Full-scale war is both an expensive and very risky tool for gaining control of another country. Hybrid threats, on the other hand, with everything from smear campaigns to cyberattacks, are much-used alternatives, and put businesses, authorities and other organizations at the risk of being used as game pieces. But there are two effective ways to reduce the risk of your business being exploited.
Disrupting essential transportation, making people doubt their elected officials through social media smears, knocking out a substation so people become scared and lose heating in their homes — all of that, and much, much more are attacks related to the hybrid threat concept.
“Hybrid threats are a combination of physical, cognitive and technological means of action,” says Björn Palmertz at the Centrum for Cybersecurity at RISE.
“Using military capabilities is expensive and risky, but targeting a society via hybrid threats with thousands of small individual attacks that are difficult to connect to an entity, can in the long run be effective if you want to destabilize a country.”
Difficult to see the big picture
Above all, it can be effective because it does not occur in a clear, large-scale attack that can lead to the population understanding the threat, rallying and fighting back, as has happened in Ukraine.
“When you don't attack openly but rather through all those small, varied and difficult-to-identify attacks on authorities, businesses and other organizations, it becomes very difficult to realize what's going on. The only way to see the big picture and understand what is happening is to improve your knowledge and collaborate.”
Work preventively and together
Because even though hybrid threats risk spreading fear and problems, there are two good ways to protect yourself from it: working preventively and doing this together.
“It's very difficult to counter hybrid threats when they've already been implemented because there is rarely a clear enemy to fight back against. The anonymity of the Internet, the amount of information disseminated there daily and the possibility of using intermediaries complicates matters. It is thus very important with preparation to create the requisite capability and resilience in organizations in ample time.”
It is in the gaps between areas of responsibility that it is easiest to penetrate, and through collaboration we can close those gaps
Collaboration a key
But resilience must also be established between different authorities, businesses or other organizations, and this is best accomplished through collaboration.
“It is in the gaps between areas of responsibility that it is easiest to penetrate, and through collaboration we can close those gaps.”
This means that an important part of the work in combatting hybrid threats is to identify other important stakeholders, contact them and start talking. This increases the chances of detecting major attacks that could otherwise have passed under the radar.
“It's partly because you can then make joint preparations by, for example going over roles, contact lists and how to report. But also to conduct regular training and exercises.”
There can sometimes be a tendency to keep quiet about attacks when they are detected, but Björn Palmertz believes that this can play into the hands of the perpetrators.
“If, for example, several companies transporting food are hit by cyberattacks or other critical disruptions, but no one says anything, it will be understood far too late on the national level that a widespread attack on society is underway and appropriate counter actions will not be able to be taken.”
Breadth and deep expertise at RISE
One of the entities that can be good to contact in this work is RISE.
“Hybrid threats span a vast breadth of activities, and the special thing about RISE is that we do too. We have experts in everything from technology and infrastructure to behavioural science, and work with both the private and public sectors, nationally and internationally. Because we have a large network throughout society, we can make our expertise available and connect your organization with the right stakeholders.
“In our cyber services, w are involved in EU projects such as HYBNET and we arrange courses in cybersecurity designed both for board and management teams and developers,” says Björn Palmertz.
RISE can provide support no matter how far your organization has advanced when it comes to protecting itself against hybrid threats.
“We can assist throughout the process, with everything from the orientation and planning phases to the very practical or technical aspects. We have staff that can contribute all along the way, who are used to working in both unclassified and classified projects, and who can provide an outside perspective on your business's specific needs.”
Koordinator, Centrum för cybersäkerhetContact Björn