Hybrid CoE contributed to the ‘Comprehensive security together’ campaign with a video blog post on conducting exercises. The topic for the blog was chosen to promote this practical method of providing organizations with experience and know-how in countering hybrid threats.
Exercises train participants to improve response mechanisms to different incidents or crises as they apply to hybrid threats, and strengthen relationships between participating organizations and individuals. Exercises can also be used as a tool to test different hypotheses, tactics, and procedures such as a playbook or a contingency plan.
Hybrid CoE offers a unique, safe-to-fail environment for practitioners from the Centre’s Participating States, the EU and NATO to conduct exercises in countering hybrid threats together.
‘Comprehensive Security Together’ (Kokonaisturvallisuutta yhdessä in Finnish) is a campaign coordinated by the Finnish Security Committee. In the video blog posts, designated experts discuss themes related to the Committee’s focus areas for 2021: Crisis leadership, preparedness for multiple disruption scenarios, and international cooperation.
The Role of Exercises in Countering Hybrid Threats
Shiho Rybski, Director of Training and Exercises, Hybrid COE
Markus Kokko, MSSc, MBA, has been appointed Head of Communications at the European Centre of Excellence for Countering Hybrid Threats from 17 May 2021.
His predecessor, Päivi Tampere, moved to the Prime Minister’s Office of Finland to lead the recently established Strategic Communications Team.
The Head of Communications, together with his team, is responsible for planning and running the internal and external communications at the Centre, the publication process, media relations, strategic communications, and crisis communications preparedness.
“We warmly welcome Markus to the international staff at the Centre. His diverse expertise in the field of communications and extensive international experience broadly support the development of the Centre’s communications,” says Hybrid CoE Director Teija Tiilikainen.
Markus Kokko worked as Counsellor for Press and Culture at the Embassy of Finland in Tokyo from 2015 to 2020. Prior to that, he worked as Director of Finnfacts, a not-for-profit international communications arm of the Finnish industrial and business sectors, and in various positions at the Economic Information Office, TAT. He has also gained international experience by studying and working in France, Spain, the United States, and Australia.
“Countering hybrid threats is a topical and expanding domain where the importance of international cooperation is undisputed,” says Kokko. “I’m very happy and motivated to join the Centre’s team of leading specialists, helping to safeguard our democratic societies and strengthen their comprehensive security.”
Hybrid CoE is an independent international Centre enhancing Participating States’ capabilities to counter hybrid threats. It does so by sharing best practices, testing new ideas and approaches, and providing training and exercises. The Centre currently has 28 Participating States. Participation is open to all EU member states and NATO allies.
The Istituto Affari Internazionali has published a report on ‘NATO decision-making in the age of big data and artificial intelligence’, which includes a chapter by Hybrid CoE’s Director for Research and Analysis, Hanna Smith, on ‘Hybrid threats to allied decision-making’. The publication is the result of a virtual conference organized by NATO Allied Command Transformation (ACT), the University of Bologna, and Istituto AffariInternazionali (IAI) of Rome, held on 17 November 2020. Hanna Smith’s chapter discusses the challenges to decision-making in Western countries posed by hybrid threats in relation to China and Russia. The report is available here.
The first part demonstrates how the dependence on cyberspace, combined with malign actors’ ability to use it, can result in a hybrid effect that may become a security threat. In particular, the paper assesses the links between cyberspace’s characteristics and the emergence of a consequential hybrid threat that further complicates the evolving security environment. The complete paper can be accessed here.
The second part compares cyber and hybrid threats, concluding that the former are a part of the latter. In addition, it demonstrates that these threats are best tackled by establishing and implementing a whole-of-society/-government approach to enhancing national security. The paper attempts to clarify the hybrid/cyber threat discussion by reducing its constituent parts to simple, non-technical concepts and definitions. The complete paper is available here.
Dr Johann Schmid, Director COI Strategy & Defence at Hybrid CoE, contributed to the latest issue of ISPAIM – Monitor Strategic with an article on ‘Hybrid warfare in Vietnam – How to win a war despite military defeat’.
