The term ‘hybrid’ has become a mainstream word in recent years. We drive hybrid cars, golfers hit balls with hybrid clubs and, increasingly, houses are equipped with hybrid heating systems. The term ‘hybrid’ originates from biology, meaning “a plant or animal that has been produced from two different types of plant or animal especially to get better characteristics”. In general terms it is “something that is a mixture of two very different things”. When applying this to (security) threats, this would indicate a mixture of military and non-military challenges. As such, this is nothing new: other terms have been used in the past for the same meaning; ‘hybrid’ is just the new buzzword. However, as yet, no widely accepted definition of ‘hybrid’ threats or activities exists. Diverging definitions circulate, even within the EU and NATO. A few examples:
The EU’s ‘Joint Framework on Countering Hybrid Threats’ states that:
“While definitions of hybrid threats vary and need to remain flexible to respond to their evolving nature, the concept aims to capture the mixture of coercive and subversive activity, conventional and unconventional methods (i.e. diplomatic, military, economic, technological), which can be used in a coordinated manner by state or non-state actors to achieve specific objectives while remaining below the threshold of formally declared warfare”.
The EU External Action Service (EEAS) uses the following definition:
“Hybrid threats combine conventional and unconventional, military and non-military activities that can be used in a coordinated manner by state or non-state actors to achieve specific political objectives. Hybrid campaigns are multidimensional, combining coercive and subversive measures, using both conventional and unconventional tools and tactics. They are designed to be difficult to detect or attribute. These threats target critical vulnerabilities and seek to create confusion to hinder swift and effective decision-making”.
NATO uses the following definition:
“Hybrid threats combine military and non-military as well as covert and overt means, including disinformation, cyberattacks, economic pressure, deployment of irregular armed groups and use of regular forces. Hybrid methods are used to blur the lines between war and peace, and attempt to sow doubt in the minds of target populations. They aim to destabilise and undermine societies”.
Last but not least, the European Centre of Excellence for Countering Hybrid Threats, also known as the Hybrid Centre of Excellence, or Hybrid CoE – an international, network-based organisation in Helsinki that also serves as a platform between the EU and NATO providing a forum for strategic discussions and joint training and exercises – defines hybrid threats as follows:
“Coordinated and synchronized action that deliberately targets democratic states’ and institutions’ systemic vulnerabilities through a wide range of means; Activities that exploit the thresholds of detection and attribution, as well as the different interfaces (war-peace, internal-external security, local-state, and national-international); Activities aimed at influencing different forms of decision-making at the local (regional), state, or institutional level, and designed to further and/or fulfil the agent’s strategic goals while undermining and/or hurting the target”.
There are clear similarities between these definitions: for example, they all describe hybrid threats as a combined use of military and non-military means to undermine societies. Yet, discussion is possible on which activities can and cannot be included within the concept of hybrid threats. For example, the EU’s ‘Joint Framework on Countering Hybrid Threats’ includes a very broad area of activities to counter hybrid threats, demonstrating the broadness of the field. The frameworks lists:
strategic communication to counter the systematic spread of disinformation;
protecting critical infrastructures (e.g. energy supply chains, transport) from unconventional attacks (which in the description includes very broad policy goals such as further diversifying the EU's energy sources, suppliers and routes, transport and supply chain security, but also protecting infrastructure in space from hybrid threats, as well as increasing defence capabilities in general);
protecting public health and food security (including protection against CBRN threats);
enhancing cyber security (with a special focus on industry, energy, financial and transport systems);
targeting hybrid threat financing; and building resilience against radicalisation and violent extremism.
The EEAS also includes cyber threats within the scope of hybrid threats, and adds that “Chemical, Biological, Radiological and Nuclear (CBRN) threats delivered by non-conventional means fall within a category of their own” while still including them within the category of hybrid threats.
Turning to policy documents regarding EU-NATO cooperation in countering hybrid threats, there is no unambiguous perspective either. The ‘Common set of proposals for the implementation of the Joint Declaration by the President of the European Council, the President of the European Commission and the Secretary General of the North Atlantic Treaty Organization’ of December 2016, followed by an additional set of proposals in 2017, lists four categories of action within the section ‘Countering hybrid threats’: Situational Awareness, Strategic Communication, Crisis Response, and Bolstering Resilience. ‘Cyber security and defence’ is a separate category, apart from hybrid threats, and CBRN threats are not mentioned at all.
All in all, it is clear that the term ‘hybrid threats’ has no unambiguous definition and will be continuously evolving depending on the circumstances and debates. As there is no widespread consensus on the definition, this report will use the 2016 and 2017 sets of proposals for EU-NATO cooperation as a starting point; these sets have not been changed since then. The focus will primarily lie on the sections on ‘countering hybrid threats’ and ‘cyber security and defence’. Even though ‘cyber security and defence’ is included in the set of proposals as a separate category alongside ‘Countering hybrid threats’, generally cyber threats are considered to be a main part of hybrid threats. For that reason, they are included in this study. The justification for focusing solely on the 2016 and 2017 sets of proposals derives from the scope of this study: EU-NATO cooperation in the field of countering hybrid threats. Therefore, the analysis of what has been achieved so far in this area of EU-NATO cooperation (chapter 3) is narrowed down to those fields that have officially been included as cooperation areas between both organisations.