, in which more than 2,000 computer viruses were tested.  Two teams of cyber-warriors used the viruses in simulated attacks on Taiwan's computer networks.[140]  In December 2000, MND's Military Information Warfare Committee was expanded and converted into a battalion-size centre under the direct command of the General Staff HQ, and with responsibilities for network surveillance, defence, and counter-measures.[141]  In its 2002 National Defense Report, released in July 2002, the MND for the first time included discussion of 'electronic and information warfare units'.  It proclaimed Taiwan's commitment to the achievement of 'superiority [over the PRC] in information and electronic warfare', and it ranked EW and IW ahead of air and sea defence in terms of current MND focus.  It specifically cited such threatening developments by the PRC as 'Internet viruses, killer satellites, [and] electromagnetic pulses that could fry computer networks vital to Taiwan's defence and economy'.[142]

Japan has been surprisingly laggard about developing cyber-warfare capabilities.  In April 1999, faced with a growing problem of cyber-crime (involving offences such as computer-based fraud, on-line sales of illegal drugs and transmission of pornography), the National Police Agency set up a 'special unit of cyber-sleuths … who specialise in investigating computer-related crimes and cyber-terrorism'.[143]  Legislation to make hacking illegal was passed in August 1999 and came into effect on 13 February 2000.[144]  A 'specialised anti-hacker task force' was set up on 21 January 2000, but it was quickly shown to be impotent.  Two days later there began an intense spate of attacks on Japanese government Web sites, probably triggered by denials by right-wing Japanese that Japanese troops had massacred Chinese civilians when they seized Nanjing in 1937.  The Web sites of at least 20 government departments were attacked, including those of the JDA and the Foreign Ministry.  On some sites, the hackers posted slogans criticising Japan's war-time acts;  important data was erased from one site.  Twelve of the attacks were routed through ISPs in the PRC, but some had probably also come through ISPs in South Korea, where there is also widespread resentment at Japan's past militarism.[145]

In May 2000, Japan announced plans to establish a Research Institute and an operational unit for fighting cyber-terrorism.  The announcement was prompted by further sporadic hacking attacks.  Some of these involved a 'cyber war between netizens of South Korea and Japan' over Japanese claims to the disputed Tok-do islets.[146]  It also followed revelations in March 2000 that the Aum Shinri Kyo (Supreme Truth) sect, which was responsible for the sarin gas attack in the Tokyo subway in March 1995, had written computer software used by police agencies, which had enabled cult members to obtain secret data on police patrol cars, as well as other software which allowed them access to data on the repairs and inspections of several nuclear power plants.[147]

In July 2000, the JDA's Defense of Japan 2000 acknowledged, for the first time, the threat posed by Information Warfare.  It noted that 'there is a greater possibility that invasion and tampering with computer systems by hackers will affect our life immensely', that 'a new computer security base will be established', that facilities would be developed for operational evaluation of computer security systems and techniques, and that JDA personnel would be dispatched to the US to develop computer security expertise.  It also noted that JDA officials contribute to the 'Action Plan for Building Foundations of Information Systems Protection from Hackers and Other Cyberthreats' by 'studying measures against hackers and cyber-terrorism'.[148]  It was reported in October 2000 that the JDA's 'cyber squad' was developing software capable of launching anti-hacking and anti-virus attacks and of destroying the computers of hackers trying to penetrate Japan's defence networks.[149]

South Korea has evidently also moved to establish a cyber warfare capability.  The number of attacks on South Korean commercial and government Web sites increased markedly during 2000 (partly reflecting the 'cyber war' with Japanese 'netizens').  The South Korean MND and the National Intelligence Service both reported during 2000 that the South Korean armed forces should 'prepare for cyber-warfare in the future from enemy countries' and that they should consider establishing 'specialist units for cyber-warfare'.[150]

Even North Korea, the most backward country in East Asia in IT terms, has reportedly set up a cyber-warfare unit.  Located at the Korea Computer Centre in Pyongyang, it involves an electronic communications monitoring and computer hacking group from the State Security Agency. [151]

In Southeast Asia, Singapore has both the leading IT industries and the most advanced cyber-warfare capabilities.  Singapore's defence hierarchy 'is committed to the development of an offensive cyber-warfare capability'.[152]  The Ministry of Defence and the Singapore Armed Forces initiated a Cyberspace Security Project in the mid-1990s to develop 'countermeasures which respond automatically to attacks on their computer systems'.[153]  A dedicated cyber-warfare unit is thought to have been established within the Ministry of Defence, and methods for inserting computer viruses into other countries' computer networks have been developed.[154]