All warfare is hybrid, but there is also a specific hybrid way of waging war. In contrast to “conventional” military–centric warfare, its centre of gravity is not primarily located in the military domain. Instead, one of the key factors in this respect is influencing, disintegrating or destroying the opponent’s psychological constitution, particularly their willingness to fight and their morale in continuing the struggle. Legitimacy and justness can become strong and effective weapons in this respect. As a result, success in hybrid warfare does not necessarily require victory on the military battlefield. Success is even possible despite military defeat. The example of the Second Indochina War underlines this and shows that hybrid warfare can be conceptualized by three key characteristics. These characteristics and their hybrid orchestration and interplay provide the missing link that helps to explain this frequently misunderstood defeat in Vietnam. A comparative analysis of the war in Eastern Ukraine also reveals a number of interesting parallels.
16–20 August 2021, Jyväskylä Summer School course: ‘Changing Security and Hybrid Threats’
The University of Jyväskylä (JYU) in cooperation with Hybrid CoE will organize a course on ‘Changing Security and Hybrid Threats’ as part of the 30th Jyväskylä Summer School. The course will enhance students’ understanding of the rapidly changing security environment in today’s Europe by focusing on what hybrid threats are, what kind of activity counts as part of the landscape of hybrid threats, why they are significant in terms of our security, how we can counter them, as well as future hybrid threats. Lecturers on the course include Dr Hanna Smith from Hybrid CoE, Dr Panu Moilanen and Dr Antero Holmila from JYU, and a number of guest lecturers.
The course is aimed at Master’s students, PhD students, civil servants, as well as military and law enforcement officers with a basic knowledge of hybrid threats. More information about the course can be found HERE. The application period for the Summer School is 1 March – 30 April. Applications can be submitted HERE.
For further information, please e-mail jss@jyu.fi.
NB: Depending on the Covid-19 situation, the course might be organized virtually in a Zoom environment.
On 18 February, 2021, Hybrid CoE organized a webinar in cooperation with Bruegel on money laundering and hybrid threats. Money laundering poses a permanent threat to the financial system, and hence the EU has actively worked at developing prevention mechanisms to combat it. But the COVID-19 pandemic and its economic impact may have magnified the problem and enabled its use as part of a hybrid approach. Many countries, including EU member states, are currently struggling and looking for outside money to shore up their economies. Will the EU and its member states be ready to control this risk – even if competition for financial inflows intensifies?
Summary of the event on money laundering and hybrid threats: Has COVID-19 made it all worse?
Introduction
On 18 February 2021, Hybrid CoE organized a webinar in cooperation with Bruegel on money laundering and hybrid threats. Money laundering poses a permanent threat to the financial system, and hence the EU has been active in developing prevention mechanisms to combat the problem. But the COVID-19 pandemic and its economic impact may have magnified the problem and enabled its use as part of a hybrid approach. Many countries, including EU member states, are currently struggling and looking for outside money to shore up their economies.
Hybrid CoE raised two questions for discussion:
Is it possible to use money laundering as a “weapon” against smaller economies, and to develop it as a hybrid tool?
Will the EU and its member states be ready to control this hybrid risk – even if competition for financial inflows intensifies?
The following experts participated in a panel to discuss the issues:
Mr Nicolas Véron, Senior Fellow, Bruegel
Mr Arnis Praudinš, Head of the Financial Crime Risk (Compliance), Swedbank Latvija
Mrs llze Znotiņa, Head, Financial Intelligence Unit (FIU) of Latvia
Mr Arnis Šnore, Deputy Director, Community of Interest on Vulnerabilities and Resilience, Hybrid CoE
Discussion: Anti-money laundering measures must remain a priority
Mrs Znotiņa stated thatalthough anti-money laundering (AML) measures during the global pandemic remain a high priority, COVID-19 is certainly not improving any country’s capability to prevent and combat money laundering (ML), including Latvia. There is a clear indication that specific money laundering threats are emerging due to COVID-19. The ML risk profile is being changed as the activity of “non-essential” business is limited and on-site client services are restricted. However, online sales are increasing during COVID-19.
