Dr Johann Schmid, Director COI Strategy & Defence at Hybrid CoE, contributed to the latest issue of ISPAIM – Monitor Strategic with an article on ‘Hybrid warfare in Vietnam – How to win a war despite military defeat’.
All warfare is hybrid, but there is also a specific hybrid way of waging war. In contrast to “conventional” military–centric warfare, its centre of gravity is not primarily located in the military domain. Instead, one of the key factors in this respect is influencing, disintegrating or destroying the opponent’s psychological constitution, particularly their willingness to fight and their morale in continuing the struggle. Legitimacy and justness can become strong and effective weapons in this respect. As a result, success in hybrid warfare does not necessarily require victory on the military battlefield. Success is even possible despite military defeat. The example of the Second Indochina War underlines this and shows that hybrid warfare can be conceptualized by three key characteristics. These characteristics and their hybrid orchestration and interplay provide the missing link that helps to explain this frequently misunderstood defeat in Vietnam. A comparative analysis of the war in Eastern Ukraine also reveals a number of interesting parallels.
16–20 August 2021, Jyväskylä Summer School course: ‘Changing Security and Hybrid Threats’
The University of Jyväskylä (JYU) in cooperation with Hybrid CoE will organize a course on ‘Changing Security and Hybrid Threats’ as part of the 30th Jyväskylä Summer School. The course will enhance students’ understanding of the rapidly changing security environment in today’s Europe by focusing on what hybrid threats are, what kind of activity counts as part of the landscape of hybrid threats, why they are significant in terms of our security, how we can counter them, as well as future hybrid threats. Lecturers on the course include Dr Hanna Smith from Hybrid CoE, Dr Panu Moilanen and Dr Antero Holmila from JYU, and a number of guest lecturers.
The course is aimed at Master’s students, PhD students, civil servants, as well as military and law enforcement officers with a basic knowledge of hybrid threats. More information about the course can be found HERE. The application period for the Summer School is 1 March – 30 April. Applications can be submitted HERE.
For further information, please e-mail jss@jyu.fi.
NB: Depending on the Covid-19 situation, the course might be organized virtually in a Zoom environment.
On 18 February, 2021, Hybrid CoE organized a webinar in cooperation with Bruegel on money laundering and hybrid threats. Money laundering poses a permanent threat to the financial system, and hence the EU has actively worked at developing prevention mechanisms to combat it. But the COVID-19 pandemic and its economic impact may have magnified the problem and enabled its use as part of a hybrid approach. Many countries, including EU member states, are currently struggling and looking for outside money to shore up their economies. Will the EU and its member states be ready to control this risk – even if competition for financial inflows intensifies?
Summary of the event on money laundering and hybrid threats: Has COVID-19 made it all worse?
Introduction
On 18 February 2021, Hybrid CoE organized a webinar in cooperation with Bruegel on money laundering and hybrid threats. Money laundering poses a permanent threat to the financial system, and hence the EU has been active in developing prevention mechanisms to combat the problem. But the COVID-19 pandemic and its economic impact may have magnified the problem and enabled its use as part of a hybrid approach. Many countries, including EU member states, are currently struggling and looking for outside money to shore up their economies.
Hybrid CoE raised two questions for discussion:
Is it possible to use money laundering as a “weapon” against smaller economies, and to develop it as a hybrid tool?
Will the EU and its member states be ready to control this hybrid risk – even if competition for financial inflows intensifies?
The following experts participated in a panel to discuss the issues:
Mr Nicolas Véron, Senior Fellow, Bruegel
Mr Arnis Praudinš, Head of the Financial Crime Risk (Compliance), Swedbank Latvija
Mrs llze Znotiņa, Head, Financial Intelligence Unit (FIU) of Latvia
Mr Arnis Šnore, Deputy Director, Community of Interest on Vulnerabilities and Resilience, Hybrid CoE
Discussion: Anti-money laundering measures must remain a priority
Mrs Znotiņa stated thatalthough anti-money laundering (AML) measures during the global pandemic remain a high priority, COVID-19 is certainly not improving any country’s capability to prevent and combat money laundering (ML), including Latvia. There is a clear indication that specific money laundering threats are emerging due to COVID-19. The ML risk profile is being changed as the activity of “non-essential” business is limited and on-site client services are restricted. However, online sales are increasing during COVID-19.
Various support measures to reduce the negative impact of COVID-19 on the Latvian economy are being implemented. As the economy is struggling, this might create ML opportunities, and the impact on financial and social behaviour is obvious due to the closure of businesses, unemployment, and the restructuring of governmental resources.
