Sage Journals: Discover world-class research

Abstract

After more than 75 years, NATO continues to adapt to an evolving security landscape. Established in the aftermath of World War II, NATO’s original purpose was to counter the threats posed by the Soviet Union. However, following the Cold War’s conclusion in 1991, NATO reinvented itself, expanding its mandate to address hybrid threats from both state and non-state actors. As this paper argues, NATO has made significant strides in responding to hybrid threats. It has developed a dedicated strategy, reformed its structures, increased support to its Allies, and pursued enlargement. Despite these efforts, setbacks remain, which could undermine its deterrence posture. This article aims to understand NATO’s adaptation to hybrid threats and propose a roadmap for the necessary reforms. The 2022 Russian large-scale invasion of Ukraine has transformed hybrid threats from a looming menace into a direct challenge for NATO and its Allies, underscoring the need for further adaptation in the Alliance’s approach.

Keywords

NATO hybrid threats war in Ukraine adaptation collective defence transatlantic security

Introduction

The 21st century has brought an unprecedented challenge for the North Atlantic Treaty Organisation (NATO). Conflicts are shifting away from the traditional forms witnessed during the Second World War and the Cold War, with purely military aggression increasingly resembling a relic of the past. The traditional “instruments of power” – diplomatic, informational, military, and economic – have been expanded by the addition of more sophisticated tools such as financial, intelligence, and law enforcement capabilities, collectively referred to as DIME-FIL (Ti, 2021). Modern conflicts encompass a wide range of hybrid means, extending beyond conventional military activities.

The globalisation process in the modern world further facilitates hybrid threats, magnifying their impact. States interact through a complex web of international organisations, creating a normative web of relations (Wessel, 2016). They are economically interdependent, relying on third parties for raw materials and energy supplies, which fosters a global trade ecosystem. Political responses are increasingly defined within informal groupings, such as the European Political Community, the G7, and the Ramstein Group.

NATO holds a pivotal role in addressing the challenges of this evolving security environment. Established on 4 April 1949 by 12 founding members – including Belgium, Canada, France, and the United States – NATO stands as a monument to the Western commitment to freedom and peace after the devastation of the Second World War (NATO, 1949). Nevertheless, hybrid threats increasingly challenge NATO’s core mission as a defensive alliance against autocracy and aggression. Revisionist powers have extended strategic competition across all dimensions of power, “violating principles of sovereignty, exploiting ambiguity, and deliberately blurring the lines between civil and military goals” (Summary of the US National Defence Strategy, 2018). Ukraine has explicitly recognised Russia’s use of hybrid warfare as a tool to reassert influence over the former Warsaw Pact territories, systematically employing a blend of political, economic, informational, cyber, and military strategies (National Security Strategy of Ukraine, 2020). As a result, countering hybrid threats has ascended to the top of NATO’s agenda, given their destabilising impact on the North Atlantic area and their role in exacerbating the complexities of the international security landscape (North Atlantic Treaty, 1949). Furthermore, the ongoing shift from unipolarity to multipolarity provides fertile ground for the proliferation of hybrid attacks (Zambakari, 2023).

This article aims to explore how NATO has adapted diachronically to hybrid threats and to develop a roadmap for reforms to address gaps in its adaptation process. Shedding light on the urgency of hybrid threats to transatlantic security, it argues that NATO has been compelled to evolve in order to maintain its position as “the most successful Alliance in the history, most long-lived Alliance in the history” (NATO’s outlook towards 2030 and beyond, 2021; Clark, 2024; Michael et al., 2011).

Through its adaptation process, NATO has encountered critical inflection points, such as the 2001 terrorist attacks by Al-Qaeda and Russia’s illegal annexation of Crimea in 2014. However, this article argues that Russia’s full-scale invasion of Ukraine on 24 February 2022 revealed the direct challenge posed by hybrid threats to transatlantic security. Examples of the hybrid tactics employed by Russia against Ukraine and NATO include trade embargoes, energy warfare, disruptions to logistics and maritime transit, and the weaponisation of immigration.

