
Hybrid Threats and Modern Political Warfare: The Architecture of Cross-Domain Conflict
By:

We are publishing this piece because Mr. Irdi served within the Italian government for seventeen years in various capacities related to foreign affairs and security policy, including as a special advisor to Italy’s minister of foreign affairs. During his tenure at the Italian prime minister’s office, he held managerial responsibilities and provided top government officials with analysis and strategy on great power competition, foreign malign influence, and Russia’s war against Ukraine. His final government posting was dedicated to understanding and countering hybrid threats, which gave him a front-row seat in how Western governments are and are not addressing the new forms of modern political warfare.
On both the People’s Republic of China (PRC) and Russia, Jamestown has published a large body of analysis over the years on how these countries have covertly and overtly undermined the United States, Europe, Taiwan, and other allies and partners. Mr. Irdi’s analysis helps place these developments into a larger context and explains why modern political warfare is different than historical forms of statecraft.
Executive Summary:
- Modern political warfare—today known variously as hybrid threats, gray zone activities, or foreign malign influence—is characterized by two systemic features: dispersion across domains and gradualness in timing.
- New technologies and authoritarian powers capable of mobilizing comparable resources enhance these systemic features in ways that heighten democracies’ vulnerability to political warfare (hybrid campaigns) by exploiting their openness, political time horizons, and discrepancies between public and private interests.
- Countering hybrid campaigns requires a higher level of alertness and a common language across countries, institutions, and the public-private divide. Democratic citizens have to be a part of the discussion of policy tools, because the tools to protect security and civil liberties affect them as much as the political warfare targeting them.
In December 2024, Romania’s intelligence agencies revealed that Russia had orchestrated a highly sophisticated social media campaign to boost Călin Georgescu, the far-right, pro-Russian presidential candidate. This operation successfully exploited TikTok’s extreme popularity in the country—some 47 percent of the population were believed to have an account already in 2014, the highest rate in the European Union (Romania Insider, December 6, 2024).
The pro-Georgescu TikTok campaign represented a blatant attempt to influence the outcome of the Romanian presidential election. Georgescu won the first round of the presidential race on November 24, 2024, only for the country’s Constitutional Court to annul the results two days before the December 8 runoff, citing a series of irregularities in his campaign funding, including allegations of Russian interference on his behalf (POLITICO, December 6, 2024; Adevarul, April 24). The second round of voting in December 2024 was cancelled, and the first round of the election has been rescheduled for May 4.
In February, the investigation into these irregularities deepened, leading to nationwide raids that uncovered an arsenal of weapons, over a million euros in cash, and tickets to Moscow at the home of Horațiu Potra, Georgescu’s bodyguard (Adevarul, March 13; for more on Potra, see Militant Leadership Monitor, June 27, 2024). On March 9, Romania‘s Electoral Commission formally rejected Georgescu’s candidacy for the upcoming election, citing his “failure to comply with the legal regulations” (Constitutional Court of Romania, March 11). The response to the court’s decision was swift, with fights breaking out in the streets of Bucharest between Georgescu’s supporters and police. Elon Musk chimed in as well, calling the decision “crazy” on X (X/@elonmusk, March 9; YouTube/@Digi24 [Romania], March 10).
Crazy or not, hybrid campaigns are a tough nut to crack.
Despite their growing relevance in the security discourse, there is no internationally agreed-upon definition of “hybrid threats.” This is not unique—there is, for example, no universally accepted definition of terrorism (International Centre for Counter-Terrorism, March 2023). What we call hybrid warfare differs in every theater. What is known to the Europeans as “hybrid threats” is called “foreign malign influence” across the Atlantic, whereas in the Indo-Pacific, “gray zone tactics” describe much the same thing, even if with a slightly different emphasis. No matter the label, the tools are the same across the spectrum of national power that many know as DIMEFIL (Diplomatic, Information, Military, Economic, Financial, Intelligence, and Law Enforcement). These broadly include election interference, economic coercion, disinformation, weaponized immigration, sabotage of critical infrastructure, and cyberattacks. These are all measures deniable as a matter of government policy that fall closer to the hard-power end of the toolbox, even if they lie short of military intervention.