Various support measures to reduce the negative impact of COVID-19 on the Latvian economy are being implemented. As the economy is struggling, this might create ML opportunities, and the impact on financial and social behaviour is obvious due to the closure of businesses, unemployment, and the restructuring of governmental resources.
Cybercrime is another area of concern. The precautionary measures and limitations on the physical movement of individuals increased the demand for online communication and purchases, significantly increasing cybersecurity risks for users. There has been a rise in phishing emails, links to malicious websites, and attachments containing personal information. Specific forms of cyber fraud that have been reported include impersonating public authorities who provide social aid in order to fraudulently obtain funds or personal information; business email compromise scams; and cyber criminals exploiting weaknesses in businesses’ network security to gain access to customer contact and transaction information.
Other common offences (also identified more frequently than in ML cases) were fraud (related to medical equipment, or to economic relief measures or public procurement contracts, intentionally driving legal persons to insolvency); corruption (related to the ease of public procurement procedures to ensure the swift delivery of urgently needed medical supplies); medicrime (the overpricing of low-quality goods as a result of the significant demand for medical equipment and supplies caused by the pandemic); and corruption risks related to COVID-19 vaccine procurement.
Relevant questions in this context are how to balance the issue of attracting investments and protecting the financial system, and how to minimize vulnerabilities and increase resilience.
Latvia wanted to establish a green corridor with Belarusian companies in order to provide them with the opportunity to invest in Latvia, and to continue their activities, which had been suspended at some point by President Lukashenko. Latvia wanted to be the preferred country for these businesses, providing banking services while still protecting the Latvian financial system against possible threats and risks, as the businesses originate from a system where compliance is not at the same level as in Latvia. Strict compliance and the willingness to fight financial crime pose a competitive challenge: countries are caught between a wide range of AML requirements and assessments by various international institutions, which are not homogeneous.
Mr Praudinš reported that AML has been at the top of Latvia’s agenda, and that private banks comply with the highest international standards and havezero tolerance of financial crime.In 2018, credit institutions and payment institutions were banned from cooperating with shell arrangements. Since then, there has been a significant decrease in the non-resident customer deposit market share and outgoing transactions by foreign customers.Latvia is not as attractive as it used to be because of the measures carried out in recent years, which decrease the vulnerabilities and risks of hybrid influence.
Several comprehensive cooperation mechanisms have been developed. The Financial Intelligence Unit (FIU) has utilized a Public-Private Partnership model, and private-private information sharing between banks has been allowed. Every country seeks investments, but a decision should be made on whether it is allowed to accept illegal money during a crisis. More questions could also be asked, such as whether the stability of the global financial system is secured in general, for example against WallStreetBets and social media influence, or Bitcoin price fluctuations or cryptocurrencies. All of these tools are out there, and countries need to be ready to assess their vulnerabilities if such tools are used in a hybrid way against their economy.
The following discussion among the experts covered further areas of concern.
Different EU countries are at different stages of ML assessment and the implementation of AML measures, even with EU directives. It was mentioned that politics should be less of an issue in ML discussions. Small and larger countries should have the same attitude. The European Commission is expected to introduce a legislative proposal on ML supervision this year. It remains to be seen whether it will make a difference. No bureaucracy or document is useful unless there is cooperation among financial actors and FIUs, and – most importantly – information sharing. Every country will have to make a decision on where to draw the line, and with whom they can do business. Countries need to know whether their business partners or their rivals are capable of using these hybrid tools against them.
In the near future, cryptocurrencies will be an issue for the FIU and AML regulation framework.
Latvian FinTech and cryptocurrency risk assessments indicate that there are not that many suspicious transactions related to cryptocurrencies as yet because there are very few service providers for virtual currencies in Latvia. Yet public awareness of FinTech and cryptocurrencies is increasing.
