[FREE ACCESS] Modern-Day Weapons of Espionage | Intelligence Explainer
Ujasusi Blog Originals | Intelligence Explainers
The spy trade has changed. Gone are the days when espionage meant primarily recruiting human sources, photographing documents with miniature cameras, or planting listening devices in embassy walls. Today’s intelligence officers wield tools that would astonish their Cold War predecessors: software that invisibly takes over mobile phones, cameras that recognise faces in massive crowds, satellites that photograph entire cities in high resolution, and computer programmes that automatically sift through millions of messages to find the one conversation that matters.
This explainer examines the primary tools reshaping modern espionage, how they work in practice, and why they’ve become essential to intelligence operations worldwide.
I. Mobile Phone Spyware: Pegasus and the Silent Takeover
What It Does
Imagine someone gaining complete control of your smartphone—reading every message, listening to calls, accessing your camera and microphone, tracking your location—without you ever knowing. That’s exactly what modern commercial spyware does.
Once installed, Pegasus intercepts messages, emails, and passwords whilst remaining invisible to antivirus software. The target doesn’t need to click a suspicious link or download anything. The spyware works on most smartphones and requires no user action to install.
How It Spreads
NSO Group, the Israeli company behind Pegasus, developed exploits targeting WhatsApp to deliver the spyware. The company created multiple infection methods with code names like Heaven, Eden, and Erised. When one method stopped working, they developed new ones.
The spyware uses up to 500 domain names and DNS servers, making it extremely difficult to detect or block.
Who Uses It and Against Whom
NSO Group employs almost 500 people and markets its technology to governments as tools for combating terror and crime. Pegasus is classified as a weapon by Israel, requiring government approval for any export.
But the reality often differs from the marketing. Over 80 journalists documented that some 50,000 phone numbers appeared on a list of hackable targets deemed interesting to various governments. The spyware tracked Jamal Khashoggi before his murder, and political activists in Rwanda have also been targeted.
The Business Model
Court documents revealed a stunning detail about how Pegasus actually operates. Customers place orders for a target device’s data, and NSO controls every aspect of the data retrieval and delivery process. In other words, NSO doesn’t just sell the software—the company operates it.
This revelation proved costly. In December 2024, NSO Group was ruled liable for hacking 1,400 WhatsApp users’ devices. In May 2025, Meta won $167.3 million in punitive damages.
II. Facial Recognition: Finding Anyone in the Crowd
How the Technology Works
Modern facial recognition systems measure 68 data points, such as eye corners, nose bridge, and jaw contours to create a detailed faceprint. Think of it like a fingerprint, but for your face. The system then compares this faceprint against databases of known faces.
The technology operates in two modes: verification confirms “Is this the same person?” whilst identification answers “Who is this person among thousands or millions?”
Real-World Deployment
The scale of deployment is staggering. London’s police apprehended over 500 suspects in 2024 using facial recognition. By 2023, 97 per cent of global airports had implemented the technology.
In the United States, the Department of Homeland Security uses biometrics for border security, immigration benefits, vetting, and visa verification.
The Intelligence Application
For intelligence services, facial recognition solves a fundamental problem: identifying persons of interest in public spaces without physical surveillance teams. Modern AI surveillance tools scan thousands of faces in seconds, pinpointing persons of interest.
The FBI and U.S. Marshals Service use facial recognition primarily to generate leads in criminal investigations and locate known subjects.
Accuracy and Bias Concerns
Not all facial recognition systems perform equally across demographics. Systems trained on non-diverse datasets may perform poorly, potentially leading to false positives or negatives. To address this, DHS tested with hundreds of volunteers through its Maryland Test Facility.
III. Satellite Surveillance: Eyes in the Sky
The Collection Infrastructure
Satellites provide intelligence agencies with a god’s-eye view of the planet. Drones and satellites use onboard sensors to capture high-resolution imagery and facilitate extensive surveillance over large areas. Unlike aircraft or drones, satellites operate beyond any nation’s airspace, making them legally untouchable.
The volume of satellite data is exploding. The intelligence community will experience a tripling of GEOINT data over the next 5-10 years as government and commercial satellite programmes reach full operational capability.