The common denominator that makes these very different actions part of the same toolset is that they are among the most difficult for liberal democracies to defend against and the costliest to respond to symmetrically.
In other words, they are tailored to exploit freedom.
Disinformation campaigns and election interference thrive where, one, political legitimacy relies on free elections and, two, public opinion is wholly exposed to domestic and international information flows. Economic coercion is most damaging in market-driven economies, where public and private sectors lack cohesion. The sabotage of critical infrastructure is most disruptive in nations where governments are accountable to a public that is quick to voice discontent and reluctant to retaliate in kind against those they believe to be responsible.
The drama around Georgescu demonstrates that hybrid threats have evolved. It is no longer the case that hybrid warfare’s existence can be denied, nor can orthodox doctrinaires afford to wave off the concept as too vague to be seriously discussed. In 2024, “mere” hybrid threats graduated into full-fledged, mainstream threats to the national security of many states across the West. We must define and systematize the threat posed by hybrid warfare as well as explain why it works asymmetrically well on Western democracies if we are to identify what can be done to protect ourselves.
Two Systemic Features
Hybrid tactics may be effectively identified by focusing on two inherent features readily seen in Europe over the past several years.
Let us call the first one “dispersion.” The individual actions that compose hybrid campaigns are generally structured to conceal the campaign to which they belong. Each individual action is implemented through one or more proxies to preserve the actor’s deniability and can be spread out over time, space, and/or domain. Three episodes in a Kremlin-orchestrated hybrid campaign to instill fear among Europeans regarding energy shortages and the consequences of sanctions against Russia offer a good example of dispersion:
- In August 2022, Gestore dei Servizi Energetici (GSE), an Italian government entity responsible for the management and distribution of renewable energy, suffered a significant ransomware attack orchestrated by the BlackCat/ALPHV group. This incident led to a shutdown of GSE’s IT systems as a preventive measure to restrict the attackers’ access and protect sensitive data (Cybersecurity360.it, August 31, September 2, 2022).
- In August 2022, Russia‘s Portovaya liquefied natural gas (LNG) plant near the Finnish border was observed burning approximately 4.34 million cubic meters of natural gas daily. This deliberate “flaring,” as the practice of burning off excess natural gas is known, was estimated to have wasted around $10 million per day (az, August 5, 2022). The flaring burnt off surplus Russian LNG supplies, which had previously flowed to energy-starved Europe, especially Germany, until the imposition of sanctions in response to Russia’s full-scale invasion of Ukraine in February 2022. The narrative Moscow wished to push was best displayed in a BBC article, “Russia burns off gas as Europe’s energy bills rocket” (BBC, August 26, 2022).
- On Christmas Eve 2022, Russian state television channel RT aired a provocative advertisement targeting European audiences. The video depicted a European family over three consecutive Christmases. In 2021, the family joyfully celebrates with a well-decorated tree, with their young girl receiving a pet hamster. On Christmas 2022, amid rising energy costs, the family is struggling, using the hamster’s exercise wheel to power the Christmas lights. A year later, the family faces severe hardship, to the point of having to serve the poor pet for dinner (for images, see NY Post, December 24, 2022).
The second feature is “graduality.” The strategic goal of hybrid threats is to divide democratic societies and undermine their very fabric and institutions over time. Democracies have become substantially powerless in reacting to long-term shifts as they are increasingly inclined not to look beyond their electoral horizon or their ruthlessly divided daily schedule. Today’s information environment has made it almost impossible to garner the political capital needed to tackle a threat that looks more like a slow but persistently rising tide than a raging fire. Our systemic adversaries have spotted the West’s intrinsic weakness in addressing gradual threats, acknowledging and accepting that eroding Western society from within will take years to yield results, but is very likely to succeed.
Dispersion and graduality make it easy to dismiss any single element of a hybrid campaign because individually it has a low immediate impact. Such dismissals rest on a misunderstanding of the actor’s modus operandi: cumulative effects over time.
