The European Union’s Response to Hybrid Threats

di Young Think Tanker - 10 Luglio 2023


         from Prague, Czech Republic


Hybrid threats are proving to be a significant obstacle to international security, and both media and governments frequently mention them as something that needs to be addressed. The European Union is trying to face this relatively new threat and has improved its tools to face them efficiently.

The Commission defines the concept as ‘ a mixture of coercive and subversive activities, conventional and unconventional methods (i.e. diplomatic, military, economic, technological), which can be used in a coordinated manner by state or non-state actors to achieve specific objectives while remaining below the threshold of formally declared warfare’. Therefore, the EU tries to tackle it comprehensively, considering hybrid warfare in its multifaceted nature. 

The Crimean War in 2014 and the 2022 invasion have brought the topic back into focus, and the European Union, along with the NATO alliance, has incremented its efforts to resist and prevent any kind of cyber attack.

Theoretical framework  

Even if journalists and governmental bodies address ‘hybrid warfare’ frequently and without explaining its definition, the concept is not universally agreed upon, and scholars are divided upon its meaning. An American Marine Corps major, coined it to describe the Chechen rebels’ strategies, tactics, and methods against Russian conventional troops. Hoffman, then, defined it as the fusion of conventional and unconventional forces in conjunction with terrorism and criminal behaviour, and NATO agrees with the first part of the definition, adding that it is carried on in pursuit of political objectives. The ‘West’ feels threatened, as the line between war and peace has become blurred and military and non-military means are involved (Giegerich, 2016).

 However, the scholarship is divided. While one stream solely focuses on the Russian doctrine and gives paramount importance to the Crimean annexation of 2014 and the so-called ‘Gerasimov doctrine’, another stream of the current academic debate criticises this approach. Some analysts argue that the Gerasimov doctrine has been taken out of context, and that the term ‘hybrid warfare’ has been widely misused to define an old concept of warfare (Fabian, 2019).

The European Union has taken into consideration the definition of hybrid warfare as a complex phenomenon. As a security provider, it outlines the need to adapt to new challenges by adopting a holistic approach. It emphasises disinformation and radicalisation, focusing on the cyber domain and how to enhance cooperation in order to be resilient to such threats.

The EU and disinformation

The first area to be tackled by the EU concerns disinformation. In 2015, the European Council established the East Stratcom Task Force that, as part of the European Union External Action, operates to strengthen the media environment in Eastern countries and in the EU states, supporting the freedom of media and expression. The Task Force in order to raise awareness of disinformation among civil society to tackle, in particular, Russia’s disinformation campaigns. Then, a Task Force for the Western Balkans and a dedicated Task Force South for the Arab-speaking world were established. The EU has also tried to cooperate with the private sector, and companies had to report their progress in tackling disinformation.  Moreover, in March 2019, a Rapid Alert System on Disinformation was established. It consisted of a platform for information sharing, but it is still in the process of being used at its potential. 

The EU is furthermore engaged in election observation missions and strives to safeguard democracy during elections, keeping an eye on disinformation, hate speech and privacy. Finally, the 2020-2024 European Democracy Action Plan will focus on the topic and, more recently, the Digital Services Act proposes rules for large platforms to moderate content and mitigate risks. The Act, in particular, allows these platforms to counter threats to information and fair electoral processes.

The cyber domain

As regards the cyber domain, the EU has imposed rules aimed at deterring and responding to cyber-attacks and has begun to regulate cyberspace.

 The focus on cyber attacks has grown in the last year. The ‘Threat Landscape 2022’ published by the European Union Agency for Cybersecurity outlines Russia and China proxy groups as the most important challenge to European cybersecurity, performing DDoS, deep fakes and bots. The report mentions the attack on public government sites carried out by the pro-Russian group Killnet as an example. Moreover, the so-called ‘Denial of Service attacks’, attacks that prevent users from accessing data or services have been mentioned as common and widely used in the Russia-Ukraine cyber warfare. Hacktivism has also experienced a rise, with hackers siding with one party in the conflict. Therefore, the EU had to innovate its policies, adjusting them to the current situation.

