Countering Hybrid Threats in the Maritime Environment (Multi-Video)

The NATO Allied Command Transformation (ACT) Multiple Futures Project (MFP) highlighted the scale and complexity of conventional and non-conventional future threats facing NATO, which includes deterring nuclear attacks. (Courtesy of NATO)
The NATO Allied Command Transformation (ACT) Multiple Futures Project (MFP) highlights the scale and complexity of conventional and non-conventional future threats facing NATO, which includes deterring nuclear attacks. (Courtesy of NATO)

By Chris Kremidas-Courtney, Center for International Maritime Security (CIMSEC)

Introduction: Hybrid Threats

Today, there are state and non-state actors challenging nations, institutions, and private companies through a wide range of overt and covert activities targeted at their vulnerabilities.

Both NATO and the European Union refer to these as “hybrid threats” and the maritime domain has proven to be especially vulnerable.1

(Learn More. European intelligence chiefs warned on Monday that Russia is actively seeking to undermine their democracies by disinformation, cyberattacks and more traditional means of espionage. Courtesy of the Associated Press and YouTube. Posted on May 19, 2018.)

As we’ve seen recently, in both Crimea and the South China Sea, a hybrid approach lowers the political price for aggression, making regime change and territorial annexation possible “on the cheap.”2

Many refer to this phenomenon as “hybrid warfare” and in the process militarize a phenomenon that is actually much broader and more complex.

This phenomenon requires a whole-of-government and whole-of-society approach to access the necessary means and authorities to address them.

Thus, hybrid threats are best understood when framed as an attack on governance, specifically democratic governance.

(Vice Adm. Clive Johnstone, RN, commander of NATO’s Allied Maritime Force, discusses its renewed focus on “operations and operational behavior,” its to-do list (including boosting fleet and force readiness, and increasing allied naval forces more flexibility), his priorities as commander, the influence of Russia’s Kalibr cruise missile on future force planning, hybrid warfare at sea and more. Courtesy of Defense & Aerospace Report and YouTube. Posted on Jan 23, 2018.)

Hybrid uses subtle, far-reaching, and opportunistic methods – and seldom with a return address.

In other cases, they can be more brazen, but operate in a gray zone in which the impacted state has few good response options without escalating the situation into armed conflict.

In general, governments and institutions with weak governance are more susceptible to hybrid and transnational threats.

Corruption, low levels of public trust, weak public and private accountability, ineffective law enforcement, poor border and port security, weak security protocols for critical infrastructure, and a lack of cooperation between ministries, institutions, and the private sector leave them more vulnerable to these attacks on governance.

Of course, these threats have always existed, but what makes hybrid threats different are the new vulnerabilities presented by a globalized world interconnected by instant global communications, systems of finance, and commerce.

(Learn More. Hybrid threats are a combination of military and non-military means. The objective is to destabilize opponents, create confusion, mask the real situation on the ground and hamper decision-making. Ministers of Defense discuss hybrid threats. Courtesy of the Council of the EU and YouTube. Posted on  Apr 20, 2016.)

Hybrid threats represent the weaponization of globalization.

The governance which is threatened by hybrid threats is not just public, but private as well.

The majority of the world’s supply chain, communications providers, financial systems, and media outlets are found in the private sector.

For example, 80–90 percent of many Western countries’ critical infrastructure is owned and operated by the private sector.

90% of goods in global trade are carried by the ocean shipping industry each year. A new blockchain solution from IBM and Maersk will help manage and track the paper trail of tens of millions of shipping containers across the world by digitizing the supply chain process. (Photo credit: Maersk)
90% of goods in global trade are carried by the ocean shipping industry each year. (Courtesy of Maersk)

This infrastructure is widely recognized as the first target of a hybrid campaign.3

Given NATO’s heavy reliance on the private sector to provide logistics and communications capabilities during a crisis, these vulnerabilities can have far-reaching effects.

Vulnerabilities to Maritime Hybrid Threats


  • Commercial vessels and ports are vulnerable to hybrid threats in the form of sabotage, navigational spoofing, and cyber-attacks on supply chain information systems, resulting in lost or disrupted cargo, denial of access to critical port facilities, and environmental damage.
  • At the same time, foreign ownership and control of commercial port facilities can lead to the disruption of their use when these same facilities are required in times of crisis.


  • Commercial and military maritime activities are more reliant on cyber-enabling capabilities than ever, with everything from navigation systems to port information systems all being vulnerable to cyber-attack by hybrid actors and criminal organizations.
  • The Maersk incident of 2017 illustrates the challenge well. 
  • A cyber-attack on the government of Ukraine inadvertently impacted Danish global shipping giant Maersk when they went to pay their Ukrainian taxes online.

(The Maersk cyber attack should be a wake-up call for the shipping industry, exclaims editor Martyn Wingrove. Courtesy of Riviera Maritime Media Ltd and YouTube. Posted on Jul 5, 2017.)

As a result, Maersk’s global operations came to a halt as they temporarily lost the ability to govern their fleet.