What Is New
An oft-made argument is that none of this is new. The tools and their systemic features have been around for many years, making “hybrid warfare” a fancy and somewhat confusing way to refer to something everyone knows well, so the argument goes. Dezinformatsiya (дезинформация), propaganda, and sabotage were always known as the bulwarks of Soviet “active measures”—to say nothing of their antecedents and doctrinal progeny. [1] Similarly, a whole-of-society approach to war has long been at the center of Chinese military thought, from Mao’s “People’s war” to the “Three Warfares” doctrine. [2] Thus, detractors denounce “hybrid warfare” as a concept that is conceptually vague and operationally useless.
Over the years I have spent advising the Italian government on such issues, this conceptual resistance was a significant obstacle. Fighting hybrid threats is about connecting the dots across multiple domains. By definition, this makes it extremely difficult for experts of a single domain to view their subject matter as part of a greater picture, hamstringing efforts to map, raise awareness, and build a strategy to tackle a hybrid campaign. The problem is flipped if one examines the issue from the political level, where the lack of technical expertise—and short attention span, for reasons electoral or otherwise—makes the topic look abstract, obscure, and non-urgent.
This message is particularly difficult to communicate to parts of a national security establishment with a strong military or law enforcement culture, and understandably so. Kinetic conflicts and crimes are in many ways the opposite of hybrid threats. Their cost is often immediate, tangible, concentrated, and unidimensional. The intentions of the threat originator are clear, as is the agency responsible for tackling it. Acknowledging multidimensional threats can require the fusion of knowledge, authorities, and capabilities, which in turn can result in turf battles and erosion of competencies among bureaucracies, creating political resistance.
What Has Changed
Two factors that emerged over the last two decades have radically changed the strategic landscape and brought hybrid threats to the fore. The first is hard power capacity. For the first time since the end of World War II, the most powerful Western countries face systemic adversaries that can mobilize similar economic and military capabilities. An international project as grand and ambitious as the “One Belt, One Road” initiative would have been unthinkable without the People’s Republic of China’s (PRC) incredible growth in the last several decades.
The second factor is technology. The digital revolution made economic and critical infrastructure more susceptible to anonymous and remote disruption than ever before, while simultaneously amplifying the effects of disinformation and cognitive influence efforts.
These two shifts in the strategic environment leveled the advantages liberal democracies used to have by making three more “systemic” asymmetries—information domain, public-private cohesion, and hard power—much more relevant.
The first is in the information domain. The “fuel” on which democracies run is the information consumed by the public, who form the transmission chain out of which political decisions are made. It seems reasonable to assume that educated, smart public opinions have a higher chance of producing good political decisions and vice versa. Most would agree that the average quality of information in the information space has declined in at least the last decade. I would also assume that most people would agree that this has gone hand in hand with the fall of traditional media and the rise of social media as a major source for news, especially among young adults. According to a recent Pew Research Center survey, 17 percent of adults in the United States regularly get their news from TikTok, a PRC-owned application, up from 3 percent in 2020 (Pew Research Center, September 17, 2024). Among those aged 18–29, this figure rises to 39 percent. Other platforms regularly used for news include Facebook (relied upon by 33 percent of Americans), YouTube (32 percent), and Instagram (20 percent) (Pew Research Center, September 17, 2024). These platforms and their focus on short, superficial, but emotionally intense stimuli can simplify and distort one’s perception of reality (New York University Center for Conflict and Cooperation, December 2, 2024).
While the PRC and Russia have rates of social media consumption on par or even higher than the United States and/or parts of Europe, in autocracies, the lower level of freedom of information and more limited role of the public in shaping political decisions make them less vulnerable to the impacts of an information domain in decline.
Generative artificial intelligence (AI) is already a force multiplier to the scale of this threat.
The second asymmetry is the relationship between public and private interests. To brutally simplify, while liberal democracies are centered around the individual, autocracies’ social contract puts the collective first. This asymmetry used to be an advantage for us in the West. For many years, market-driven economies, competition, and free trade generated wealth and innovation to an extent unimaginable for our dirigiste or centrally planned, autarchic competitors.
