Protecting Europe Against Hybrid Threats: From ‘Trojan Horse’ to ‘Trojan Malware’

Written by | Friday, August 9th, 2019

On 12 October 1983, Ronald Reagan signed off the top secret National Security Decision Directive 108 on ‚Soviet Camouflage, Concealment and Deception‘. The document bluntly stated that „the Soviet Union has developed a doctrine of ‚maskirovka‘ which calls for the use of camouflage, concealment and deception (CC&D) in defense-related programs and in the conduct of military operations. They define maskirovka as a set of measures to deceive, or mislead, the enemy with respect to Soviet national security capabilities, actions, and intentions. … Several recent discoveries reveal that the Soviet maskirovka program has enjoyed previously unsuspected success and that it is apparently entering a new and improved phase.

This quote could easily come straight from a defence white paper of an average NATO member state in 2019. Europe’s current geopolitical circumstances are not the first in which it has had to face threats of a “hybrid” nature. They are unlikely to be the last. The situation may not be wholly new, but it is certainly strained nevertheless. After a decade of economic crisis, Europe’s political systems are worn out. Relations are worse than usual among some of the European Union’s member states, between Europe and the United States, and between social groups within member states. And it is now cheaper and easier than ever for those wishing to exacerbate those cleavages to do so through cheap social media adverts, a few bots, and a handful of hacks – all backed up with some shady finance schemes. Without relying on the US, can Europe really be sovereign in the face of hybrid threats?

Geopolitical rivals to Europe are increasingly incorporating hybrid threats into their armouries – and deploying them. This amorphous set of threats exists below the level of war, enabling other powers to exploit existing societal divisions and sow confusion and instability. To deal with hybrid threats on their own, EU countries will need to more thoroughly investigate such hybrid activities – and go public with their findings. Europe should pursue a ‘dual track’ approach of confrontation followed by dialogue with unfriendly cyber powers. EU member states should also jointly invest in offensive cyber capabilities within PESCO, expand Europol’s remit to include counter-intelligence, and improve personal cyber hygiene standards in government and among citizens.


Hybrid tricks have been used throughout history, from the Trojan horse devised by Odysseus to the Trojan malware written by hackers today. Indeed, even periods of peace are ‘hybrid’, punctuated as they are by assassinations, corruption, spying, disinformation, manipulation, and economic pressure. The EU today provides several opportunities that external adversaries can exploit. Three main factors matter: the changing post-cold war geopolitical environment; technological and legal vulnerabilities inherent in globalisation and the common market; and a post-historical zeitgeist still prevalent in Europe that does not accept that subversion, let alone direct military action, is a threat to the European way of life.


Parts of the EU’s machinery have been very active on these matters, but it still lacks a holistic approach to them. In recent years, new communications, laws, strategies, task forces, funding, and member state working groups have emerged to bolster the EU’s security and resilience. But this process has been somewhat reactive and still lacks high-level political leadership. Overall, despite increased EU and member state activity on cyber issues, a lack of coordination and leadership from the top means that hybrid attackers continue to have diverse opportunities to conduct operations.


Multiplicity of actors is involved in intelligence activities that are central to efforts to combat hybrid threats: the military, the police, national intelligence services, national cybersecurity agencies, private companies (which also have cybersecurity obligations), media actors, NATO, the EU, Europol, and ENISA. However, the challenge here is that this institutional hotchpotch is mirrored by a wide variation in national bureaucratic security cultures and also the basic lack of resources, whereby there are few fields in which Europe as a whole is so dependent on American support. Moreover, despite creating a series of strategies to combat hybrid threats, Europe’s response to the issue is generally still in the thinking, rather than acting, phase.


All in all, dealing with hybrid threats involves action on several fronts. The first is the political front. The second is the digital home front. The third is the intelligence front: setting new goals and standards for intelligence services, and improving the coordinated approach within Europe. And, finally, EU member states and the EU itself can take steps on the diplomatic front to deal with foreign powers that conduct hybrid operations against them.


‚Protecting Europe Against Hybrid Threats‘ – Policy Brief by Gustav Gressel – European Council on Foreign Relations / ECFR.

(The Policy Brief can be downloaded here)


Article Categories:

Leave a Comment

Your email address will not be published.