In Burma, a Cyber Warfare Department was established within the War Office in the early 1990s.  It is equipped with computers obtained from Singapore, which has also provided on-site training.  The department is responsible for processing and analysing intercepted telecommunications, including telephone calls, facsimiles, e-mails and other types of computer exchanges.  It is also responsible for monitoring compliance with Burma's repressive laws about possession and use of computer equipment.[155]

In East Asia, some of the leading practitioners of cyber warfare have been non-government organisations (NGOs) or other non-State actors – political dissidents, human rights activists, and apolitical 'geeks', as well as transnational criminal groups and terrorist organisations.  Individual hackers in mainland China, Taiwan, Japan and South Korea have become especially proficient.  But even the smallest and poorest countries can find their champions in cyberspace.  In East Timor in August 1999, two weeks before the self-determination ballot, computer hackers reportedly prepared 'about a dozen viruses' designed to sabotage Indonesia's banking system in the event that Jakarta rejected a pro-independence vote.[156]

China, which now has more than 22 million Internet users (the third largest number after the US and Japan),[157] has the largest number of active non-governmental cyber-warriors in Asia.  The most sophisticated and notorious group is the banned Falun Gong 'spiritual movement', which organises its activities through e-mails and Web sites, and which has mocked the government with some remarkable hackings.[158]

Its technical prowess was dramatically demonstrated from 23 to 30 June 2002 when Falun Gong sympathisers hacked into the State-owned Sinosat-1 satellite to broadcast Falun Gong messages and scenes of Falun Gong followers exercising.  In previous months, members had hacked into cable-television networks in several Chinese cities, but hijacking a satellite signal is more complicated.  Although several Asian governments have jammed satellite transmissions in the past several years (including China, Burma, India and Indonesia), this is probably the first time that a non-governmental group has interrupted official satellite transmissions and certainly the first time that anyone has actually hijacked a satellite signal.[159]

Other individual Chinese hackers have been motivated by nationalist causes.  The cross-Straits attacks on Taiwanese computers in August 1999, which energised Taiwan's IW activities, were launched by netizens reacting to then-President Lee Tung-hui's statement in June that relations between the PRC and Taiwan should be characterised as 'special State-to-State' relations.  These attacks involved more than 160 penetrations into Taiwanese computer networks.  The hackers even invaded the Web site of the American Institute in Taipei, the unofficial US Embassy (and the location of the NSA's Liaison Office in Taipei), and crashed its server with a bombardment of 45,000 simultaneous e-mails.[160]  The attacks against Japan in January 2000 followed Japanese denials of the Nanjing massacre.[161]  In May 2001, in the aftermath of the EP-3E incident, Chinese hackers attacked 'a few hundred' US Web sites.[162]

South Korean netizens have also demonstrated their proficiency at cyber-warfare in their attacks on Japanese computer systems.  The attacks in May 2000, over the Japanese claim to the Tok-do islets, were followed in March 2001 by another spate, occasioned by the anticipated release of a school history textbook which was reckoned to gloss over atrocities in Korea by Japan's Imperial Army.  These attacks, which involved millions of simultaneous hits on official Web sites, crashed the site of the Japanese Ministry of Education and disrupted several others.[163]

The techniques which have been developed by dissident movements and political activists to breach national Internet regulations have inevitably been utilised in trans-national attacks.  'Anonymous remailers', which strip identifying information from e-mails, can inhibit traffic analysis.  'Cookie cutter' programs prevent ISPs from recording specific information about Internet usage.[164]  The CIA, in what has been reported as opening 'a new front' in [the] information war' between the US and China, has funded the development of such software.[165]  Browsers can be connected to proxy servers outside the home country, which reconnect users to blocked Web sites.  (In the late 1990s, it reportedly took Chinese authorities an average of two months to track down relay servers and block access to them.) [166]  Proxy servers in third countries are used to hide the source of trans-national attacks.  The attacks on Japanese computer networks in January 2000 were transmitted through ISPs in China and South Korea, but some of the latter may have originated in China.  In an 11-day period in May 2001, when Chinese and US netizens engaged in cyber-warfare in the wake of the EP-3E incident, there were 164 cyber attacks on South Korean Web sites, which were being used by both Chinese and American hackers to get into the computer networks in the rival country without revealing their identities.[167]