How Intelligence Agencies Use Satellite Imagery
The National Geospatial-Intelligence Agency manages America’s satellite intelligence collection and analysis. In 2024 alone, NGA delivered 325 million images to government missions through its Global Enhanced GEOINT Delivery service, which has over 400,000 users.
Analysts use the GIMS tool to acquire archived imagery or task satellites for new photographs from the National Reconnaissance Office and commercial assets.
AI Analysis: Finding Needles in Haystacks
Human analysts cannot possibly review millions of satellite images manually. That’s where artificial intelligence enters the picture. NGA Maven produces computer vision detections for warfighter requirements, has generated millions of data labels, and feeds detections into multiple platforms as part of a unified AI network.
The system works by training AI models to recognise specific objects, vehicles, buildings, or activities. An algorithm can scan thousands of images and flag only those containing items of interest, allowing human analysts to focus their expertise where it matters most.
IV. Artificial Intelligence: The Intelligence Multiplier
What AI Does for Espionage
Artificial intelligence has become the central nervous system of modern intelligence operations. The technology manages vast data generated by modern sensor technologies and assists in extracting insights that would overwhelm human analysts.
The National Security Agency uses AI to gather information on foreign governments, augment human language processing, comb through networks for cybersecurity threats, and monitor its own analysts.
AI in Human Intelligence Operations
Even traditional spy recruitment has gone digital. AI and machine learning enhance HUMINT by identifying potential sources, constructing digital patterns of life for prospective recruitment targets, and evaluating the digital threat landscape through which intelligence officers must move.
The Enemy Uses AI Too
AI isn’t exclusive to Western intelligence agencies. China-linked operations surged 150 per cent in 2024, with attacks targeting financial services, media, manufacturing, and industrial sectors increasing by 200 to 300 per cent.
Adversaries use generative AI to supercharge insider threats and social engineering, creating fictitious profiles, AI-generated emails and websites. Perhaps most concerning, voice phishing attacks increased 442 per cent in 2024.
The “Five Mores” Phenomenon
A Stanford researcher studying AI’s impact on intelligence identified the “Five Mores”—more threats, more types of actors who can threaten across vast distances, more sources of intelligence, more data to process, and more speed required.
The implication is stark: in cyberspace, anyone can threaten across borders without firing a shot because good and bad neighbourhoods are all connected online, with no oceans or mountain ranges providing protection.
V. Quantum Computing: Breaking Unbreakable Codes
The Threat to Current Encryption
Quantum computers represent a fundamental threat to digital security. Most public-key algorithms rely on mathematical problems that could be easily solved on a sufficiently powerful quantum computer running Shor’s algorithm. In plain language, the encryption protecting state secrets, banking transactions, and secure communications could become worthless.
The timeline for this threat remains uncertain, but intelligence agencies aren’t waiting. They’re preparing for “harvest now, decrypt later” scenarios where adversaries collect encrypted communications today for decryption once quantum computers become operational.
Post-Quantum Cryptography: The Defence
In August 2024, NIST finalised three PQC Standards built on algorithms designed to resist quantum computer attacks. These new algorithms work like current encryption but use maths problems too difficult for even quantum computers to solve.
The transition won’t be quick. New cryptography takes 20 years or more to be fully deployed across National Security Systems, with equipment often used for decades, and national security information requiring protection for many decades.
Recognising this challenge, National Security Memorandum 10 ordered the entire U.S. government to upgrade its communication systems to post-quantum cryptography by 2035.
China’s Quantum Strategy
Whilst the United States focuses on post-quantum cryptography, China has pursued an alternative approach. The country has deployed a national QKD network consisting of 2,000 kilometres of fibre optic cable and two communication satellites, which it uses to encrypt communications with Russia and South Africa.
Quantum key distribution uses physics rather than mathematics to protect information, requiring physical replacement of communication hardware, making it more expensive than post-quantum cryptography.
