Hybrid Threats, Terrorism, and Resilience Planning. International Centre for Counter-Terrorism Perspective (2019). (With K. Samuel.)
We live in an inter-connected, inter-dependent world, not only in digital spaces, but increasingly between the physical and digital worlds. While our inter-connectedness and the accompanying rapid technological change bring with them widespread societal benefits, they can also deepen existing vulnerabilities and create new ones, such as in relation to critical infrastructure interdependencies. These technology-rich and highly dynamic circumstances can be exploited by those with criminal and malicious intent, including terrorists, with potentially extensive and catastrophic consequences, as the 2017 WannaCry cyber-attack with global reach, which nearly brought the United Kingdom’s National Health Service to its knees, illustrated.
We will illustrate this ironic confluence of good news/bad news by focusing on hybrid threats posed by cyber technology to critical national infrastructure. Our op-ed begins by briefly examining the concept of hybrid threats, before examining how they are materialising in the cyber world. The discussion then turns to examining how best to counter hybrid threats to our Critical National Infrastructure (CNI). We propose the development of more dynamic, integrated and innovative resilience planning solutions beyond those that currently exist.
The Concept of Hybrid Threats
Hybrid threats posed by state and non-state actors are expected by many to increasingly challenge countries and institutions globally. In 2016, this recognition led to the creation of the European Centre of Excellence for Countering Hybrid Threats (Hybrid CoE), which recognises diverse and wide-ranging forms of terrorism as a potential source of hybrid threats. The Hybrid CoE has defined a hybrid threat in the following terms:
- Coordinated and synchronised action, that deliberately targets democratic states and institutions systemic vulnerabilities, through a wide range of means;
- The activities exploit the thresholds of detection and attribution as well as the different interfaces (war-peace, internal-external, local-state, national-international, friend-enemy);
- The aim of the activity is to influence different forms of decision making at the local (regional), state, or institutional level to favour and/or gain the agent’s strategic goals while undermining and/or hurting the target.
As the broad parameters of this definition reveal, hybrid threats can take a multitude of diverse forms. They can pose many practical and legal challenges too, such as how to detect, investigate, and attribute them in order to identify and bring to account their perpetrators, whether state or non-state actors … MORE