In addition to prompting efforts to improve the security of national telecommunications and computer infrastructures, the recent increase in non-governmental, trans-national cyber-warfare has also promoted moves for greater international cooperation in network protection.  But the techniques developed by hackers and the vulnerabilities they expose have also served to guide and inform research by the most advanced State cyber-warfare agencies, such as the US NSA and its closest partners.  With their extraordinary resources and institutional expertise, the latest hacking exploits become training exercises.  For the professional cyber-warriors, the task is to collect comprehensive intelligence about adversary computer networks and telecommunications systems, to develop and test 'trojan horses', viruses and worms against them, and to prepare plans for expeditious manipulation or incapacitation of the adversary systems.

SIGINT and crises

The recent developments with respect to SIGINT, EW and cyber-warfare capabilities and activities in Asia are likely, on balance, to be destabilising in crisis situations and detrimental to regional security in general.  SIGINT, ELINT and network-related collection activities are not only increasing, they are also likely to become more intrusive – and more important for the infringed party to take defensive measures against.  Peripheral aircraft flights can inflame tensions.  They are provocative, being visible signs of efforts being made to penetrate the electronic secrets of the targeted country.  Some involve intentional violations of foreign airspace in order to provoke and monitor electronic responses – the changes in radar operating modes and communications frequencies, and in the chains of command and reportage, at higher alert levels.

The intensity of intelligence collection flights in the region will increase, but so too will the risks of neighbourly disputes about them (as occurred between Singapore and Australia because of RSAF technical intelligence collection activities in Australia in 1993-94),[168] as well as more serious crises, such as the confrontation between the US and China occasioned by China's shooting down of the US EP-3 SIGINT aircraft near Hainan Island on 1 April 2001.  (US SIGINT flights along the Chinese coast were resumed in early May 2001, using RC-135 Rivet Joint SIGINT aircraft flying from Okinawa, which fly at higher altitude and greater speed than the EP-3s, and also carry a more sophisticated array of SIGINT equipment).[169]

The intensity of intelligence collection flights in the region could increase by as much as three-fold over the next decade.  Instead of about 40 SIGINT aircraft operating in East Asia, there could well be more than a hundred, including dozens of UAVs.  These are likely to cause substantial air traffic control problems, and to be involved in accidents of various sorts, ranging from navigation failures and crash-landings in the countries under surveillance to collisions with other aircraft.[170]  Countries subject to several SIGINT flights around their borders each day, or continuous surveillance by high-altitude UAVs such as the Global Hawk, will inevitably take counter-actions – shooting them down, in extreme cases, but more commonly developing electronic counter-measures (ECM), generating competitive moves regarding EW capabilities.

Asian defence forces, now having modern weapons systems with significant EW elements, require more comprehensive and up-to-date intelligence about the EOBs in their neighbourhoods and potential areas of operation to use them effectively.  During the Cold War, when the US needed similar information about the Communist bloc, it risked both diplomatic relations and airmen's lives to collect it.  From 1950 to 1969, there were some 28 incidents in which US reconnaissance aircraft were shot down or forced to land by Communist air forces, with some 130 airmen killed and another 100 missing.[171]  Most of these incidents involved SIGINT flights and most of them occurred in East Asia.  In November 1951, for example, a US Navy P-2V Neptune electronic reconnaissance aircraft was shot down by Soviet fighters over the Sea of Japan, with the loss of its 10-man crew.  In January 1953, another P-2V ELINT aircraft was shot down by Chinese fighters over the Formosa (Taiwan) Strait, killing eleven airmen.[172]  In July 1953, 15 airmen were killed when a US Air Force RB-50G 'ferret' aircraft operating out of Yokota was shot down over the Sea of Japan, about 100 miles southeast of Vladivostok.[173]  In August 1956, a US Navy P4M-IQ Mercator SIGINT aircraft from VQ-1 Squadron, with 16 crew, was shot down off the PRC coast.[174]