  • Numerous other industries were also impacted as the global supply chain was disrupted.5
  • If this attack was actually aimed at commercial ports and logistics companies, the damage and disruption could have been much worse.
  • Under this same category, some commercial shipping companies are currently testing technologies to enable the use of cyber-controlled unmanned container ships to move commodities across the world’s seaways.
  • Obviously, the risks associated with this potential development are self-evident when looked at through the lens of maritime hybrid threats, with a potential scenario of a cyber-hacked unmanned vessel being turned into a weapon.


(Courtesy of Thermo Fisher Scientific)
(Courtesy of Thermo Fisher Scientific)
  • Diversification of energy supplies has led to an increase in the importance of liquefied natural gas (LNG), to include the transport vessels and onshore offloading facilities.
  • In addition, gas and oil exploration in the eastern Mediterranean and the trans-shipment of petroleum and LNG at sea makes the energy supply chain more vulnerable to hybrid threats against the commercial entities which explore, extract, and ship these commodities.6


  • Today’s economies are very reliant on the global information technology infrastructure with 97 percent of intercontinental communications moving through undersea cables, most of which lack even basic defenses.
  • Approximately $10 trillion in financial transactions is carried over these 213 cable systems every day, illustrating the global economy’s reliance on them.7
  • These cables are not owned by states, but rather by private entities which cannot afford to harden them and still make a profit.

The potential impacts are apparent when considering that in December 2008, accidental cable cuts in the Mediterranean and Persian Gulf resulted in widespread internet outages in the Middle East and India.

  • For example, during that accident, Egypt lost 70 percent of internet connectivity, while India lost 50 percent.8

(Learn More. Ten countries affected by outages after submarine cable system is damaged. An entire country was left without internet access for two days after an undersea cable was damaged. Courtesy of 21 News and YouTube. Posted on Apr 21, 2018.)

Territorial Vulnerabilities.

  • The borders and exclusive economic zones (EEZ) of coastal nations can be disrupted and contested by hybrid actors acting on behalf of a state in order to contest the governance of their sovereign territory.
  • In the South China Sea, China seeks to expand its claims, often interfering with the territorial waters and exclusive economic zones (EEZ) of countries like Vietnam and the Philippines, using methods such as armed fisherman to challenge the authorities of these nations and their commercial entities operating in their own EEZ.
  • Since the ability to control, maintain, and protect sovereign territory is a key aspect of governance, these are among the central tasks of coast guards and naval forces.
Coalition military forces prepare to board a vessel suspected of having pirates on board. (Courtesy of NATO)
Coalition military forces prepare to board a vessel suspected of having pirates on board. (Courtesy of NATO)

In some cases, governments find it necessary to modify the rules of engagement for coast guards to be authorized to use deadly force, as Finland did in 2017.

Threats to Maritime Security Forces.

  • Clandestine hybrid actors using armed frogmen or unmarked vessels disguised as commercial or fishing craft can surprise and swarm military vessels, disabling or disrupting them to keep them from being able to respond to other elements of a hybrid attack.

The ability to detect, attribute, and respond to these threats is among the greatest challenges presented to security forces.

  • In addition, the availability of increasingly sophisticated commercial off-the-shelf technology (COTS) to hybrid actors means that maritime security forces must constantly adapt in order to mitigate these emerging risks.

(Learn More. The world’s oceans are busy maritime highways. Today, 85 per cent of all international trade in raw material and manufactured goods travels by sea, and tankers carry more than half of the world’s oil. The stakes of maritime security are high, and NATO is determined to help protect its Allies from any possible threats at sea. Courtesy of NATO and YouTube. Posted on Jul 10, 2016.)


  • Alongside the previously mentioned maritime hybrid threats is the vulnerability to adversary disinformation campaigns aimed at eroding internal and regional trust by creating a false counter narrative.
  • These disinformation campaigns across the media spectrum can bring into question the intentions and activities of friendly maritime security forces and their governments, not just in other countries but at home among their own people.

Strengthening Maritime Governance to Counter Hybrid and Transnational Threats 

The answer to these assaults on governance is resilient, credible, and capable governance; with deeper cooperation among public, private, and international organizational entities.

The interconnectedness of the globalized environment makes cyber defense a far more significant challenge. (Courtesy of NATO)
The interconnectedness of the globalized environment makes cyber defense a far more significant challenge. (Courtesy of NATO)

High-trust societies are much more difficult for hybrid actors to target with disinformation campaigns.

Strong public and private governance presents a credible deterrence to both hybrid and transnational threats and well governed entities are more resilient when faced with them.