Cybercrime is another area of concern. The precautionary measures and limitations on the physical movement of individuals increased the demand for online communication and purchases, significantly increasing cybersecurity risks for users. There has been a rise in phishing emails, links to malicious websites, and attachments containing personal information. Specific forms of cyber fraud that have been reported include impersonating public authorities who provide social aid in order to fraudulently obtain funds or personal information; business email compromise scams; and cyber criminals exploiting weaknesses in businesses’ network security to gain access to customer contact and transaction information.
Other common offences (also identified more frequently than in ML cases) were fraud (related to medical equipment, or to economic relief measures or public procurement contracts, intentionally driving legal persons to insolvency); corruption (related to the ease of public procurement procedures to ensure the swift delivery of urgently needed medical supplies); medicrime (the overpricing of low-quality goods as a result of the significant demand for medical equipment and supplies caused by the pandemic); and corruption risks related to COVID-19 vaccine procurement.
Relevant questions in this context are how to balance the issue of attracting investments and protecting the financial system, and how to minimize vulnerabilities and increase resilience.
Latvia wanted to establish a green corridor with Belarusian companies in order to provide them with the opportunity to invest in Latvia, and to continue their activities, which had been suspended at some point by President Lukashenko. Latvia wanted to be the preferred country for these businesses, providing banking services while still protecting the Latvian financial system against possible threats and risks, as the businesses originate from a system where compliance is not at the same level as in Latvia. Strict compliance and the willingness to fight financial crime pose a competitive challenge: countries are caught between a wide range of AML requirements and assessments by various international institutions, which are not homogeneous.
Mr Praudinš reported that AML has been at the top of Latvia’s agenda, and that private banks comply with the highest international standards and havezero tolerance of financial crime.In 2018, credit institutions and payment institutions were banned from cooperating with shell arrangements. Since then, there has been a significant decrease in the non-resident customer deposit market share and outgoing transactions by foreign customers.Latvia is not as attractive as it used to be because of the measures carried out in recent years, which decrease the vulnerabilities and risks of hybrid influence.
Several comprehensive cooperation mechanisms have been developed. The Financial Intelligence Unit (FIU) has utilized a Public-Private Partnership model, and private-private information sharing between banks has been allowed. Every country seeks investments, but a decision should be made on whether it is allowed to accept illegal money during a crisis. More questions could also be asked, such as whether the stability of the global financial system is secured in general, for example against WallStreetBets and social media influence, or Bitcoin price fluctuations or cryptocurrencies. All of these tools are out there, and countries need to be ready to assess their vulnerabilities if such tools are used in a hybrid way against their economy.
The following discussion among the experts covered further areas of concern.
Different EU countries are at different stages of ML assessment and the implementation of AML measures, even with EU directives. It was mentioned that politics should be less of an issue in ML discussions. Small and larger countries should have the same attitude. The European Commission is expected to introduce a legislative proposal on ML supervision this year. It remains to be seen whether it will make a difference. No bureaucracy or document is useful unless there is cooperation among financial actors and FIUs, and – most importantly – information sharing. Every country will have to make a decision on where to draw the line, and with whom they can do business. Countries need to know whether their business partners or their rivals are capable of using these hybrid tools against them.
In the near future, cryptocurrencies will be an issue for the FIU and AML regulation framework.
Latvian FinTech and cryptocurrency risk assessments indicate that there are not that many suspicious transactions related to cryptocurrencies as yet because there are very few service providers for virtual currencies in Latvia. Yet public awareness of FinTech and cryptocurrencies is increasing.
However, cryptocurrencies effectively create another layer, and there will need to be a greater focus on this area. Social media is also an important factor. It is easy to use social media to the extent where a group of people can be led to believe, falsely, that some actions by important actors within the national economy equate with money laundering. The pandemic makes this easier than before, as more and more people are living in their own social bubble.
In general, the political system, politicians, authorities and decision-makers need further awareness-raising, as they have an insufficient understanding of what constitutes financial crime, how to combat it, and how it affects everyone in society. When it comes to European integration, the system is as strong as its weakest link. Hence, there is the potential and the need to do more to limit vulnerabilities and to decrease the likelihood of hybrid threats.