The Network and Information Security Directive (NIS2) was approved in November 2022, addressing some key challenges. The law enlarges the range of sectors already required to take cybersecurity and management measures, and aims to improve the cooperation between EU states and the European Agency for Cybersecurity. However, this directive does not affect national and public security, which remains at a domestic level.

Cooperation with NATO

Another important actor that is concerned about its preparedness in addressing hybrid threats is the North Atlantic Treaty Organization. In January 2023, NATO and the EU have declared that they have gained ‘tangible success in countering hybrid threats’.

The 2 entities cooperate in many ways and are engaged in tackling such a form of warfare. Regarding information sharing, clusters have been established where the EU’s Single Intelligence Analysis Capacity and NATO’s Joint Intelligence and Security Division make a shared situational picture. Moreover, the EU Hybrid Fusion Cell and the NATO Hybrid Analytical Branch are working to exchange information better. Recently, the EU Integrated Resolve 2022, a military exercise aimed to test European preparedness to a hybrid scenario, exchanged information and procedures with PACE 2022, a NATO table-top exercise.

While the cooperation between them is proceeding, further steps need to be taken regarding the cyber field, and the need for more clarity of what the implication of a hybrid attack would mean in the sense of a joint response (Zandee et al, 2021).

Defence-related critical energy infrastructure

This new and alarming spike in hybrid warfare has alarmed the European Union also on the level of critical infrastructure. As outlined in a report by the European Defence Agency and the European Commission (Giannopoulos et al., 2023), there is a high risk for the energy security sector, because malicious actors try to undermine the operation of our society by using energy supply weaknesses. Therefore, the EU has become aware that the autonomy and resilience of energy security need improvement. This is paramount in the defence-related critical energy infrastructure, essential to the military’s sustainability and preparedness. To explain ‘defence-related critical energy infrastructure’, one must think about the infrastructures essential to an army’s operational capability (Giannopoulos et al., 2023).

In the report mentioned above, the authors state that there are many vulnerabilities that a malicious actor could potentially exploit in the area of military and energy infrastructure. Firstly, as the two domains are interconnected, a possible attack would probably have cascading effects. Then, it outlines that any attempt to coerce the political sphere will impact the energy sector and, consequently, the defence. Furthermore, the cyber and space domain are critical regarding information infrastructure and services such as GPSs and timing signals (Giannopoulos et al, 2023).

Finally, to operate effectively in both peace and conflict, the armed forces must take into account a new set of mixed and blurred threats. To render the defence-related critical energy infrastructures more resilient, ministries of defence and EU policymakers should invest in modern technologies specifically aimed at disrupting systems, enhancing situational awareness and improving communications between agencies and the private sectors (Giannopoulos et al., 2023).


To conclude, the European Union is considering the evolution of hybrid threats and it is adopting policies and procedures to tackle this emerging form of warfare better. Practices have been implemented to face disinformation campaigns and cyber attacks, and some steps have been undertaken at an operational level. A comprehensive and holistic approach seems to be taken into account by policy-makers, and the European bodies are currently working to adapt to the emerging threats. However, further collaboration needs to be done, and better adaptability is envisaged.




Martina Camicia, studentessa in International Security Studies presso Charles University, Praga.


Nota della redazione del Think Tank Trinità dei Monti

Come sempre pubblichiamo i nostri lavori per stimolare altre riflessioni, che possano portare ad integrazioni e approfondimenti.

* I contenuti e le valutazioni dell’intervento sono di esclusiva responsabilità dell’autore.

Editor’s Note – Think Tank Trinità dei Monti

As always, we publish our articles to encourage debates, and to spread knowledge and original and alternative points of view.

* The contents and the opinions of this article belong to the author(s) of this article only.