However, cryptocurrencies effectively create another layer, and there will need to be a greater focus on this area. Social media is also an important factor. It is easy to use social media to the extent where a group of people can be led to believe, falsely, that some actions by important actors within the national economy equate with money laundering. The pandemic makes this easier than before, as more and more people are living in their own social bubble.
In general, the political system, politicians, authorities and decision-makers need further awareness-raising, as they have an insufficient understanding of what constitutes financial crime, how to combat it, and how it affects everyone in society. When it comes to European integration, the system is as strong as its weakest link. Hence, there is the potential and the need to do more to limit vulnerabilities and to decrease the likelihood of hybrid threats.
Conclusions
Money laundering is a vulnerability and a potential area for hybrid influence. Nations need to address this issue using best practices or EU guidelines. In a connected world, it is important to take care of the weakest link to avoid potential consequences for everyone. It is crucial to continue to educate politicians and decision-makers about money laundering and hybrid threats. They need to understand the vulnerabilities and be aware of the potential worst-case consequences.
At the community level, the EU needs to continue to work on regulatory frameworks for AML in order to decrease vulnerabilities and increase resilience, taking into account future challenges such as cryptocurrencies and future digital markets.
Many open questions remain, however, and discussion is needed on hybrid influencing tools, including their usage against and impact on democracies. Hybrid CoE will continue to monitor and research hybrid threats in this area and help its Participating States to increase their resilience.
COI Strategy & Defence kick-started its new StratDoc Analysis workstrand with a virtual brainstorming event on 27 January.
By introducing the workstrand and the preliminary work already carried out by COI Strategy & Defence in mapping the relevant strategy and policy documents, the event identified the particular interests and needs of Hybrid CoE Participating States, the EU and NATO. The active brainstorming session provided inspiration and helped to focus the future work of the new workstrand.
The objective of the workstrand is a systematic comparative analysis and assessment of the ‘hybrid threats/conflict/warfare complex’ in the official strategy and policy documents of Hybrid CoE Participating States, the EU and NATO. To this end, the workstrand is designed to achieve a better mutual understanding among the different parties regarding their interpretation of and response to hybrid challenges. It aims to identify gaps in a more systematic manner, share experiences and best practices, and provide mutual inspiration.
On 17 December, Hybrid CoE’s Research Director Dr Hanna Smith received the ‘Security Researcher of the year 2020’ award at the virtual ‘Finnish Security Awards Gala’. The award is presented to a researcher or team of researchers who, through their research work, have made a significant contribution to the understanding of safety and/or enabled the development of new security solutions. The award committee stated that Hanna Smith is an active developer and collaborator, who possesses an exceptionally wide and deep range of expertise on Russia as well as on hybrid threats. The award also highlights the positive Finnish measures in this new threat genre.
The Finnish Security Awards (FSA), established by Turvallisuus & Riskienhallinta magazine in 2015, and sponsored by 17 Finnish security, safety and risk management associations and societies, has 11 award categories.
COI Strategy & Defence organized its second annual Cyber power symposium on hybrid warfare virtually in November 2020. Building on the first cyber power symposium, organized a year ago, the second symposium focused on actor analysis regarding power depiction capabilities and interests of defensive and offensive cyber players in the cyber field.
Key take-aways of the event:
Cyber power has become an integral component of military and nonmilitary activity on the international arena. With technological advancement, state backed cyberattacks have become regular tools in geopolitical competition.
The global cyberthreat landscape today is more likely to produce long-term, lingering issues of political subversion and interference, rather than a sudden catastrophic event.
Cyber-enabled new technologies are proving highly disruptive to traditional security, defence doctrines and legal frameworks in political and institutional contexts, as well as modern battlefields.
Several powers with global ambitions have begun to incorporate cyber power into their national defence strategies. This is seen for example in upgrades of conventional weapon systems and increased focus on cyber security of critical infrastructure.
Cyber power is inherently international, as well as a multi domain challenge, which countries and institutions cannot tackle alone. Alliances like NATO and the EU are incremental in enhancing their member states cyber edge.