Conclusions
Money laundering is a vulnerability and a potential area for hybrid influence. Nations need to address this issue using best practices or EU guidelines. In a connected world, it is important to take care of the weakest link to avoid potential consequences for everyone. It is crucial to continue to educate politicians and decision-makers about money laundering and hybrid threats. They need to understand the vulnerabilities and be aware of the potential worst-case consequences.
At the community level, the EU needs to continue to work on regulatory frameworks for AML in order to decrease vulnerabilities and increase resilience, taking into account future challenges such as cryptocurrencies and future digital markets.
Many open questions remain, however, and discussion is needed on hybrid influencing tools, including their usage against and impact on democracies. Hybrid CoE will continue to monitor and research hybrid threats in this area and help its Participating States to increase their resilience.
COI Strategy & Defence kick-started its new StratDoc Analysis workstrand with a virtual brainstorming event on 27 January.
By introducing the workstrand and the preliminary work already carried out by COI Strategy & Defence in mapping the relevant strategy and policy documents, the event identified the particular interests and needs of Hybrid CoE Participating States, the EU and NATO. The active brainstorming session provided inspiration and helped to focus the future work of the new workstrand.
The objective of the workstrand is a systematic comparative analysis and assessment of the ‘hybrid threats/conflict/warfare complex’ in the official strategy and policy documents of Hybrid CoE Participating States, the EU and NATO. To this end, the workstrand is designed to achieve a better mutual understanding among the different parties regarding their interpretation of and response to hybrid challenges. It aims to identify gaps in a more systematic manner, share experiences and best practices, and provide mutual inspiration.
On 17 December, Hybrid CoE’s Research Director Dr Hanna Smith received the ‘Security Researcher of the year 2020’ award at the virtual ‘Finnish Security Awards Gala’. The award is presented to a researcher or team of researchers who, through their research work, have made a significant contribution to the understanding of safety and/or enabled the development of new security solutions. The award committee stated that Hanna Smith is an active developer and collaborator, who possesses an exceptionally wide and deep range of expertise on Russia as well as on hybrid threats. The award also highlights the positive Finnish measures in this new threat genre.
The Finnish Security Awards (FSA), established by Turvallisuus & Riskienhallinta magazine in 2015, and sponsored by 17 Finnish security, safety and risk management associations and societies, has 11 award categories.
COI Strategy & Defence organized its second annual Cyber power symposium on hybrid warfare virtually in November 2020. Building on the first cyber power symposium, organized a year ago, the second symposium focused on actor analysis regarding power depiction capabilities and interests of defensive and offensive cyber players in the cyber field.
Key take-aways of the event:
Cyber power has become an integral component of military and nonmilitary activity on the international arena. With technological advancement, state backed cyberattacks have become regular tools in geopolitical competition.
The global cyberthreat landscape today is more likely to produce long-term, lingering issues of political subversion and interference, rather than a sudden catastrophic event.
Cyber-enabled new technologies are proving highly disruptive to traditional security, defence doctrines and legal frameworks in political and institutional contexts, as well as modern battlefields.
Several powers with global ambitions have begun to incorporate cyber power into their national defence strategies. This is seen for example in upgrades of conventional weapon systems and increased focus on cyber security of critical infrastructure.
Cyber power is inherently international, as well as a multi domain challenge, which countries and institutions cannot tackle alone. Alliances like NATO and the EU are incremental in enhancing their member states cyber edge.
Hybrid CoE, together with the Multinational Medical Coordination Centre / European Medical Command (MMCC/EMC) and the German Federal Office for Civil Protection and Disaster Relief (BBK), hosted Resilient Response 2020 (RERE 20) from 24 to 26 November. RERE 20 was an online pandemic response exercise in which national teams strove to protect their populations from a novel virus, while simultaneously countering hybrid threats.
Over the course of three days, participating nations played out four consecutive rounds of a pandemic scenario, beginning with the initial outbreak of a novel disease and ending with the availability and distribution of a vaccine. Each round had a specific focus and characteristics, including hybrid influencing factors.
The main objectives of the exercise were:
To practise a whole-of-government response to a crisis situation (Epidemic/Pandemic) influenced by hybrid threats on the basis of existing emergency concepts, best practices and lessons identified / learned during the COVID-19 pandemic.
To increase decision-makers’ awareness of the complexity of decision-making.
To practise cross-governmental coordination and cooperation within an epidemic / a pandemic hybrid crisis scenario.
Shiho Rybski and Markus Metsala from Hybrid CoE were producing hybrid elements to the ‘RERE 20’ exercise.
