Hybrid Threats 101 - Conceptual and Historical Context

Hybrid threats collectively constitute a relatively new concept, their practice, however, is not so recent. At the same time, their definition, categorisation, and historical context remain relatively elusive, even as their use, and therefore the necessity of countering them effectively, increases. In this introductory article to the series ‘Hybrid Threats in the 21st Century’, we aim to set the foundation by tackling these exact questions.

The Concept of Hybrid Threats

Hybrid warfare was defined by Hoffman for the first time as a method of conflict that combines both traditional and non-traditional tactics, including irregular formations, terrorism, and criminal activity, used by both state and non-state actors to achieve political goals. The primary objective is to disrupt the target nation through a blend of tactics, rather than to progress through traditional phases of warfare. Hybrid warfare presents a complex challenge for defence planning in the modern era, as it challenges conventional notions of warfighting, by erasing the boundaries between what is war and what is not. Ambiguous and unpredictable in nature, it securitizes every aspect of politics and society as everything is susceptible to becoming a threat to states.

Definitions by different international organisations

NATO defines hybrid threats as a combination of  “military and non-military as well as covert and overt means, including disinformation, cyberattacks, economic pressure, deployment of irregular armed groups, and use of regular forces.” According to the Alliance, “hybrid methods are used to blur the lines between war and peace, and attempt to sow doubt in the minds of target populations.” The EU recognises the diversity of definitions of hybrid threats as well as the evolving nature of these threats and defines the concept in a similar fashion as NATO, as “the mixture of coercive and subversive activity, conventional and unconventional methods (i.e. diplomatic, military, economic, technological), which can be used in a coordinated manner by state or non-state actors to achieve specific objectives while remaining below the threshold of formally declared warfare.” 

As encompassing as the concept of hybrid threats is, the UN does not have a formal definition of the concept due to the differing views of all Member States, which poses a problem in building consensus around the term and the steps that need to be taken to combat these threats. Similarly, the OSCE does not have a formal definition as such, but its Member States have discussed the issue in several meetings with the Secretariat, showing a common concern to counter them.

Types and categories

Hybrid threats take many forms, and the types and categories delineated below form a list that is by no means exhaustive. Their irregular and blurry nature, in fact, may contribute to the notion that even categorisation as such can remain elusive. Nevertheless, we attempt to describe and briefly evaluate some of the more common ones below.

Grey zones

Grey zones are operations between war and peace; in some circles, “military operations other than war”. These may range from election interference to the use of ambiguous forces. The broad scope of action that can be considered as a part of grey zone operations poses a two-fold problem: (1) there is difficulty in determining which operations are taking place in the grey zone, i.e. the definition problem; and (2) another difficulty lies in establishing criteria of prioritisation for countering threats in the grey zone.

Due to their shadow nature, the principal use of grey zone operations tends to be attributed to non-democratic states such as China and Russia, although, with the diffusion of digital technology, these tactics are available to any state and non-state actor. Nevertheless, democratic states are generally considered at greater risk due to their open and transparent system of governance. This furthermore extends to businesses based in democratic states, who may be the direct target through economic pressure, or be indirectly affected by quasi-military activities or fluctuating and polarised public opinion. At the same time, freedom of speech and cooperation can be leveraged as key tools for exposing threats from grey zone activities.

Economic pressure

Economic coercion and pressure are threats targeting the economic and business activities of a state, including tactics such as debt dependency, intellectual property theft, forced technology transfers and punitive trade disruption. As a result of unfair trade practices by China, for example, and the narrowing of the global free trade space, countries like the United States have increasingly resorted to retaliation measures in the form of sanctions and tariff imposition. 

Although it is unclear to what extent economic coercion helps states achieve their geopolitical goals or greater influence, it is clear that economic issues are increasingly understood as political and security issues as well. The implications for states and businesses alike need to be taken seriously. For all the dismissal of sanctions as ineffective, economic coercive measures and counter-measures are evolving towards more specific targeting, putting the pressure directly on businesses, their representatives, and individuals connected to the state rather than states as a whole. Furthermore, with a globalised and interconnected economy, the potential for secondary and tertiary impact remains high.

Cybersecurity

Cybersecurity is the practice of safeguarding computer systems, networks, and sensitive information from unauthorised access, theft, damage, or disruption. Governing cybersecurity is challenging due to the constantly evolving nature of cyber threats, the difficulty in attributing attacks to specific actors, and the absence of international norms and agreements on cyber warfare.

Cyberspace operates differently from the physical world due to the lack of physical boundaries. In cyberspace, information can be copied and disseminated instantly, and digital assets can be accessed and transferred without the need for physical presence or travel. This opens the door to attacks from anywhere in the world, with a lack of transparency and accountability. Cyberspace is also a relatively new domain of governance, and the existing legal frameworks, such as the Tallinn Manual, need to be updated accordingly. This legal uncertainty creates gaps and inconsistencies in the regulation of cyberspace and its treatment as a security issue.

