By Chris Kremidas-Courtney
Introduction: Hybrid Threats
Today, there are state and non-state actors challenging nations, institutions, and private companies through a wide range of overt and covert activities targeted at their vulnerabilities. Both NATO and the European Union refer to these as “hybrid threats” and the maritime domain has proven to be especially vulnerable.1 As we’ve seen recently, in both Crimea and the South China Sea, a hybrid approach lowers the political price for aggression, making regime change and territorial annexation possible “on the cheap.”2
Many refer to this phenomenon as “hybrid warfare” and in the process militarize a phenomenon that is actually much broader and more complex. This phenomenon requires a whole-of-government and whole-of-society approach to access the necessary means and authorities to address them. Thus, hybrid threats are best understood when framed as an attack on governance, specifically democratic governance.
Hybrid uses subtle, far-reaching, and opportunistic methods – and seldom with a return address. In other cases, they can be more brazen, but operate in a gray zone in which the impacted state has few good response options without escalating the situation into armed conflict.
In general, governments and institutions with weak governance are more susceptible to hybrid and transnational threats. Corruption, low levels of public trust, weak public and private accountability, ineffective law enforcement, poor border and port security, weak security protocols for critical infrastructure, and a lack of cooperation between ministries, institutions, and the private sector leave them more vulnerable to these attacks on governance.
Of course, these threats have always existed, but what makes hybrid threats different are the new vulnerabilities presented by a globalized world interconnected by instant global communications, systems of finance, and commerce. Hybrid threats represent the weaponization of globalization.
The governance which is threatened by hybrid threats is not just public, but private as well. The majority of the world’s supply chain, communications providers, financial systems, and media outlets are found in the private sector. For example, 80–90 percent of many Western countries’ critical infrastructure is owned and operated by the private sector. This infrastructure is widely recognized as the first target of a hybrid campaign.3 Given NATO’s heavy reliance on the private sector to provide logistics and communications capabilities during a crisis, these vulnerabilities can have far-reaching effects.
Vulnerabilities to Maritime Hybrid Threats
Commercial. Commercial vessels and ports are vulnerable to hybrid threats in the form of sabotage, navigational spoofing, and cyber-attacks on supply chain information systems, resulting in lost or disrupted cargo, denial of access to critical port facilities, and environmental damage. At the same time, foreign ownership and control of commercial port facilities can lead to the disruption of their use when these same facilities are required in times of crisis.
Cyber. Commercial and military maritime activities are more reliant on cyber-enabling capabilities than ever, with everything from navigation systems to port information systems all being vulnerable to cyber-attack by hybrid actors and criminal organizations.4 The Maersk incident of 2017 illustrates the challenge well. A cyber-attack on the government of Ukraine inadvertently impacted Danish global shipping giant Maersk when they went to pay their Ukrainian taxes online.
As a result, Maersk’s global operations came to a halt as they temporarily lost the ability to govern their fleet. Numerous other industries were also impacted as the global supply chain was disrupted.5 If this attack was actually aimed at commercial ports and logistics companies, the damage and disruption could have been much worse.
Under this same category, some commercial shipping companies are currently testing technologies to enable the use of cyber-controlled unmanned container ships to move commodities across the world’s seaways. Obviously, the risks associated with this potential development are self-evident when looked at through the lens of maritime hybrid threats, with a potential scenario of a cyber-hacked unmanned vessel being turned into a weapon.
Energy. Diversification of energy supplies has led to an increase in the importance of liquefied natural gas (LNG), to include the transport vessels and onshore offloading facilities. In addition, gas and oil exploration in the eastern Mediterranean and the trans-shipment of petroleum and LNG at sea makes the energy supply chain more vulnerable to hybrid threats against the commercial entities which explore, extract, and ship these commodities.6
Communications. Today’s economies are very reliant on the global information technology infrastructure with 97 percent of intercontinental communications moving through undersea cables, most of which lack even basic defenses. Approximately $10 trillion in financial transactions is carried over these 213 cable systems every day, illustrating the global economy’s reliance on them.7 These cables are not owned by states, but rather by private entities which cannot afford to harden them and still make a profit.
The potential impacts are apparent when considering that in December 2008, accidental cable cuts in the Mediterranean and Persian Gulf resulted in widespread internet outages in the Middle East and India. For example, during that accident, Egypt lost 70 percent of internet connectivity, while India lost 50 percent.8
Territorial Vulnerabilities. The borders and exclusive economic zones (EEZ) of coastal nations can be disrupted and contested by hybrid actors acting on behalf of a state in order to contest the governance of their sovereign territory. In the South China Sea, China seeks to expand its claims, often interfering with the territorial waters and exclusive economic zones (EEZ) of countries like Vietnam and the Philippines, using methods such as armed fisherman to challenge the authorities of these nations and their commercial entities operating in their own EEZ.
Since the ability to control, maintain, and protect sovereign territory is a key aspect of governance, these are among the central tasks of coast guards and naval forces. In some cases, governments find it necessary to modify the rules of engagement for coast guards to be authorized to use deadly force, as Finland did in 2017.
Threats to Maritime Security Forces. Clandestine hybrid actors using armed frogmen or unmarked vessels disguised as commercial or fishing craft can surprise and swarm military vessels, disabling or disrupting them to keep them from being able to respond to other elements of a hybrid attack. The ability to detect, attribute, and respond to these threats is among the greatest challenges presented to security forces. In addition, the availability of increasingly sophisticated commercial off-the-shelf technology (COTS) to hybrid actors means that maritime security forces must constantly adapt in order to mitigate these emerging risks.