This article is structured as follows. The second and third sections address the academic relevance and theoretical underpinnings of NATO’s adaptation to hybrid threats. Section four outlines the methodology and evaluation parameters employed. The fifth section provides a detailed analysis of NATO’s response to hybrid threats. The sixth section critically assesses NATO’s adaptation, highlighting both its strengths and limitations. The article concludes by summarising key findings and offering insights into recent developments that will shape NATO’s future challenges in combating hybrid threats.

A relevant debate: NATO’s adaptation to security threats

NATO’s efforts to counter hybrid threats can be understood through the lens of adaptation. Adaptation is the process by which an entity reconfigures or adjusts itself in response to its engagement with one or more external objectives (Corrigan, 2017). Over time, as the international security landscape has evolved, NATO has transitioned from its original focus on traditional military defence to addressing a broader spectrum of integrated security challenges. Established in 1949 to counter the threat posed by the Union of Soviet Socialist Republics (USSR), NATO has since fundamentally transformed, especially following the dissolution of its primary adversary (Blokker, 2019).

From a realist perspective, “alliances should not outlive the threats they were created to address” (Wallander, 2000). Waltz (1979). Similarly argued that when the threat underpinning an alliance’s raison d’être disappears, the logical outcome would be the alliance’s dissolution. This perspective led many scholars to predict NATO’s decline following the end of the Cold War (Mearsheimer, 1990; Waltz, 1993). However, NATO remains alive and relevant 75 years after its founding, including more than 30 years since the collapse of the Soviet Union. Despite concerns about its “diminished potential for effectiveness” in the face of changing circumstances (Menon and Welsh, 2011), NATO has demonstrated resilience. It has expanded its membership from 16 to 32 states, conducted seven rounds of enlargement, reaffirmed its commitment to collective defence under Article five of the North Atlantic Treaty (NAT), and evolved into a unique transatlantic forum for consultation tying North America and Europe.

NATO’s adaptive capacity is not entirely unique among international organisations. As noted by the 2015 American Society of International Law, international organisations generally exhibit considerable ability to adapt to changing environments (Adapting to Change: The Role of International Organizations, 2015). Institutional theory further suggests that security institutions, in particular, persist over time because they serve multiple purposes beyond merely deterring external threats. These include managing uncertainty, addressing instability, and fostering cooperation among members (Wallander, 2000). De Wijk (1997:150) argues that NATO’s survival is largely attributable to its entrenched bureaucracy, observing that “extensive bureaucracies do not generally disappear; instead, they undergo functional transformations driven by changing circumstances”. Legally, NATO operates with a relatively lean institutional framework, with only the North Atlantic Council explicitly foreseen and tasked to establish “subsidiary bodies as may be necessary” under Article 9 NAT. Today, NATO has evolved into a robust institutional structure, featuring 21 subsidiary committees, along with the NAC, the Nuclear Planning Group (NPG), and the Military Committee (MC), all of which play key roles in decision-making.

Other international organisations have also adapted to changing circumstances, often revising their mandates, institutions, and legal frameworks. For instance, the Organisation for European Economic Cooperation (OEEC) became the Organisation for Economic Co-operation and Development (OECD) in 1961. The European Coal and Steel Community (ECSC) evolved into the European Union (EU), and the Conference on Security and Co-operation in Europe (CSCE) transformed into the Organisation for Security and Co-operation in Europe (OSCE) in 1994, expanding its mission and acquiring permanent institutions (Charter of Paris, 1990). NATO, however, stands out for its capacity to adapt to new challenges without amending its founding treaty.

To date, NATO has undergone at least three major phases of adaptation, each guided by updates to its Strategic Concepts – NATO’s most important guiding documents after the Washington Treaty (Deterrence and Defence in the XXI century, 2021). Established in 1949 as a self-defence organisation, NATO’s primary mission was to ensure deterrence and collective defence under Article 5 NAT, exemplified by the principle “one for all, all for one”, in response to threats from the Warsaw Pact.

The first major phase of adaptation occurred in the early 1990s, following the dissolution of the USSR and the fall of the Berlin Wall. In response to the transformed geopolitical landscape, NATO shifted its focus to cooperative security, which included the integration of former Warsaw Pact members. This transition was framed under the innovative label of “NATO’s Open Door Policy” (NATO’s Open Door Policy, 1999). During this period, NATO also launched initiatives such as the Partnership for Peace (Partnership for Peace, 1994) and a tailored NATO-Russia agreement (Founding Act, 1997).