The most traumatic incident was the shoot-down by North Korea of a US Navy EC-121M Warning Star SIGINT aircraft operating out of Atsugi, with 31 crew (including nine COMINT and ELINT personnel from Kamiseya) over the Sea of Japan on 15 April 1969.[175]  US aerial reconnaissance flights in the region were temporarily halted, but after a few weeks they were resumed under new guidelines – in particular, the closest point of approach (CPA) for flights near North Korea and China was changed from 20 miles to 50 miles.  (The EP-3E involved in the April 2001 incident was 62 miles off the coast of Hainan.)[176]

'Peacetime' EW engagements will become more common.  US and Chinese naval and air forces have been involved in electronic warfare on at least two occasions, both of which led to Chinese communications being paralysed.  In July 1995, during the controversial visit to the US by former Taiwanese President Lee Tung-hui, US fighter aircraft monitoring a large-scale Chinese military exercise in the coastal regions opposite Taiwan had their communications jammed by Chinese aircraft, and 'retaliated by using advanced equipment to counter the [jamming] signals'.[177]  The second occasion was in May 2002, when the USS Kitty Hawk was on 'routine exercises' off the northwest of Okinawa, and the communications between the carrier and one of its jet fighters as well as with an EP-3 SIGINT aircraft over the East China Sea were jammed by signals transmitted from a nearby Chinese warship.  The American aircraft then reportedly 'succeeded in jamming the electronic warfare equipment on board the Chinese vessel as well as [bringing] communications at the Peoples' Liberation Army naval and army bases in the north of Fujian province to a standstill'.[178]

In crisis situations, SIGINT and EW activities can be inflammatory and escalatory.  On the one hand, adversaries will be particularly concerned to protect their electronic secrets – the locations of emergency transmitters, the new communications frequencies and circuits, the alerted air defence system, and the back-up e-networks.  And on the other hand, important aspects of the regional SIGINT and EW capabilities invite attack, encouraging pre-emption.  At the operational level, destruction or degradation of adversary EW capabilities – by destroying, incapacitating, or deceiving the supporting ELINT systems, or by directly jamming the EW systems, or by severing the communications and data links between the ELINT collection systems, EW processing and analysis centres, and operational EW systems – is imperative to achieve control of the electromagnetic spectrum and remove the 'force multiplication' capabilities otherwise available to the adversary.  Many new long-range missile systems, including land-attack cruise missiles, anti-ship missiles, anti-radiation air-to-surface missiles, and some air-to-air missiles require over-the-horizon or beyond-visual-range targeting information, frequently provided by ELINT (as well as radar and electro-optical imaging) systems, the denial of which can greatly degrade the utility of the missiles – although increasing the likelihood of accidents and mistaken target identification.  At the strategic level, the collection systems which provide strategic intelligence to decision-makers as well as operational intelligence to defence commanders, and which are typically vulnerable to both physical and electromagnetic attacks, become high-priority targets in counter-command and control strategies.  And, of course, anticipating this, the adversary is pressed to take pre-emptive actions.  In effect, the vulnerability but vital characteristics of the SIGINT and EW capabilities and cyber-networks combine to produce a reciprocal dynamics which compels pre-emption.

Intelligence cooperation and exchange

Throughout the profound geostrategic changes which attended the end of the Cold War, the dismantlement by the US of much of its world-wide ground-based SIGINT collection network and the consolidation of its assets in East Asia and the western Pacific, the tremendous increase in the SIGINT and EW capabilities of countries in the region, the development of new collection systems and techniques, and the emergence of new areas of interest (including economic intelligence, cyberspace and counter-terrorism), the changes with regard to intelligence cooperation and exchange arrangements in Asia have been quite limited.  The war on terrorism will cause further realignment of international relations, with the US having to form new anti-terrorist coalitions and engage in more extensive intelligence cooperation, but multilateral intelligence relationships are very difficult to forge.