Disinformation. Alongside the previously mentioned maritime hybrid threats is the vulnerability to adversary disinformation campaigns aimed at eroding internal and regional trust by creating a false counter narrative. These disinformation campaigns across the media spectrum can bring into question the intentions and activities of friendly maritime security forces and their governments, not just in other countries but at home among their own people.
Strengthening Maritime Governance to Counter Hybrid and Transnational Threats
The answer to these assaults on governance is resilient, credible, and capable governance; with deeper cooperation among public, private, and international organizational entities. High-trust societies are much more difficult for hybrid actors to target with disinformation campaigns.
Strong public and private governance presents a credible deterrence to both hybrid and transnational threats and well governed entities are more resilient when faced with them.
In a broader sense, there are three levels of cooperation and collaboration which better enable governments and societies to deter and be more resilient to both hybrid and transnational threats:
- A whole-of-government approach in which all agencies and ministries from national to local level cooperate and share information to reduce any gaps, seams, and vulnerabilities which can be exploited by hybrid and transnational threats.
- A whole-of-society approach, which is similar to the whole-of-government approach, but also includes engagement with private sector, academia, and civil society stakeholders. Finland’s Comprehensive Security concept is a good example of a best practice for a whole-of-society approach.
- A comprehensive approach in which the whole society of like-minded nations works together with international organizations and entities such as NATO, EU, UN, World Bank, the private sector, and civil society, collaborating and coordinating to face these challenges together.9
Seeking to focus on governance, instead of looking at hybrid and transnational threats primarily through a military lens, does not exclude a role for military capabilities. Rather, it puts these threats into a perspective which more closely matches each nation’s own legal authorities and frameworks. Given the nature of these threats, the first to detect and respond are most likely to be civilian entities (both public and private), which may require varying degrees of military capabilities to provide support. This is especially important since no government can afford to pay for the same capabilities twice.
In the event of a situation possibly escalating, close civil-military cooperation and interoperability is necessary to ensure a measured and appropriate response with all instruments of national and international influence available. For this reason, comprehensive and whole-of-society tabletop exercises (TTX) and scenario-based discussions on hybrid and transnational threats are vital to building trust and interoperability, while also identifying and closing any gaps and vulnerabilities in our legal and procedural frameworks.
At the same time, the ability to counter maritime hybrid threats can be assisted by optimizing the use of existing systems and arrangements such as EUROSUR and Frontex’s European Patrols Network (EPN). In addition, new ways should be explored to leverage the expertise and capacity building efforts of the NATO Cooperative Cyber Defense Centre of Excellence, the NATO Maritime Interdiction Operations Training Center (NMIOTC), and the European Centre of Excellence for Countering Hybrid Threats (Hybrid COE).
Emerging Requirements to Counter Maritime Hybrid Threats
As recent history has shown us, these vulnerabilities point to a new list of emerging requirements in order to deter and counter maritime hybrid threats:
- A review of national legal frameworks and the rules of engagement for maritime security forces to ensure they are sufficient and appropriate to the task of deterring and countering maritime hybrid threats.
- A national and EU-wide foreign investment screening process for critical infrastructure and sensitive technologies.
- The ability to operate in and regain control of contested commercial spaces.
- The ability to differentiate clandestine hybrid threat vessels from other commercial and privately owned vessels.
- The ability to operate in and regain control of contested cyberspace.
- The ability to detect and attribute hybrid threats on shore and at sea.
- The ability to operate quickly and decisively in a contested public information environment.
- The need for whole-of-government, whole-of society, and comprehensive approach tabletop exercises and scenario-based discussions to develop deeper cooperation and information sharing between public and private entities.
Through meeting these new requirements, strengthening public and private governance, and seeking deeper and broader cooperation among institutions, nations, and civil society, we can turn globalization and our greater interconnectedness from a vulnerability into an advantage.
Chris Kremidas-Courtney currently serves as the Multilateral Cooperative Engagement Coordinator for U.S. European Command (EUCOM). His next assignment will be as Director of Training and Exercises at the Hybrid Center of Excellence in Helsinki. He regularly publishes articles in European journals on countering hybrid and transnational threats and is a facilitator and course designer for NATO Comprehensive Approach seminars throughout Europe. His views are his own and do not represent the opinion of the U.S. Government or EUCOM. Chris can be contacted through his LinkedIn page.
1. Joint Declaration of the President of the European Council, the President of the European Commission and Secretary General of the North Atlantic Treaty Organization, December 5, 2017
2. Kremidas-Courtney, Christopher, Russia and China take the lead in hybrid warfare while West struggles to respond, Europe’s World, September 2017.
3. Shea, Jamie, Resilience: a Core Element of Collective Defence, NATO Review, 2016
4. Jones, Kevin D, Maritime Cyber Threats, Presentation at NMIOTC Annual Conference, June 2015.
5. Milne, Richard, Maersk CEO Soren Skou on Surviving a Cyber Attack, Financial Times, August 13, 2017
6. Incertis, David, Risks and Interdependencies in the LNG supply chain, Presentation at NMIOTC Annual Conference, June 2015.
7. Sunak, Rishi, Undersea Cables: Indispensable, Insecure, Policy Exchange, 2017
8. Khurana, Gurpreet S., Maritime Dimension of Hybrid Warfare – The Indian Context, National Maritime Foundation, Dec 28 2017
9. NATO Defense College (2011), NATO Comprehensive Approach Awareness Seminar, Course Guide
Featured Image: A container ship leaving Hamburg port (DPA)