The second phase of adaptation began in the aftermath of the 9/11 terrorist attacks in 2001, marking a turning point in the Alliance’s operational focus. NATO shifted its priorities towards crisis management and prevention, with an emphasis on launching expeditionary missions beyond its traditional territorial boundaries. During this period, NATO undertook several out-of-area operations – often referred to as non-Article five operations – transitioning its military focus from internal security to addressing external threats. Notable missions included peacekeeping and stability operations in Afghanistan, the Mediterranean, the Horn of Africa, Bosnia, Macedonia, Pakistan, Iraq, and Libya.

The third and current phase of NATO’s adaptation began in 2014 with Russia’s illegal annexation of Crimea. This event prompted NATO to return to its Cold War roots as a self-defence organisation, reaffirming its commitment to safeguarding the sovereignty and integrity of its member states under Article 5 NAT. However, this renewed focus on collective defence has been challenged by a “complex” security environment characterised by blurred lines between peace and war, the emergence of new weaponry – including Emerging and Disruptive Technologies (EDTs) – and the hybridisation of threats that blend conventional and non-conventional warfare methods (Mercier, 2018). The culmination of these evolving threats can be seen in Russia’s full-scale invasion of Ukraine in 2022, a conflict that has further tested NATO’s capacity to adapt. As Ionita (2023) describes, Russia’s 2022 illegal invasion of Ukraine represents a “strange war” due to its unique combination of conventional military tactics and hybrid warfare approaches. NATO’s ongoing evolution highlights its capacity to adapt to shifting security challenges, maintaining its relevance in an increasingly complex and unpredictable world.

Conceptual framework: Understanding hybrid threats

Hybrid threats have emerged as a key component of contemporary warfare, yet they remain ambiguously defined. The term was coined by US military official Frank Hoffman in his 2007 famous work Conflict in the 21st Century: The Rise of Hybrid Wars to describe the evolving nature of post-Cold War conflicts (Hoffman, 2007). It was introduced as a more nuanced alternative to terms like “new wars”, “asymmetric warfare”, and “fourth-generation warfare”, which were deemed insufficient for explaining the changing landscape of conflict (Berdal, 2011:109-10). Hoffman (2007:29) defined hybrid threats as a combination of conventional capabilities, irregular tactics, terrorism, and criminal disorder, all strategically “coordinated within the main battlespace to achieve synergistic effects”. However, after Russia’s annexation of Crimea in 2014, the term has become increasingly diluted and its meaning has broadened, leading to a wide range of interpretations. As a result, hybrid threats now lack a universally accepted analytical definition.

While some argue that a precise, unified definition may be unattainable (Wijnja, 2021), the rapid rise of these threats has compelled academics and international organisations to offer various conceptual frameworks. Mark Galeotti (2016b:7), for instance, defines hybrid threats as “a style of warfare that combines the political, economic, social and kinetic in a conflict that recognizes no boundaries between civilian and combatant, covert and overt, war and peace”. Other scholars, such as Lonardo (2021), emphasise the tools used in hybrid warfare, which include disinformation, hostile foreign subsidies, cyberattacks, and lawfare. Papadimos and Stawicki (2021:92) further define hybrid threats as a coordinated and extended attack on an adversary’s vulnerabilities, incorporating everything from “movement of conventional forces, nuclear weapon threats, energy and economic intimidation, disinformation, propaganda, cyber disruption and destabilization”.

International organisations have also sought to define hybrid threats. The European Union describes hybrid campaigns as “multidimensional, combining coercive and subversive measures, using both conventional and unconventional tools and tactics” that are difficult to detect or attribute, designed to exploit critical vulnerabilities and create confusion (EEAS, 2018). Similarly, the European Parliament Research Service views hybrid threats as a complex phenomenon arising from the “convergence and interconnection of different elements, which together form a more complex and multidimensional threat”. In contrast, NATO places greater emphasis on the non-conventional aspect, characterising hybrid threats as those that combine “conventional and non-conventional means adaptively in pursuit of their objectives” (Strategic Concept, 2010).