In the SIGINT field, the most remarkable collaborative arrangement involves the signatories to the UKUSA agreement of 1947-48, which more than a decade after the end of the Cold War remains as robust as ever.  This is especially the case in Asia and the Pacific, where, among the first and second parties to the agreement, the US capabilities remain pre-eminent, Canada maintains the AN/FRD-10 station at Masset for monitoring the northern Pacific, Australia provides comprehensive monitoring of parts of Southeast Asia and the southwest Pacific, the UK contributes important residual capabilities, and even New Zealand, which has severed most other defence intelligence connections with the US, has continued to participate.  Three of the ten third parties are in East Asia – Japan, South Korea and Thailand.[179]  In addition, Taiwan and Singapore have cooperative arrangements with the UKUSA principals which are essentially commensurate with third party affiliation.  In Taiwain, there is an NSA Liaison Office in the American Institute in Taipei, and NSA-contracted personnel at the SIGINT/satellite communications complex on Yangminghshan Mountain outside Taipei.[180]  In Singapore, there are reportedly both 'a DSD liaison team' and an NSA liaison office at the SIGINT station at Kranji.[181]

Outside of the UKUSA club, there is a fourth tier of countries with whom the US is now prepared to exchange intelligence concerning the war on terror.  These involve bilateral arrangements and are mainly limited to the provision of ELINT and EW equipment for defence forces engaged in counter-terrorist operations, or to material derived from intercepting telephones, e-mails and computer transactions to regional law enforcement agencies for evidentiary purposes.  The US has lifted its sanctions against India and Pakistan and provided each of them with communications interception equipment, EW equipment, cryptological training and electronic surveillance systems.[182]

Since September 11, measures have been implemented at both bilateral and multilateral levels to increase intelligence exchanges and cooperation between law enforcement agencies.  As Admiral Dennis C. Blair, commander-in-chief of the US Pacific Command (CINCPAC), said in Jakarta on 27 November 2001:  'The exchange of intelligence among countries in the region is unprecedented'.[183]  In February, Australia and Indonesia agreed to increase intelligence cooperation and exchanges between Australian agencies and Indonesia's [National Intelligence body], following the rupture of the intelligence relationship in 1999.[184]  Indonesia and Australia have also begun discussions to improve their extradition processes, as well as to examine other forms of legal cooperation.[185]  In May, Malaysia, the Philippines and Indonesia signed a wide-ranging agreement to increase the sharing of information between their law enforcement agencies to 'boost the fight against terrorism and cross-border crime' (including money-laundering, drug trafficking, hijacking, illegal trafficking of women and children, and piracy).[186]  An increasing proportion of this sort of material is likely to come from intercepted telecommunications and penetrated computer networks.

Conclusions

The use of the electromagnetic spectrum and cyberspace in Asia is now being monitored more extensively than ever before.  The Information Age has generated insatiable appetites for information of all sorts – by decision-makers, defence commanders, security authorities and ordinary citizens, and involving transmission paths and interception techniques which increasingly defy differentiation between foreign and domestic.  And there are increasing possibilities not only for information collection but also for directly connecting intelligence collection systems with weapons systems (as in network-centric warfare) and for attacking vital national information and computer infrastructures (as in cyber-warfare).  In most countries, there will be more intrusive monitoring of domestic telecommunications, Internet usage and computer data, in order to enforce national laws concerning e-crimes (political as well as commercial), and to guard against cyber-terrorism and other possible attacks across cyberspace.  Civil liberties with regard to privacy of electronic communications (including commercial transactions) are being curtailed.[187]

In terms of regional security, the rapid expansion of SIGINT, EW and cyber-warfare activities is likely to exacerbate the prospective emergence of a regional arms race and to promote crisis instability.  SIGINT and EW activities are in different ways primary indicators of the existence of serious threat perceptions and action-reaction dynamics that are characteristic of arms races.  SIGINT collection operations reflect the (albeit secretly) articulated interests and concerns of decision-makers and defence commanders.  ELINT activities are designed to inform the development and operation of ESM, ECM and other EW systems, which require both a comprehensive catalogue of all the electronic emitters in the relevant area of operations and the detailed parameters of specific emitter threats for programming into operational equipment.  Action-reaction dynamics are likely to be evinced in reciprocal iterative modifications to respective EW systems much sooner than in the acquisition of new weapons platforms.  Competitions for 'EW superiority' are already underway.  There are likely to be more tensions induced by inadvertent and deliberate intrusions by aircraft into foreign airspaces and by revelations about penetrations of cyber networks.  In crisis situations, they are provocative but vulnerable and lucrative targets, inviting pre-emption and compelling escalation.