In a broader sense, there are three levels of cooperation and collaboration which better enable governments and societies to deter and be more resilient to both hybrid and transnational threats:

  • A whole-of-government approach in which all agencies and ministries from national to local level cooperate and share information to reduce any gaps, seams, and vulnerabilities which can be exploited by hybrid and transnational threats.
  • A whole-of-society approach, which is similar to the whole-of-government approach, but also includes engagement with private sector, academia, and civil society stakeholders.
  • Finland’s Comprehensive Security concept is a good example of a best practice for a whole-of-society approach.
  • A comprehensive approach in which the whole society of like-minded nations works together with international organizations and entities such as NATO, EU, UN, World Bank, the private sector, and civil society, collaborating and coordinating to face these challenges together.9

(Learn More. Hear keynote address by NATO Deputy Secretary General Rose Gottemoeller at the German Marshall Fund – Microsoft event on Countering Hybrid Threats. Courtesy of NATO News and YouTube. Posted on Feb 15, 2018.)

Seeking to focus on governance, instead of looking at hybrid and transnational threats primarily through a military lens, does not exclude a role for military capabilities.

Rather, it puts these threats into a perspective which more closely matches each nation’s own legal authorities and frameworks.

Given the nature of these threats, the first to detect and respond are most likely to be civilian entities (both public and private), which may require varying degrees of military capabilities to provide support.

This is especially important since no government can afford to pay for the same capabilities twice.

In the event of a situation possibly escalating, close civil-military cooperation and interoperability is necessary to ensure a measured and appropriate response with all instruments of national and international influence available.

Courtesy of the U.S. NAVY
Courtesy of the U.S. NAVY

For this reason, comprehensive and whole-of-society tabletop exercises (TTX) and scenario-based discussions on hybrid and transnational threats are vital to building trust and interoperability, while also identifying and closing any gaps and vulnerabilities in our legal and procedural frameworks.

At the same time, the ability to counter maritime hybrid threats can be assisted by optimizing the use of existing systems and arrangements such as EUROSUR and Frontex’s European Patrols Network (EPN).

In addition, new ways should be explored to leverage the expertise and capacity building efforts of the NATO Cooperative Cyber Defense Centre of Excellence, the NATO Maritime Interdiction Operations Training Center (NMIOTC), and the European Centre of Excellence for Countering Hybrid Threats (Hybrid COE).

Emerging Requirements to Counter Maritime Hybrid Threats

As recent history has shown us, these vulnerabilities point to a new list of emerging requirements in order to deter and counter maritime hybrid threats:

  • A review of national legal frameworks and the rules of engagement for maritime security forces to ensure they are sufficient and appropriate to the task of deterring and countering maritime hybrid threats.
  • A national and EU-wide foreign investment screening process for critical infrastructure and sensitive technologies.
  • The ability to operate in and regain control of contested commercial spaces.
  • The ability to differentiate clandestine hybrid threat vessels from other commercial and privately owned vessels.
  • The ability to operate in and regain control of contested cyberspace.
  • The ability to detect and attribute hybrid threats on shore and at sea.
  • The ability to operate quickly and decisively in a contested public information environment.
  • The need for whole-of-government, whole-of society, and comprehensive approach tabletop exercises and scenario-based discussions to develop deeper cooperation and information sharing between public and private entities.

Through meeting these new requirements, strengthening public and private governance, and seeking deeper and broader cooperation among institutions, nations, and civil society, we can turn globalization and our greater interconnectedness from a vulnerability into an advantage.

(Hundreds of delegates gathered in February to discuss global issues at the Munich Security Conference (MSC), bringing together more than 450 senior decision-makers from around the world, including heads of state, ministers, leaders of international and non-governmental organizations, as well as high-ranking representatives of industry, media, academia, and civil society, to engage in a debate on current and future security challenges. Courtesy of NATO and YouTube. Posted on Feb 21, 2018.)

Chris Kremidas-Courtney currently serves as the Multilateral Cooperative Engagement Coordinator for U.S. European Command (EUCOM). His next assignment will be as Director of Training and Exercises at the Hybrid Center of Excellence in Helsinki. He regularly publishes articles in European journals on countering hybrid and transnational threats and is a facilitator and course designer for NATO Comprehensive Approach seminars throughout Europe. His views are his own and do not represent the opinion of the U.S. Government or EUCOM. Chris can be contacted through his LinkedIn page.


1. Joint Declaration of the President of the European Council, the President of the European Commission and Secretary General of the North Atlantic Treaty Organization, December 5, 2017

2. Kremidas-Courtney, Christopher, Russia and China take the lead in hybrid warfare while West struggles to respond, Europe’s World, September 2017.

3. Shea, Jamie, Resilience: a Core Element of Collective Defence, NATO Review, 2016

4. Jones, Kevin D, Maritime Cyber Threats, Presentation at NMIOTC Annual Conference, June 2015.

5. Milne, Richard, Maersk CEO Soren Skou on Surviving a Cyber Attack, Financial Times, August 13, 2017

6.  Incertis, David, Risks and Interdependencies in the LNG supply chain, Presentation at NMIOTC Annual Conference, June 2015.

7.  Sunak, Rishi, Undersea Cables: Indispensable, Insecure, Policy Exchange, 2017

8. Khurana, Gurpreet S., Maritime Dimension of Hybrid Warfare – The Indian Context, National Maritime Foundation, Dec 28 2017

9. NATO Defense College (2011), NATO Comprehensive Approach Awareness Seminar, Course Guide

Original post