Amidst these varying definitions, scholars have increasingly shifted their focus towards exploring how hybrid threats exploit state vulnerabilities, rather than fixating on a single, unified definition (Hickman et al., 2017; Papadimos and Stawicki, 2021). Despite the lack of consensus on a formal definition, several core attributes of hybrid threats can still be identified.

Hybrid threats are characterised by their ambiguity, as they typically operate below the threshold of war. This ambiguity has been defined as “hostile actions that are difficult for a state to identify, attribute, or publicly define as coercive uses of force” (Mumford and McDonald, 2014). Hybrid threats blur the lines between war and peace, as well as the boundaries that mark the beginning and end of conflict. This fluidity is reflected in Sweden’s strategic doctrine, which envisions the nature of wars over a 20-year horizon, incorporating the inherent ambiguity of hybrid threats (Militärstrategisk doktrin, 2016). Similarly, Herța (2017) posits that in the fourth generation of warfare, the distinctions between war and peace will become entirely indiscernible. By remaining below the conventional war threshold, hybrid threats undermine the decision-making processes of democratic states, delegitimising their political and military responses.

Ambiguity is not merely a characteristic of hybrid threats; it is a deliberate strategy central to their logic. Autocratic states, for example, use hybrid tactics to deliberately avoid triggering conventional warfare, which would provoke a decisive political or military response from the targeted state – a concept often referred to as “deniability”. By creating and exploiting undefined “grey zones”, these states leverage ambiguity to confound and destabilise their adversaries, making effective responses exceedingly difficult.

Closely linked to ambiguity is the lack of accountability associated with hybrid threats. The Articles on Responsibility of States for Internationally Wrongful Acts (ARSIWA, 2001:Article 2), which codify rules of customary international law, define internationally wrongful acts as actions or omissions that are both attributable to a state and constitute breaches of its international obligations. However, identifying the state of origin behind a hybrid threat is insufficient to establish legal responsibility. Two key challenges arise in this context. First, ARSIWA applies solely to states, excluding non-state actors from direct accountability for hybrid threats. While this creates an international legal vacuum for non-state actors, the national criminal law of the victimised state could, in principle, fill this gap (De Wet, 2019). Second, identifying the aggressor state remains a formidable challenge in practice. By operating in the “grey zones” of international relations, aggressor states obscure their involvement, employing tactics designed to evade attribution and elude the framework of international responsibility rules.

Hybrid threats are unfamiliar to traditional strategic thinking, as they subvert the conventional dichotomy between “conventional” and “non-conventional” warfare. These threats allow aggressors to seize control of a targeted state without firing a shot, departing from the traditional military practice of kinetic confrontations. Hybrid threats often go unnoticed by Western states, partly due to their reliance on real-time operational control and exploitation of informational asymmetries (Nye, 1990). By extending conventional warfare through robotics, technology, asymmetric operations, and an emphasis on information and cognitive warfare, hybrid threats remain largely outside the scope of traditional military doctrines. Moreover, they blur the boundaries of the battlefield by operating on multiple levels simultaneously. Rather than focusing on the destruction of material military capabilities, hybrid threats target decision-making processes and public perceptions, emphasising the cognitive and psychological dimensions of warfare. This contrasts with the Western focus on the hardware of war, where tangible destruction has traditionally defined successful aggression. Hybrid threats, by comparison, are far cheaper and require significantly fewer financial resources than conventional military campaigns (Aver’yanova, 2018).

Unlike traditional wars, hybrid threats disregard international law – the framework democratic states rely upon to distinguish war from peace in conflict scenarios. This creates the risk of a “permanent war”, marked by constant escalations without a formal declaration of war (Loishyn et al., 2021:18). Hybrid threats encompass a variety of legal actions, such as asserting territorial self-determination, engaging in heavy diplomatic investments in third countries, or declaring independence for regions within sovereign states. While these actions may not be unlawful per se, their consequences often violate international law (Hickman et al., 2017:37). This calculated exploitation of legal loopholes – referred to as the “instrumental use of law” – offers an ostensibly lawful narrative while deliberately distorting established legal principles. Such tactics undermine the foundations of the post-World War II international rules-based order as codified in the United Nations (UN) Charter, including principles of sovereignty, territorial integrity, and independence. For instance, Russia has been identified as a leading actor in leveraging legal arguments to justify hybrid threats (Janičatová and Mlejnková, 2021:313), seeking to reshape the legal framework of European security through new opinio juris claims. Similarly, in the Middle Eastern conflict, Hamas has used Palestinian civilians as human shields for military targets, a strategy that weakens international support for Israel’s government and distorts the legal implications of such conflicts (Sari, 2020:11).