There are key features of the developing IW capabilities – network-centric warfare, involving the real-time fusion of reconnaissance, EW and strike systems; counter-command and control warfare and EW activities, involving the destruction or incapacitation of an adversary's command, control, communications and electronic surveillance systems;  and cyber-warfare, with both global and non-State dimensions – which raise important questions about the utility and practical applicability of possible arms control measures.  Civilians are generally affected by attacks against national information systems more than military forces (many of which are acquiring protective capabilities).  Unfettered popular communications are important for peace-making and peace-keeping.[188]  There are common interests in protecting international telecommunications systems.  Agreements to avoid (peacetime) incidents involving (unarmed) airborne collection systems would be a useful confidence-building measure.  There is an urgent need to address the arms race implications of EW acquisitions.  It is also necessary to develop measures, involving declaratory commitments and modifications to force structures, which might impede or frustrate the escalatory effects of EW activities in crises.  But Asia is not yet ready for serious consideration of such matters.  Rather, the trends are towards both a diminution in civil liberties and destabilisation of regional security.

APPENDIX

Since 1998, in spite that very little has been written about the Bejucal base in Cuba,

 Cuba’s system of international communications surveillance is in full operation. Most of what has  been  written has been  ignored by US and European  authoritities. Bejucal is  an electronic espionage base used by the Cuban military  intelligence to intercept and process international communications passing via communications satellites.

 Other parts of the same system intercept messages from the Internet, from undersea

 cables, from radio transmissions, from secret equipment installed inside embassies, or use orbiting satellites to monitor signals anywhere on the earth's surface.

The world's most secret electronic surveillance system has its main origin in the former Soviet Union Lourdes base in Cuba.. In a deeper sense,  it results from the invention of radio and the fundamental nature of telecommunications. The creation of radio permitted governments and other communicators to pass messages to receivers over transcontinental distances. But there was a penalty - anyone else could listen in. Previously, written messages were physically secure (unless the courier carrying them was ambushed, or a spy compromised communications). The invention of radio thus created a new importance for cryptography, the art and science of making secret codes. It also led to the business of signals intelligence, now an industrial scale activity.

Dozens oof advanced nations use sigint as a key source of intelligence. Even smaller European nations such as Denmark, the Netherlands or Switzerland have recently constructed small, stations to obtain and process intelligence by eavesdropping on civil satellite communications.

All of them are smaller than Cuba’s Bejucal, and none of them are so close to the   United    States.

Everything produced in the Bejucal sigint base is marked by hundreds of special codewords that "compartmentalize" knowledge of intercepted communications and the systems used to intercept them.

The scale and significance of the global surveillance system has been transformed since 1980. The arrival of low cost wideband international communications has created a wired world. But fewpeople are aware that the first global wide area network (WAN) was not the internet, but the international network connecting sigint stations and processing centers.

By the early 1970s, the laborious process of scanning paper printouts for names or terms appearing on the "watch lists" had begun to be replaced by automated computer systems. These computers performed a task essentially similar to the search engines of the internet. Prompted with a word, phrase or combination of words, they  will identify all messages containing the desired words or phrases.

Their job, now performed on a huge scale, is to match the "key words" or phrases of interest to intelligence agencies to the huge volume of international communications, to extract them and pass them to where they are wanted. During the 1980s, the NSA developed a "fast data finder" microprocessor that was optimally designed for this purpose. It was later commercially marketed, with claims that it "the most comprehensive character-string comparison functions of any text retrieval system in the world". A single unit could work with:

*trillions of bytes of textual archive and thousands of online users, or gigabytes of live data stream per day that are filtered against tens of thousands of complex interest profiles.

Although different systems are in use, the key computer system at the heart of a modern sigint station's processing operations is the  "Dictionary".    Bejucal and Lourdes contain a  Dictionary. Portable versions are even available, and  can be loaded into briefcase-sized units known as "Oratory" 10 . The Dictionary computers scan communications input to them, and extract for reporting and further analysis those that match the profiles of interest. In one sense, the main function of Dictionary computers are to throw most intercepted information away.

The "common” automated processing equipment (ADPE) in the Bejucaland Lourdes bases include the following elements:

Local management subsystem
Remote management subsystem
Radio frequency distribution
Communications handling subsystem
Telegraphy message processing subsystem
Frequency division multiplex telegraphy processing subsystem
Time division multiplex telegraphy processing subsystem
Voice processing subsystem
Voice collection module
Facsimile processing subsystem
[Voice] Tape Production Facility
Software systems to load and update the Dictionary databases.

There are 10 satellite antennas at Bejucal .  