The exercise featured 12 national teams, with representatives from the EU, NATO and USEUCOM totalling over 120 participants across Europe. In the end, all of the teams were successful in overcoming the pandemic and keeping hybrid threats at bay, thanks to effective national responses and solidarity within the EU and NATO communities.
RERE 20 highlighted the importance of social resilience for countering hybrid threats. Proactive messaging stood out as a crucial tool for dealing with disinformation. Nations that benefitted from diverse, cross-government teams showed creativity in their responses to hybrid threats. They used the exercise to experiment with different approaches and were the catalyst for knowledge expansion among players.
Based on feedback and evaluation, the exercise objectives were achieved. RERE 20 supported the fail-safe practice and enhancement of planning, communications and decision-making in a credible and relevant scenario. There is now a greater understanding of the capacities and procedures for EU and NATO cooperation mechanisms, which will increase preparedness and facilitate a quicker response.
The exercise enabled the comparison and evaluation of national crisis management strategies and enhanced the exchange of experiences and strategies to deal with the current COVID-19 pandemic.
Hybrid CoE contributed to the NATO Command and Control Centre of Excellence (NATO C2COE) annual seminar on ‘Multi-domain operations – Keys to master complexity’. Dr Johann Schmid gave a presentation during the event on Hybrid warfare and multi-domain operations and contributed to the panel discussion that followed.
Hybrid warfare extends the battlefield by exploiting multiple military and non-military domains and dimensions. Culture, information, economy, technology, and society as a whole can become ‘battlefields’ in this context. Hybrid warfare of a type demonstrated, for example, on the Ukrainian battlefield, if waged against European countries, would pose a particular challenge for Europe and the crisis management and defence of both NATO and the EU. Although it may seem unlikely from today’s perspective, in an extreme case, NATO’s military defence and deterrence posture could be bypassed by subversive means in a ‘downward or horizontal escalation mode.
Countering hybrid actors and activities calls for a comprehensive and coordinated response in multiple domains. Creating an accurate multi-domain situational awareness picture is a first step in this direction.
The NATO C2COE annual seminar focused on multi-domain operations and their impact on command and control (C2). The aim of the seminar was to challenge participants’ preconceived notions of multi-domain operations by providing the latest insights into and perspectives on command and control in the context of a changing operational environment with hybrid warfare as a key element.
Please find the read-ahead article written by Johann Schmid on Hybrid warfare – operating on multidomain battlefieldshere.
Building on the findings of the February 2020 cyber-expert workshop – ‘Future of cyberspace and hybrid threats’ – Hybrid CoE’s Community of Interest on Strategy & Defence together with the Research & Analysis team organized a virtual round table on actors in cyberspace. The experts discussed the hybrid threat implications of activities in cyberspace, with a focus on actor analysis, and the power depiction capabilities and interests of defensive / offensive state and non-state cyber players.
Of particular interest during the discussions were questions on the identified adversarial and predatory behavioral patterns for advancing geopolitical objectives, activities to re-shape the data-related regulatory framework in the rules-based order, and efforts to gain an advantage by deliberately operating below the threshold of armed conflict.
Dr Johann Schmid, Director COI Strategy & Defence at Hybrid CoE, contributed to the latest issue of Österreichische Militärische Zeitschrift (ÖMZ) (Austrian Military Journal) with an article on ‘The archetype of hybrid warfare. Hybrid warfare vs. military-centric warfare’.
The article elaborates the thesis that hybrid warfare as a concept would only be well grounded if based on the existence of a respective counterpart. This counterpart is identified in military-centric warfare and was exemplified in the case of the Falklands War (1982). In comparison with the Second Indochina War as an ‘archetype’ of hybrid warfare, conclusions are drawn in the article for a theory of hybrid warfare.
The main arguments advanced:
As ‘a continuation of policy by other means’ (Clausewitz), war is inherently hybrid. At the same time, however, a specific hybrid way of conducting war can be identified. This is hybrid warfare in the narrower sense.
In order to conceptualize this hybrid warfare, it is particularly important to distinguish it from its counterpart. Without such a counterpart, any concept of hybrid warfare would not be well grounded.
This counterpart can be identified as ‘conventional’ or, more precisely, military-centric warfare. The main distinguishing feature relates to the question of where the centre of gravity in awar/confrontation is located.
In contrast to military-centric warfare, the centre of gravity in hybrid warfare is not primarily located in the military domain but rests in a broad, combined and flexibly used spectrum of multiple domains and dimensions, both military and non-military.