We may now be tempted to believe the tables have turned. One may be forgiven for believing that a magic formula emerged in the late 1980s or early 1990s that exploits the rules of economic freedom, merging their benefits with the order and capacity for strategic planning of top-down dirigisme.
Compare the lopsided state of Europe and the PRC’s automotive sectors. From the outside, it appears that Beijing saw the coming battery electric vehicle (BEV) transformation and retooled its automotive sector well in advance, according to the hard data available. The PRC’s “Made in China 2025” plan issued in 2015 and the subsequent 14th Five-Year Plan launched an industrial policy to make the PRC the world leader in the development, supply chain, and end-to-end manufacturing of BEVs over the last decade (State Council, May 8, 2015; MIT Technology Review, February 21, 2023). This was accomplished using state policies that offered large and simultaneous investments in all the industries involved in the BEV lifecycle, from raw materials mining to battery production and recycling.
Europe, on the other hand, understood BEVs to be a key element of the green transition, which was embraced with an almost religious fervor. In that spirit, continental policymakers set the unrealistically ambitious goal of doing away with all fossil-fuel cars by 2035 (European Parliament, November 3, 2022)—and predictably failed to accomplish this, falling hostage to political fragmentation and bureaucracy. As former Italian Prime Minister and European Central Bank President Mario Draghi very well put it in his report on EU competitiveness, “the automotive sector is a key example of [the] lack of EU planning, applying a climate policy without an industrial policy” (European Commission, September 9, 2024).
A more general picture of this is found in the “Hamilton Index” by the Information Technology & Innovation Foundation, which monitors market share by country in 10 strategic industrial sectors, such as pharmaceuticals, machinery, motor vehicles, computers, information technology (IT), chemicals, and so on (Information Technology & Innovation Foundation, accessed April 30). According to the index, between 1995 and 2020, the PRC has expanded its global share of production in these critical sectors from 3 percent to 25 percent, while countries in the OECD (Organization for Economic Co-operation and Development) have seen a decline in their share from 85 percent to 58 percent. Beijing dominates seven out of the ten strategic sectors listed in the Hamilton Index. In these vital areas, the PRC produces more than any other nation, and outside the top 10, it produces more than all the remaining countries combined. In other words, the Chinese Communist Party has been far more effective in directing the PRC’s economy toward industries that advance its national interests than policymakers in OECD countries have—and it is not a close competition.
All this was true even before the explosion of AI. Data collection on a massive scale may prove to be yet another game changer. Beijing, for example, positioned itself long ago to exploit global information flows and protect its domestic data across the technology stack, even in areas like industrial equipment, Internet-of-Things devices, and apps and social media (Australian Strategic Policy Institute, October 14, 2019; June 8, 2021). In the West, this data is protected and sold. In the PRC and other authoritarian states with fewer concerns over their citizens’ privacy, this information can, in turn, be translated into long-term industrial, technology, and security policies.
During his confirmation hearing in the U.S. Senate to become Secretary of State on January 15, Marco Rubio stated, “If we don’t change course, we are going to live in the world where much of what matters to us on a daily basis, from our security to our health, will be dependent on whether the Chinese allow us to have it or not” (Associated Press, January 15). This course began with the PRC’s accession to the World Trade Organization in 2001—an inflection point which should remind us all of a truth we seem to keep forgetting, regardless of our domain of expertise: accepting symmetrical rules only works with symmetrical actors.
The third asymmetry concerns Europe’s relationship with hard power. As the West’s adversaries continue to see military force as simply one of the tools available to expand their influence, a persistent theme in European public debate continues to be that discussing war or rearming means loving violence and hating peace. Despite Russia’s ongoing war against Ukraine, the largest land war in Europe since World War II, there remains a resistance, almost a “psycho-political” denial, on the continent toward the necessity of rearmament. While this reluctance by European states to acquire the means necessary for their own defense is perhaps historically understandable, it is fundamentally dangerous.
