Skip to main content
BlogDigitalDigital BlogHome Featured AnalysisSecurity & DefenceSecurity & Defence Blog

Evolving Hybrid Threats: Charting a New Course for Security

By 9th October 2019October 24th, 2019No Comments

Date: Wednesday, 9 October 2019

Author: Clodagh Quain


Half-way through its rotating six-month term in 2019, the Finnish Presidency of the Council of the EU has advanced a more strategic discussion on the future of European defence and digital disruption in the field.

The Finnish Minister of Defence, Antti Kaikkonen, led the Presidency’s recent informal meeting of defence ministers on 28-29 August 2019, underlining the more “future oriented agenda” in cooperation with the European External Action Service (EEAS). This included a broad discussion with additional representatives of the UN, NATO and the Global Tech Panel on the implications of artificial intelligence and climate change for security and defence, as well as practical EU measures to counter associated hybrid threats.

At present, the EEAS defines hybrid threats as “conventional and unconventional, military and non-military activities” used in a “coordinated manner by state or non-state actors to achieve specific political objectives”. While the concept of hybrid threats is not new, it is evolving in scope due to emerging technological developments and requires a more coordinated approach at EU-level. In his confirmatory hearing on 7 October 2019, Josep Borrell, High Representative-designate, proposed that the EU’s Article 42.7, or mutual defence clause, could apply in the case of non-military hybrid threats. His proposal to work within the scope of the existing treaty framework demonstrates how the EU could be more effective in its response without a reinvention of the wheel.

Past Progress

Finland’s Presidency builds on initiatives already established at EU-level. The EU’s Joint Framework to Counter Hybrid Threats, launched on 6 April 2016, was based on countering shared threats among Member States and the increasing need to protect infrastructure or cross-border networks; a challenge that has grown in scale. Following this, the EU adopted a Joint Communication: Increasing Resilience and Bolstering Capabilities to Address Hybrid Threats in June 2018 which focused on a range of issues including strategic communications and situational awareness, resilience and cybersecurity, and counterintelligence among others. In addition, a dedicated horizontal working party to counter hybrid threats has also been set up in the Permanent Representatives Committee, Coreper, since 11 July 2019 to facilitate cooperation with other EU institutions and extended bodies.

Ahead of the European elections in May 2019, some more targeted measures taken included an Action Plan on Disinformation endorsed in December 2018, and the creation of a Rapid Alert System on Disinformation in March 2019.

Beyond the EU’s borders, hybrid risk surveys were launched in seven partner countries. Cooperation with NATO on hybrid warfare was strengthened and a new European Centre of Excellence for Countering Hybrid Threats was established in Helsinki. Nineteen of the current EU28 are participants in the Centre’s work, while the EU and NATO also actively participate in its activities. The Centre aims to enhance members’ efforts to respond, deter and confront, if necessary, challenges of subversive influence activities and to identify vulnerabilities.

The Current Status Quo?

These recent developments at EU-level reflect increased efforts to strengthen resilience, security and governance of democracies against hybrid threats. The agenda of the Finnish Presidency is particularly timely considering the increased cyberattacks, election interference and disinformation campaigns in Europe. In a recent security conference in Dublin, Ben Nimmo, Director of Investigations at Graphika, highlighted a far-reaching disinformation campaign revealed by the Atlantic Council’s Digital Forensic Research Lab, which ran from 2014-2019. The campaign was found to be the source of articles stoking divisions on Brexit, the Irish border and EU citizens in the UK, among other issues.

Ireland has been actively engaged in EU efforts to build a coordinated response in the fight against disinformation and has expressly committed to further actions on a value-based approach. In her address to the Oireachtas Joint Committee on European Union Affairs in July 2019, the Finnish Ambassador to Ireland, Ms Raili Lahnalampi, pointed out that Ireland hosts many multinational companies and highlighted the importance for Ireland to be prepared to counter cyberthreats.

Ireland’s geographical positioning to date has sheltered it from traditional threats compared to its European counterparts, but this will be considerably challenged in cyberspace. At present, 40% of EU data is based in Ireland which is significant, both in terms of regulation and as a target for cyberattacks. Both the volume of data and heavy presence of private multinational companies contribute to Ireland’s changing position in the security landscape.

Facing the Threats – A Way Forward

The Finnish Presidency’s efforts to address the new security paradigm faces obvious time pressures in addressing threats. The combination of both practical scenario-based exercises for Member States and research-driven work in its initial three months reflect the broad scope of the issue.

Forthcoming presidencies will also have to grapple with the scale and cross-border nature of threats associated with emerging technologies for national and European security. The upcoming Croatian Presidency in 2020 has so far committed to the implementation of security and defence developments. In marking six years of membership in the EU in 2019, Croatia also underlined the importance of a common response to hybrid threats in addition to closer EU-NATO cooperation, to address such global challenges.

Beyond discussions at EU-level, Member States will need to ensure a greater cross-sectoral approach, addressing security and defence with other ministerial work on economic and environmental matters for example. Ireland’s current White Paper on Defence indicates the need for a broader concept of national security that encompasses natural disasters, cyber security, pandemics, and threats to a state’s economy for consideration, though this requires further attention in implementation.

Innovative solutions led by Member States include the appointment of ambassadors for hybrid and cyber threats in Spain, Finland and Sweden. In Sweden, the Ambassador and Special Envoy for Countering Hybrid Threats facilitates the role of the foreign ministry in addressing hybrid aggression and assisting with intragovernmental coordination efforts. These resilience efforts led by Member States demonstrate how governments can evolve with the changing security landscape.


The new impetus to counter hybrid threats, which has increased in past years, has given states an opportunity to redesign national policies and consider the cross-cutting nature of the work. The EU has the capacity to support and reinforce through coordination and cooperation among partners in the multilateral context. NATO and the G7 have promoted more work on hybrid threats with threat analysis, situational awareness and a Rapid Response Mechanism for the defence of democracies. The response to threats nonetheless still lies within national security and defence policies.

In his keynote address at the IIEA in 2019, General Sir Richard Barrons of RUSI cautioned that Europe would have to face the “difficult issues such as investment, capability and resilience” to more effectively focus on its social model, economy and politics. This requires a more joined-up approach and a change in working methods for states if they are to effectively respond and protect liberal democracies. A gap in national capability will be a vulnerability for the network as a whole.