Understanding Hybrid Warfare by: Multinational Capability Development Campaign (MCDC)
Contents
Hybrid what?
There is no clear definition yet. There are rather some descriptions, such as:
A hybrid crisis is a combination of two or more crises between which a link can exist (not necessarily) and which can reinforce each other.
Hybrid warfare is a military strategy that uses political war and mixes conventional war, irregular war and cyber war with other methods with a strong influence, such as fake news, diplomacy and intervention in foreign elections.
However, one knows that the aggressor tries to avoid retaliation. Hybrid warfare has to stay below the clear detection radar and response thresholds.
The cases on which this study is based are:
– Iran’s activities in Syria
– Use of Gas and loans by Russia as a means of pressure in Ukraine
– IS in Syria and Iraq
– Hybrid warfare in an urban context
– Cyber used by Russia
Two things are clear on this subject: nobody understands it fully, but everyone thinks it’s a problem
That is why there is a need to take 2 steps
1: A common language (understanding the subject and communicating about it smoothly)
2: An analytical framework
Step 1: Understand
There is no clear definition yet, as we wrote earlier, but there are descriptions, eg:
“The synchronized use of multiple power tools tailored to specific vulnerabilities across the entire spectrum of social functions, in order to achieve synergies.”
They often fall back on the speed, volume and ubiquity of digital technology.
It is important to recognize that one uses multiple power tools in multiple dimensions and at different levels simultaneously in a synchronous way. This allows the actor to use various MPECI (Military, Political, Economic, Civil, Information) resources that they have available to create synchronic attack packages that for perceived or suspected vulnerabilities. The instruments of power used will depend on the capabilities of the actor and on these vulnerabilities, as well as on the political objectives of the actor and his planned way to achieve his goals. As in all conflicts with wars, the characteristic of hybrid warfare will depend on the context.
Hybrid threat does not lend itself to classical threat analysis for, among others, the following reasons:
– A wide set of MPECI tools
– One exploits vulnerabilities across societies in a way that we normally do not think of
– Syncing and the way of syncing are unpredictable.
– Uses the exploitation of ambiguities, creativity and our understanding of warfare to keep his attacks invisible
– A hybrid attack can remain unnoticed until it is too late.
We will therefore have to learn to look differently at conflicts in the future.
Step 2: the Analytical Framework:
The analytical framework has a structure with three components:
– Critical functions and vulnerabilities
– Synchronization of resources
– Effects and non-linearities (complexities)
Here, “1 + 1 + 1> 3” or also: the whole is more than the sum of the parts.
We give a brief explanation of these three components
Critical functions and vulnerabilities
Critical functions here are activities about the PMESII (Political, Military, Economic, Social, Infrastructure, Information) spectrum that, when one no longer carries them out, can lead to an interruption of services on which society depends.
They are dividable into a combination of actors, infrastructures and processes. They all have vulnerabilities.
Synchronization of resources
Synchronization (syncing) is the ability of the attacker to coordinate effective power tools (MPECI) in time, space and with certain goals to achieve a desired effect. With this he can achieve greater effects than with overt coercion. Benefits for the attacker are:
Use tailored resources and vulnerabilities
Compulsion but remain under the radar of the detection thresholds and response thresholds
Easier to escalate and de-escalate different MPECI simultaneously
Effects and non-linearities (complexities)
Effects are changes in the condition of the target. The attacker can not properly controll them because one can no longer predict a linear sequence of effects. Causality becomes increasingly difficult to show and predict as one uses and varies more elements of the MPECI.
One has to set up “BTIMs” to learn recognize and know things:
Baselines, Thresholds, Indicators, Monitoring in real time, from the philosophy: “You do not know what is abnormal if you do not know what is normal and if you do not measure what the evolution is”
For the baselines, one must make a list and assessment of social critical functions. Indicators must help determine whether an attack is in progress or is starting. Thresholds help determine what the normal / abnormal operation is.
Without knowing what is normal, nothing can begin.
Unfortunately there are no real examples of existing “BTIMs” in the document.
What are the recommendations of this document?
– Make regular national self-assessment of critical functions and the vulnerabilities of all sectors and of society.
– Improve the classic threat analysis so that it contains the following tools and possibilities: Political, Economic, Civil, International and research how one can synchronize these resources in an attack on vulnerabilities
– Create a national methodology for coordinating self-assessment and threat analysis specifically for: understanding, detecting, responding to hybrid threats
– Internationalize, work together coherently across borders.
Conclusion
Here I am going to be a contrarian. The study Understanding Hybrid Warfare finds that the framework is a visual tool for responding during a hybrid attack.
That seems wrong to me. In addition to the BTIMs that one has to set up, and which must be able to function separately from the framework, the visual tool i.m.h.o. will rather remain a tool for analysis afterwards.
The tool does, however, provide an explanation of what information to preserve during the crisis.