The warnings from the United States to Europe have become clearer over time that U.S. support would waver if European security felt like more of a burden than a partnership. As then-Secretary of Defense Robert Gates warned NATO leaders in 2011, “Future U.S. political leaders—those for whom the Cold War was not the formative experience that it was for me—may not consider the return on America’s investment in NATO worth the cost” (NATOSource, June 10, 2011). Where the previous Trump administration was a warning that the United States is no longer willing to bear the burden of European defense, the second Trump administration has been much clearer about whether the transatlantic relationship is an end in itself or a means to achieve security. EU member states, however, have still struggled to tackle very thorny technical and political issues, such as interoperability, the chain of command, and even nuclear posture.
What Is to Be Done?
While working in the institutions of a G7 (Group of Seven) European country, I have witnessed first-hand the difficulty in acknowledging—and getting others to acknowledge—the threats we face. Across the European Union, the response to U.S. warnings about the impending Russian invasion in late 2021–early 2022 was characterized by skepticism and disbelief. With Russian battle groups gathering on the border with Ukraine and damning evidence detailing logistical preparations, European policymakers remained skeptical to a point that, in retrospect, appears not to be an analytical misjudgment as much as a manifestation of profound psychological denial. This is the successful result of a long effort by our adversaries to leverage liberal democracies’ freedoms to make sure they remain in a “non-fighting mode.” This objective was and is pursued through a panoply of tools, often in highly sophisticated and coordinated campaigns of influence.
I have also seen directly how democratic systems struggle against dispersion and graduality. As propaganda and disinformation flooded Europe’s media environment during the COVID-19 pandemic and the 2022 full-scale invasion of Ukraine, it was stark how the turf battles typical of our system hindered an immediate and effective reaction (Associated Press, March 21). And as our adversaries attempted to penetrate the continent’s strategic businesses and infrastructure, I watched the sacrosanct rules designed to protect our economic freedom bent into weapons against our national security.
So, what is to be done against a competitor who thinks our freedom is a systemic weakness, is structured in an ideal way to exploit it, and has the time, capability, and political will? I suggest the following:
- Policymakers on both sides of the Atlantic must forge a common lexicon to discuss the issue of hybrid warfare;
- Western institutions must be able to protect our media environment;
- Western societies must protect public and private data from foreign government acquisition;
- Decision makers themselves must understand the deep strategic relevance of the threats posed by hybrid warfare, despite their complex nature;
- Overcoming the dispersion asymmetry requires a broader range of institutions, such as those dealing with research, health, and critical materials, to enjoy permanent communication with one another; and
- Dispersion also requires greater integration or harmonization among allied countries on policies for investment screening and research security, so that a common lexicon is joined with common tools.
As the challenge and the tools to respond come into focus, Western citizens will need to discuss their application. Security tools create limits on liberty. In these cases, those limits are around how citizens, companies, and other institutions engage with adversaries. Our minds go back to the war on terrorism and insurgency when we think of democracies being challenged by their own freedom. This view is insufficient. The challenge facing the West today is of an altogether greater scale because it requires our decision makers to act counter to the incentives our system sets before them. They must look to the next decade rather than the next few months, privilege strategy over tactics in foreign and domestic policy, and be ready and willing to pay the electoral price.
This is ultimately what the systemic challenge is. Our adversaries use propaganda and disinformation to reflect back to us a caricature of our system, tempting us to erode some of its founding elements. But freedom is not a weakness. The history of the last several centuries points to the fact that the market of ideas works, and when combined with an educated and healthy society, is an invincible recipe for power and prosperity. As Karl Popper realized prophetically, “unlimited tolerance must lead to the disappearance of tolerance” (Karl Popper, The Open Society and Its Enemies, 1945). If we extend unlimited tolerance even to those who are intolerant and seek to destroy our system—or if we are not prepared to defend a tolerant society against the onslaught of the intolerant—then the tolerant will be destroyed, and tolerance with them.
Footnotes:
[1] Ladislav Bittman, The KGB and Soviet Disinformation: An Insider’s View, Pergamon Press, 1985.
[2] Joe McReynolds, ed., China’s Evolving Military Strategy, Washington, D.C.: The Jamestown Foundation, 2016.