VI. Cyber Espionage Tools: The Digital Burglars
How Modern Cyber Espionage Works
Today’s cyber espionage operations combine sophisticated malware with patient, methodical infiltration. China-based threat groups targeting Southeast Asia use living-off-the-land techniques, deploying reverse proxy programmes, asset discovery tools, keyloggers, and password stealers.
One particularly effective tool is PlugX, a remote access trojan used by several Chinese hacking groups that allows threat actors to install customised files acting as authentication filters to intercept login credentials.
Living Off the Land
Modern cyber espionage increasingly uses “living off the land” techniques—exploiting legitimate system tools already present on target networks rather than introducing suspicious foreign software. This approach makes detection far more difficult since the activity blends in with normal system operations.
The Scale of State-Sponsored Hacking
The scope of state-sponsored cyber espionage is breathtaking. In 2024, the U.S. Department of Justice indicted seven Chinese nationals for a 14-year conspiracy to target journalists, political officials, and companies to repress critics, compromise government institutions, and steal trade secrets.
VII. Human Intelligence: The Irreplaceable Weapon
Why Humans Still Matter
For all the technological sophistication examined in this explainer, the most valuable weapon in espionage remains decidedly analogue: a human being with access, motivation, and willingness to betray secrets. Satellites can photograph military installations, AI can process millions of intercepts, facial recognition can identify individuals in crowds—but none of these technologies can tell you what a foreign leader is thinking, what decision a cabinet will make tomorrow, or whether a weapons programme is real or a bluff.
That requires a human source. Human intelligence remains important because satellites cannot capture intentions. Technology can count the number of trucks on a bridge, but only a human can explain what those trucks mean.
What Intelligence Officers Do
Intelligence officers are the unseen architects of espionage operations. Their work involves identifying individuals with access to valuable information, assessing their vulnerabilities and motivations, making contact under false pretences, building trust over months or years, and eventually recruiting them as sources. This process, known as the intelligence cycle, remains fundamentally unchanged since the Cold War.
HUMINT encompasses various methods, including interviews, debriefings, observation, and recruitment of informants. The art lies in understanding human psychology: what makes someone willing to commit treason? Financial pressure? Ideological conviction? Revenge against their own government? Personal ego? A skilled case officer identifies and exploits these motivations.
How Recruitment Works
Recruiting a spy typically follows a pattern intelligence professionals call MICE: Money, Ideology, Compromise (or Coercion), and Ego. An intelligence officer might spend years cultivating a relationship with a target before ever making a recruitment pitch. They meet “accidentally” at conferences, strike up conversations, establish common interests, build trust, and gradually steer the relationship toward intelligence collection.
The recruitment of informants remains a significant part of HUMINT, with agents developing relationships with locals who have access to valuable information through financial incentives, ideological alignment, or even coercion, depending on the circumstances and motivations of the informant.
The Insider Threat
Here’s a sobering reality: despite billions spent on cybersecurity and counter-intelligence, 85 per cent of espionage cases involve insiders. The most sophisticated firewall means nothing when someone with authorised access simply walks out with classified documents or emails them to a foreign intelligence service.
This insider threat manifests across all sectors. Government employees sell classified information. Corporate executives hand over trade secrets to competitors. Scientists share research with foreign governments. Technology eliminates neither the opportunity nor the temptation to betray. In many ways, it amplifies both: employees can now exfiltrate terabytes of data on a thumb drive that fits in their pocket.
Technology Supports, Doesn’t Replace, Human Intelligence
The relationship between technology and human intelligence isn’t competitive—it’s complementary. AI enhances HUMINT by identifying potential intelligence sources, constructing digital patterns of life for prospective recruitment targets, and evaluating the digital threat landscape through which intelligence officers must move.
Modern case officers use technology extensively. They research potential sources on social media, use encrypted communications for operational security, employ AI to identify individuals with access to desired information, and leverage technical surveillance to verify a source’s claims. But the essential transaction—one human convincing another to commit espionage—remains irreducibly human.
Why Human Sources Are Irreplaceable
Consider what human sources provide that technology cannot:
Intent and Decision-Making: A satellite can show troops massing at a border. Only a source in the government can reveal whether those troops will actually invade or if they’re positioned for leverage in negotiations.