Cybersecurity is an essential and cross-cutting component of hybrid warfare, as cyber-attacks can disrupt communications, steal sensitive information, and cause physical damage to infrastructure. This is directly linked to other hybrid threats such as critical infrastructure protection, management of dual-use technologies for Artificial Intelligence (AI) or strategies against disinformation: they require an adequate cybersecurity framework.

Disinformation and election interference

Disinformation, which can be defined as the deliberate dissemination of false or misleading information to deceive people, is a major security threat because it can manipulate public opinion, destabilise governments, undermine trust in international norms, and institutions, and incite violence. It can be used to interfere in elections and justify acts of aggression and even war crimes. Disinformation can achieve strategic objectives without resorting to direct military action, making it a cost-effective and low-risk tool for state and non-state actors. 

The subjective nature of information and perception, along with the horizontal and democratised nature of social media makes disinformation a risky matter to address. While censorship may appear to some as the easiest way to counter disinformation, it highly undermines the legitimacy of a state, as it raises complex ethical questions and debates, such as the lack of freedom of expression or media plurality, and the respect for civil rights and freedoms.

Psychological warfare

Psychological warfare is by no means a new tactic, however, its use as a hybrid threat has greatly evolved since its employment in historical conflicts such as WWII. In theory, psychological warfare constitutes operations targeting morale, exploiting the fears, dispositions and emotions of enemy troops and the wider population. In practice, however, the lines are blurred between what constitutes psychological warfare, information operations, or foreign influence operations more broadly. The uniqueness of psychological warfare is that it is designed to target deeper feelings and processes outside of perception, many of which are difficult, if not impossible to control. Its use is not restricted to a time of war, however, and psychological operations can be used to intimidate adversaries and delay or deter military action. Modern-day use of technology, and especially the psychological impact of social media algorithms, has also expanded its potential reach beyond its traditional boundaries.

Energy

Using energy as a coercive measure is often construed as a subset practice of economic coercion, however, as recent events in Europe have demonstrated, the manipulation of energy resources has the potential to cause damage in more than one way. The reliance of a number of basic human needs on energy is only increasing, making energy a potent instrument of war and peace. Furthermore, the scarcity of resources has been discussed as a security issue long before energy specifically emerged as their frontrunner. Another challenge facing the reality of scarce energy resources is the exacerbation of such needs by climate change.

At the same time, energy as a hybrid threat faces serious shortcomings, namely traditional supply and demand calculations, sourcing of secondary material, and crucially, the availability of energy transport infrastructure. Confronting these aspects is thus a key stepping stone for states, businesses, and other non-state actors to guard against energy exploitation. In other words, with the right tools and policies, the cause of mitigating this hybrid threat remains at least partially hopeful.

Transport and supply chains

Supply chains are key to the functioning of economies and national security, as the US-China trade war currently demonstrates. Governments can leverage their control over supply chains to achieve objectives such as promoting domestic industries, protecting national security or exerting political influence through tactics such as export controls, investment restrictions or favouring domestic companies.

Supply chains are vulnerable to hybrid threats because they rely on the fragmentation of production and manufacturing processes across different states. The comparative gains from diversification and fragmentation of supply chains also open the door to dependency and vulnerability, as states and non-state actors often use supply chains and their facilities to disrupt other states, organisations and private entities.

Supply chain disruptions often target critical infrastructures, such as maritime trade routes, airports, air traffic, power plants, energy transmitters, and cyber infrastructures. Sustained supply shortages can have a significant impact on the economy and stability of states, leading to major disruptions in public security and a lack of long-term access to commodities, as seen in the crisis that erupted following the loss of agricultural exports since Russia’s invasion of Ukraine. 

Critical infrastructure

The term “critical infrastructure” refers to those assets, systems, and networks, physical or virtual, whose disruption or destruction would have an effect on security, economic security, public health or safety due to their vital contribution to peace, security and safety. Critical infrastructure enables the normal course of daily life. The term is all-encompassing and subjective in nature, as what is critical and what is not is left to the discretion of states. The US government has so far considered 16 sectors that could meet this definition: chemical, commercial facilities, communications, critical manufacturing assets, dams, defence industrial base, emergency services, energy and power plants, financial services, food and agriculture, government facilities, healthcare and public health, information technology (ICTs), transportation systems, water and wastewater systems, nuclear reactors, materials and waste.

Identifying and understanding the interdependencies between infrastructure elements and sectors is important for assessing risks and vulnerabilities and for determining measures to increase security and resilience. Damage, disruption or destruction of one infrastructure element can have cascading effects, affecting the continued operation of another. Depending on the degree of interconnection between infrastructures, the effects of disruption may be different. Therefore, if the exposure to risk is different from one infrastructure to another, the response must also be addressed in a distinct manner, complicating the management, governance and security of critical infrastructure. 

