Asymmetric warfare: how to respond to hybrid threats

What is a ‘hybrid’ threat?

Jérôme Clech. In addi­tion to states that prac­tice hybrid war­fare (such as Rus­sia or Chi­na), com­bin­ing con­ven­tion­al modes of action and infor­ma­tion manip­u­la­tion (fake news, deep fakes, etc.), the hybrids; crim­i­nals, traf­fick­ers, gang­sters and ter­ror­ists, use the same tech­no­log­i­cal means that enable glob­al­i­sa­tion. They make up its dark side, which is why they rep­re­sent such a chal­lenge for states and even large companies.

IT has not put an end to the asym­me­try of hard pow­er between devel­oped states and non-state actors, but it does serve an equalis­er in all areas of soft pow­er close­ly linked to the infor­ma­tion­al sphere (cul­ture, influ­ence, media, social net­works, pro­pa­gan­da, etc.). As infor­ma­tion moves at the speed of light for every­one. By invest­ing in the “infos­phere”, non-state actors have restored the sym­met­ri­cal aspect of con­fronta­tion, but in a main­ly non-kinet­ic reg­is­ter: the impact of an attack is much greater than the num­ber of deaths, as West­ern soci­eties have a very low accep­tance of risk.

How can we respond to this threat?

Hybrid threats require a hybrid strat­e­gy. Our nation­al defence and secu­ri­ty strat­e­gy, con­sid­er­ing the absence of a “crit­i­cal mass” in our sys­tem, aims to low­er the trig­ger point for large-scale mil­i­tary inter­ven­tion, par­tic­u­lar­ly in the event of hybrid attacks. But there is a gap in the con­tin­u­um of strate­gic func­tions that nei­ther nuclear “deter­rence” nor the “pro­tec­tion” of ter­ri­to­ries and pop­u­la­tions can fill. A form of “aug­ment­ed pre­ven­tion” would be required: the cur­rent “pre­ven­tion” would be extend­ed to in-depth action aimed at intim­i­da­tion and ear­ly dis­rup­tion through a com­bi­na­tion of remote kinet­ic strikes and cyber offen­sives, not only in the phys­i­cal lay­er of cyber­space, but also in the log­i­cal and socio-cog­ni­tive lay­ers of cyberspace.

In con­crete terms, aug­ment­ed pre­ven­tion would focus on nerve points, such as drone strikes aim­ing to neu­tral­is­ing ter­ror­ist lead­ers, for exam­ple. Both mil­i­tary and large­ly dehu­man­ised and – more or less – stealthy or sched­uled, these remote strikes are also the source of eth­i­cal con­cerns. Europe is fol­low­ing suit, since one of the projects of the Per­ma­nent Struc­tured Coop­er­a­tion (PESCO, estab­lished in 2017) is none oth­er than the MALE (Medi­um Alti­tude Long Endurance) Euro­drone, which could even­tu­al­ly be armed and whose devel­op­ment is part­ly financed by the pre­cur­sor of the Euro­pean Defence Fund (EDF). 

On the cyber side, cyber offen­sives con­sti­tute a hybrid mode of action at a dis­tance: with a mate­r­i­al aim when it is a ques­tion of hit­ting the phys­i­cal lay­er of cyber­space; imma­te­r­i­al when it is a ques­tion of exploit­ing or reach­ing the infos­phere. A Com­put­er Net­work Attack (CNA), which is hybrid in nature in that it involves inter­nal­is­ing hack­ing skills with­in the defence estab­lish­ment, is a cyber offen­sive mode act­ing on the log­i­cal lay­er. Hybrid and cyber threats are one of the areas of NATO-EU coop­er­a­tion, and PESCO has near­ly ten projects in this area.

Aug­ment­ed pre­ven­tion could also have an impact through hybrid bor­der sur­veil­lance. Drones are a great asset in terms of obser­va­tion and are used in the civil­ian sec­tor for bor­der sur­veil­lance in the Unit­ed States. The aim is not only to hin­der ille­gal immi­gra­tion, which is known to feed into every lev­el of the ille­gal econ­o­my, but also traf­fick­ing of all kinds (arms, drugs, coun­ter­feit goods, etc.), which hybridis­es the threats and pro­vides a breed­ing ground for inter­na­tion­al ter­ror­ism. Since 2020, the use of drones has strength­ened the Fron­tex sys­tem at the bor­ders of the Euro­pean Union (EU). Inte­grat­ing the sys­tem into the range of sen­sors oper­at­ed by the intel­li­gence com­mu­ni­ty (includ­ing the DGSE and Tracfin) would undoubt­ed­ly increase its effectiveness.