New methods which have been developed during the 1990s  available to  recognize the "topics" of phone calls, and allow to automate the  processing of the content of telephone messages  Under the rubric of "information warfare", the sigint bases also hope to overcome the ever more extensive use of encryption by direct nterference with and attacks on targeted computers. These methods include information stealing viruses, software audio, video, and data bugs, and pre-emptive tampering with  software or hardware ("trapdoors").  

Satellites

Satellite communications provide the relaying of data, telephone, transoceanic and national TV signals. Most communication satellites are placed in geostationary orbit (GEO), located at 22,300 miles above the equator. The most used frequencies for these satellites are: 6GHz uplink, 4GHZ downlink, or 14 GHZ uplink and 12 GHZ downlink. Each satellite has a number of transponders aboard to amplify the received signal from the uplink and to down convert the signal for transmission on the down link. Most transponders are designed for bandwidth of 36, 54, or 72 MHZ.

China has converted an ICBM base at Taiyuan, southwest of Beijing, into a satellite- launching center. China is only the third country in the world to operate recoverable satellites, which can bring photographic film and experimental specimens back to earth.

The first satellite to be launched on Earth in the 21st century was a test of the Shenzhou-2 unmanned spaceship on January 9, 2001. China has launched 10 space vehicles since January 2001 up to date. This is twice the annual rate of the 1990s.

Bejucal antennas

Bejucal view

One Bejucal antenna

On 1991 Cuba formed a group, under the Military Intelligence Directorate of the Armed Forces. The group was charged to obtain information to develop computer viruses. The project was under the military authority of Major Guillermo Bello, and his wife Colonel Sara María Jordan. The civilian authorities were the engineers Sergio Suárez, Amado García, and José Luis Presmanes Cuba’s main centers are: the Lourdes base, under Russian authorities; the Bejucal base, under Cuban authorities; the Paseo complex, between 11th and 13th streets; the Jaruco complex; the Wajay complex. There are several research and development Centers at universities and Institutes, as well as centers in Santiago de Cuba and Güines. Cuba has done extensive studies on electromagnetic radiation weapons. These are weapons capable of destroying microelectronic equipment from a two miles distance radius.

There are several areas under cyberterrorism, all of which Cuba has the capacity and the technology to produce. We have: electronic eavesdropping or espionage; computer network intrusion, in the form of viruses; computer networks intrusion to change, alter, or read files; destruction of computer and electronic equipment through electromagnetic radiation Cuba has obtained from PRC several HPC-high performance computers-which can be used for military research and development in the areas of biowarfare and cyberwarfare. Since 1998, Cuba has being working very closely with the PRC in these areas, as well as in the biowarfare area.

WHAT CAN BE DONE FROM THE BEJUCAL BASE BESIDES ELECTRONIC ESPIONAGE?

From the Bejucal base in Cuba, besides the listening to telecommunication channels in the United States, they can also produce attacks on the security of the United States’ computer systems or networks. The general categories of attack are: Interruption: An asset of the system is destroyed or becomes unavailable or unusable. This is referred to as an attack on availability. Examples include destruction of a piece of hardware, such as a hard disk, the cutting of a communication line, or the disabling of the file management system. .

Interception: They get access to an asset. This is referred to as an attack on confidentiality. Example is the unauthorized copying of files or programs.

Modification: The attacker tampers with an asset. This is referred to as an attack on integrity. Examples include changing values in a data file altering a program so that it performs differently, and modifying the content of messages being transmitted in a network Fabrication: The attacker inserts counterfeit objects into the system. This is referred to as an attack on authenticity. Examples include the insertion of spurious messages in a network or the addition of records to a file.

CATEGORIES OF ATTACKS A useful categorization of these attacks is in terms of passive attacks and active attacks. Passive attacks are in the nature of monitoring of transmissions. The goal of the attacker is to obtain information that is being transmitted.

Two types of passive attacks are(1) release of message content;(2) traffic analysis. A release of message content is easily understood. A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information. The second passive attack, traffic analysis, is more subtle. Suppose that we had a way of masking the contents of a message or other information traffic so that Cuba, even if they capture the information, could not extract the real information because of the use of encryption. The attacker could after a period of time extract the information and messages, defeating the encryption process.