Technology

States, state-sponsored groups, or self-funded terrorist groups, exploit many military technologies such as encrypted command systems, man-portable surface-to-air missiles, and other modern lethal systems. Nevertheless, technologies that had no original military use or purpose are now being transferred into the military domain: these are known as dual-use technologies and are key to understanding hybrid warfare and how traditional conflicts have changed.

Dual-use technologies have both civilian and military applications, blurring the line between the military and the non-military. They can be used for peaceful purposes such as transportation and communication or for military purposes such as weapon systems and intelligence gathering. Adversaries can misuse dual-use technologies in hybrid warfare. GPS technology, for instance, can guide missiles or drones to different targets, whether involved in a conflict or not, while social media platforms can spread propaganda or coordinate hybrid operations. 

While the export of some dual-use technologies is not prohibited a priori, it is subject to restrictive controls, usually in the form of a licensing requirement. However, some countries are subject to import or export restrictions. For example, since 2018, the United States has imposed semiconductor export controls on China, targeting those that can be used for AI and military capabilities.

Migration

Migration is a constant reality of an interconnected world, and despite inflaming rhetoric has been pretty much stable over the past fifty years. Nevertheless, states are slowly coming to the realisation that the movement of large numbers of displaced people, forcibly or otherwise, can be used to pursue nefarious political and security objectives. The talk of ‘weaponising’ migration has entered geopolitical discourse very recently, yet states have been using migration policy in this way for much longer. The chief threat of weaponised migration lies in its socio-economic implications, but also increasingly in public polarisation and political destabilisation, especially when coupled with securitising rhetoric. The latter is often the primary goal, but other objectives may include punishment for what an adversary perceives to be a previous offence, or use as a bargaining chip at the negotiating table, whether in bilateral or multilateral relations.

However, one must also be careful of the use of terms such as ‘weaponising’ migrants, as it comes at the expense of their individual humanity. Not only can migration be used as a hybrid threat, but it can also incite discourses of dehumanisation, polarisation, and political violence, which themselves threaten stability in the long run.

Historical Context and Perspectives - Continuity and Change

Hybrid threats or hybrid warfare might appear relatively recent, decidedly twenty-first-century concepts, and the terminology is certainly quite new. This does not mean, however, that the characteristics and tactics of hybrid warfare are completely without precedent. In fact, warfare has been a complex phenomenon throughout history, whether labelled ‘hybrid’ or not. A number of tactics and events in history have thus retrospectively been likened to instances of hybrid warfare. These range from the Soviet partisan movement in the early 1940s, to the whole of the Cold War, to developments in Chinese military strategy at the end of the 1990s. Certain hybrid threat theorists posit that it is possible to go even further into history with examples such as the Peloponnesian War (431-405 BC) or the American Revolution (1875-1883), where tactics of psychological warfare, economic pressure, and the deployment of irregular forces were used.

Historically speaking, the purpose of hybrid threats as tactics of warfare has been to exploit the vulnerabilities of adversaries, or, where possible, even turn a formerly perceived advantage into a vulnerability by the employment of irregular means. They have thus been used principally by parties that would normally be perceived as being at a disadvantage in traditional settings. However, without the systematic and doctrinal foundations that present-day hybrid threats possess, the manners of addressing them varied greatly depending on the tactics used, and the circumstances adversarial parties found themselves in. The extent to which lines become blurred with the introduction of hybrid threats into traditional methods and tactics of warfare has certainly increased. A partial reason for this is the perceived hegemony of the United States that emerged at the end of the Cold War, which led challengers to the new status quo to pursue new and irregular approaches, incorporating them to fit their strategic, historical, geographical, and economic circumstances, while maintaining the corresponding difficulty of attribution characteristic of hybrid threats. These must therefore each be explored accordingly, in order to form a full and detailed picture of the use, impact and possible countering of hybrid threats in modern conflicts, by states and businesses alike.

Aims of ‘Hybrid Threats in the 21st Century’ 

Such exploration is, in a broad sense, the overall aim of this project. Due to the uncertain and broad nature of hybrid threats, and the fact that they can be difficult to define properly, it is also challenging to counter them effectively. A series of articles is to follow, which thus aims to highlight a variety of hybrid threats, as presented above, ranging from disinformation, disruption and attacks on critical infrastructure, to impacts on supply chains, energy security, economic pressures and cyber attacks, among others. Furthermore, we endeavour to highlight the current and likely impacts on business, non-profit organisations, and conflict more generally. Based on such analysis, tools and frameworks for countering hybrid threats will also be presented and evaluated.