Access to Closed Systems: No cyber tool can penetrate an air-gapped computer system in a secure facility. But a human with authorised access can photograph documents with a mobile phone.
Early Warning: Technical collection might detect preparations for an attack. A human source can warn of the attack before preparations even begin, when it’s still just a decision in someone’s mind.
Context and Nuance: Intercepts and documents provide facts. Human sources provide the context, the backstory, the political dynamics, and the personalities that make those facts meaningful.
Deniability: When a government needs to send a message to an adversary without official channels, a human intelligence officer can do so with plausible deniability. Satellites and cyber operations leave digital fingerprints.
The Risks Humans Face
Unlike satellites that orbit safely above conflict zones or cyber tools that operate remotely, intelligence officers and their sources face mortal danger. Captured spies face execution in many countries. Sources who are exposed often disappear into prisons or worse.
For sources, the risk is even greater. They live double lives, constantly aware that discovery means death or imprisonment. They meet handlers at great personal risk, photograph documents in secure facilities, memorise information they cannot write down, and live with the knowledge that one mistake could end their lives.
VIII. Drones and Unmanned Systems: Persistent Surveillance
The Drone Advantage
Drones have emerged as pivotal tools in modern espionage, providing intelligence agencies with the capability to gather real-time data without direct human involvement, significantly enhancing operational efficiency. They can loiter over areas of interest for hours, conducting surveillance that would require dozens of human personnel.
Modern drones capture high-resolution imagery and conduct extensive surveillance over large areas, monitoring enemy movements, assessing terrain, and gathering information during conflicts. Unlike satellites that pass overhead at fixed intervals, drones can maintain continuous observation of targets.
IX. What This Means for Intelligence and Security
The Transformation of Tradecraft
The Belfer Centre determined that AI transforms intelligence in the same way aircraft and nuclear weapons transformed modern warfare, creating a world of AI hegemons analogous to the nuclear powers of the twentieth century. The intelligence community isn’t just adopting new tools—it’s undergoing a fundamental restructuring of how it collects, analyses, and disseminates intelligence.
Yet amidst this technological transformation, the fundamentals of espionage endure. Intelligence agencies still need humans to access closed societies, still need case officers to recruit and handle sources, still need analysts to provide context that machines cannot generate. The tools have changed; the mission hasn’t.
The Proliferation Challenge
Perhaps the most concerning trend is the proliferation of sophisticated espionage tools beyond traditional intelligence agencies. Commercial spyware spreads to authoritarian regimes, enabling surveillance of dissidents, journalists, and human rights activists an industrial scale.
Final Assessment
The weapons of modern espionage represent a convergence of artificial intelligence, quantum computing, biometric systems, satellite networks, commercial spyware, advanced cyber tools—and, crucially, skilled intelligence officers directing human sources. Technology amplifies what spies can do, but it doesn’t replace the fundamental human element that makes espionage possible.
A satellite can photograph a nuclear facility, but it takes a human source to reveal that the facility is a façade. Facial recognition can identify a target in a crowd, but it takes an intelligence officer to recruit that target as an asset. AI can process millions of communications, but it takes a human analyst to understand what they mean. Spyware can steal data from a smartphone, but it takes a case officer to convince someone to install it willingly.
For intelligence services worldwide, these instruments—both technical and human—have become essential to national security operations. For citizens, journalists, activists, and political figures, they represent unprecedented surveillance capabilities that can be—and frequently are—abused. Understanding these tools is no longer optional for anyone working in intelligence, security, or governance.
The technologies and techniques examined in this explainer are already deployed, already operational, and already reshaping the global intelligence landscape. But behind every satellite image, every intercepted communication, every facial recognition match, and every data breach, there remains an irreplaceable element: a human intelligence officer making decisions, assessing risks, and running operations that no machine can replicate.
The question is no longer whether these tools will be used, but how nations, organisations, and individuals will respond to their proliferation and deployment—and whether we’ll remember that in the age of artificial intelligence, human intelligence remains paramount.
Please consider becoming a paid subscriber
You can also donate.