The aim is to char­ac­terise and iden­ti­fy the poten­tial threat posed by an indi­vid­ual accord­ing to their behav­iour­al profile. 

From bor­der con­trol to bor­der risk man­age­ment, the emer­gence of the con­cept of “smart bor­ders” cor­re­sponds to the imple­men­ta­tion of “intel­li­gent” sys­tems at air­ports, ini­tial­ly based on bio­met­rics. The aim is to char­ac­terise and iden­ti­fy the poten­tial threat posed by an indi­vid­ual accord­ing to their behav­iour­al pro­file. For exam­ple, the PNR (Per­son­al Name Record) is a device for assess­ing the risk of a trav­eller being linked to a ter­ror­ist organ­i­sa­tion; it is designed to know “what the indi­vid­ual has done” before book­ing a flight and to pre­dict “what he or she is like­ly to do” at destination.

In order to see more clear­ly into the dig­i­tal maze gen­er­at­ed by the “com­put­er­i­sa­tion of the body” (the shad­ow body, a cloud of data and infor­ma­tion that goes beyond one par­tic­u­lar indi­vid­ual since some of this data only makes sense as part of a series), it could then be use­ful for the dat­a­min­ing enabled by AI to cross-ref­er­ence the PNR with the files held by nation­al defence and secu­ri­ty forces, and more par­tic­u­lar­ly those held by agen­cies in the intel­li­gence com­mu­ni­ty. Sub­ject to net­work sov­er­eign­ty in place at a Euro­pean lev­el (as this is the rel­e­vant scale), it is con­ceiv­able that all this data could even­tu­al­ly be host­ed on a ded­i­cat­ed cloud.

But what would be the val­ue of a secret cloud if only France was to input in cer­tain ele­ments of the intel­li­gence infor­ma­tion col­lect­ed by its sen­sors (relat­ing to coun­tert­er­ror­ism or illic­it flows, for exam­ple)? For the time being, we only have an Intel­li­gence Col­lege in Europe – not a Euro­pean Col­lege of Intel­li­gence! Nam­ing it such might bring it to life, or per­haps not: noth­ing oper­a­tional, but the ambi­tion to build a “com­mon strate­gic cul­ture” … This, as Jean Mon­net believed, is cer­tain­ly where any Euro­pean project should start, but con­sid­er­able efforts need to be made, as Pres­i­dent Macron acknowl­edged in his 2017 Sor­bonne speech with the Euro­pean Inter­ven­tion Ini­tia­tive (EII).

Nat­u­ral­ly, the use of data and the search for such syn­er­gies raise eth­i­cal and legal ques­tions that bring us back to the secu­ri­ty-free­dom dilemma.

Are we head­ing for wide­spread hybridisation?

The response to hybrids would in fact ben­e­fit from more hybridi­s­a­tion. For while tech­nolo­gies have a major and grow­ing role to play, the relat­ed capac­i­ties (equip­ment and know-how) must not be reduced to tech­ni­cal fetishism. We must be able to artic­u­late the explorato­ry force of the machine with human intu­ition in order to, at least, strength­en their co-pro­duc­tion if not hybridise them. Aug­ment­ed pre­ven­tion would only be a strate­gic shift. We need to do even more: a quan­tum leap in terms of the antic­i­pa­tion of threats. Antic­i­pat­ing hybrids so as not to have to respond to them is, in my opin­ion, the way to under­stand the log­ic of “win­ning the war before the war”, to quote the Chief of Staff of the Armed Forces. This would imply rethink­ing the meth­ods and tools of strate­gic fore­sight, pay­ing renewed atten­tion to the ear­ly detec­tion of “weak sig­nals”, in order to nip future threats in the bud before they emerge. Per­ceiv­ing and char­ac­ter­is­ing the under­ly­ing struc­ture of emerg­ing hybrid phe­nom­e­na undoubt­ed­ly requires defin­ing and build­ing the ‘hon­est cyborg’ of the 21st cen­tu­ry. But that’s anoth­er story!