The second major category of attack is active attacks. These attacks involve some modification of the data stream or the creation of a false stream. It can be subdivided into four categories: masquerade, replay, modification of message, denial of service. A masquerade takes place when the attacker, under certain entity, pretends to be a different entity, and therefore enabling an authorized entity to obtain extra privileges. Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.

Modification of service simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect. The denial of service prevents or inhibits the normal use or management of communications facilities. This is a very important and serious possible attack. It could disrupt an entire network, either by disabling the network or by overloading it with messages so as to degrade performance.

The attacker could target airports, financial centers, power companies, dams control centers, etc. It is quite difficult to prevent active attacks. The goal is to detect them and to recover from any disruption or delays caused by them.

INTRUDERS There are three classes of intruders: Masquerader: the intruder is not authorized to use the computer and penetrates a system’s access controls to get inside. This can be done from the Bejucal base Misfeasor: A legitimate user who access data, programs, or resources for which is not authorized. This can be done by an insider, not from the Bejucal base Clandestine: the intruder seizes supervisory control of the system. Can be done from inside or from the Bejucal base The objective of the intruder is to gain access to a system or to increase the range of privileges accessible on a system. The intruder must acquired information that should have been protected. In most cases, this information is in the form of a password. The password file can be protected by one way encryption or by limiting the access control to the file.

What are the most common techniques used so far to try to break into a system? Try words on the system’s online dictionary Collect information about the users. Full names, spouses’ names, children’s names, pictures in their offices, books in their offices, etc (Here the operating personnel in Bejucal needs inside information) Users’ phone numbers, social security numbers, room numbers, license plate numbers, etc (inside information is also needed) Use a Trojan horse Tap the line between a remote user and the host system

Network security has assumed increasing importance. Individuals, corporations, government agencies, must heighten their awareness to protect data and messages, and to protect systems from network-based attacks. The disciplines of cryptography and network security have matured, leading to the development of practical, readily available applications to enforce network security.

Cuba has surprising talent and experience in the areas of electronics computers, computer software, and data processing. The country benefited from its association with the former Soviet Union, and some European countries, which turned out many skilled electrical and computer engineers, information technology specialists, and computer scientists.

 A well known  Irish expert has said that the Cuban information-technology industry matches that of the Republic of Ireland, which has been particularly successful in persuading a range of information technology companies to establish their European base in Cuba.

One of the most advanced areas of the electronics industry in Cuba, and the best in Latin America, is the production of biomedical instrumentation and equipment. The Central Institute for Digital Research(ICID)in collaboration with the CIGB has developed very high technology biomedical equipment, among them the Cardiocid-M, an electrocardiographic system for diagnosing cardiovascular system diseases; the Neorocid, an electromyographic and electro-neurographic system for diagnosing peripheric nervous system diseases, and various applications for state-of-the-art genetic engineering research.

Since 1991, there has been a surplus of electrical and computer engineers in Cuba due to the closing of many industries. Many of these engineers changed their lines of work and expertise to the areas of telecommunications, computers, information technology, networking, data processing. They now work at special Centers created by the government, such as: the Bejucal base, the Wajay complex, the Paseo complex, and the several computational research centers created since 1993 at several Universities and Institutes. A large group has specialized at China, Russia, Vietnam, France, and Germany. Most recently in Holland, Sweden, and Austria.

 In 1991 a highly restricted project was undertaken by a group within the Military Intelligence Directorate of Cuba’s Ministry of the Armed Forces. The group initially was instructed to obtain information to develop computer virus to infect United States civilian computers. The group spent about $50,000 to buy open-source data on computer networks, computer viruses, SATCOM  and related communications technology. These efforts have continued at a much larger scale.

Cuba has the technology and the capacity to produce a new kind of cyberweapon, the Transient Electromagnetic Devices(TEDs). TEDs generate a spike-like pulse that is only one or two hundred picoseconds in length at very high power. TEDs are very small, cheap, use low power, and relatively easy to build. They can be built using spark-gap switches, automobile ignition parts, fuel pumps, and other relative inexpensive components.TEDs can burn out a broad range of electronic devices, with effects that are similar to a lightning strike. The compact devices fit in a briefcase.

Cuba has acquired the capacity to conduct cyberterrorism. Cuba represents a serious threat to the security of the United States in the cyberwarfare phase of terrorism. This threat has increased enormously since 1999 with the cooperation between Cuba and the PRC