Hybrid threats often involve preparatory actions that mask their aggressive intent. Such actions may include crafting legal justifications for armed attacks, instigating non-violent protests, or launching cyberattacks. For instance, in 2021, Belarus and Russia employed migrants as “human bullets” against Lithuania by orchestrating a mass movement of irregular migrants across its borders (Mestre, 2021). Similarly, in the case of Russia’s large-scale invasion of Ukraine in 2022, the Kremlin invoked allegations of “denazification” and the self-determination of Russian-speaking communities in Ukraine to rationalise its actions under the guise of international law.

At a strategic level, hybrid threats are inherently polymorphous, integrating both military and non-military means – commonly categorised under the MPECI framework: military, political, economic, civilian, and informational. These diverse methods enable aggressors to obscure or deny their involvement (Loishyn et al., 2021:18). Galán (2018:3) expands this conceptualisation by including scientific and diplomatic instruments, arguing that virtually any contemporary threat has the potential to evolve into a hybrid threat. This dynamic was notably articulated by Gerasimov, who analysed the Syrian conflict to demonstrate how hybrid threats employ minimal armed force while undermining military and economic capacities, exerting cognitive and informational pressure – often through sabotage – and actively supporting internal political opposition (Loishyn et al., 2021:16). Other scholars emphasise the reliance of hybrid threats on specialised knowledge, advanced technologies, intelligence tools, and even tactics and methods traditionally associated with terrorism (Loishyn et al., 2021:17). Russia’s illegal annexation of Crimea in 2014 exemplifies the sophisticated use of these instruments. Russia deployed unidentifiable troops – referred to colloquially as “little green men” – in unmarked uniforms and masks who refused to disclose their affiliation. This approach was further bolstered by a denial strategy, disavowing direct or indirect military involvement, and by the spread of disinformation. These tactics enabled Russia to orchestrate the occupation of Crimea while leaving Europe disoriented and global public opinion uncertain. By operating below established red lines, Russia made a Western military response appear irrational or disproportionate to the public, effectively neutralising opposition and achieving its objectives with minimal resistance.

Hybrid threats have fundamentally redefined the objectives of modern warfare. The primary aim is no longer territorial acquisition or the extraction of physical resources, such as minerals, but rather the creation of chaos and instability within the targeted territory. This shift underscores the emphasis on the psychological and cognitive dimensions of warfare. Various scholars argue that the essence of hybrid threats is not the physical destruction of an opponent’s military capabilities but the imposition of political will on the population through information warfare (Loishyn et al., 2021:17-9). This psychological layer frequently involves the projection of a narrative of “liberation”, crafted to influence public perception and undermine the legitimacy of the state (Loishyn et al., 2021:17). Increasingly, hybrid strategies prioritise the theft of technological innovations and intellectual assets, reflecting a shift away from traditional resource-based conflicts (Harari, 2018).

Hybrid threats are inherently autocratic, as they align closely with the centralised modus operandi characteristic of autocratic regimes (Carment and Belo, 2020:21). The concentration of power within a single party or a limited circle of elites – such as in Russia and China – facilitates the seamless coordination and exploitation of the entire spectrum of military and non-military instruments. These include government agencies, state-controlled media, economic tools, and even private entities, all directed towards achieving strategic political objectives. One stark illustration of this dynamic is China’s “Three Warfares” doctrine, which encompasses public opinion warfare, media warfare, and lawfare. This strategy highlights the autocratic advantage in hybrid operations, as observed by the US Department of Defence: “[China’s] Three Warfares is challenging for the US because it is a concept executed by an organization (the General Political Department) that has no analogue in the US” (Halper, 2013:381). In contrast, Western democratic societies face inherent challenges in countering such threats due to their decentralised structures. Power in democracies is dispersed across multiple institutions, with independent media and an active electorate serving as critical checks on government power. This openness, a hallmark of democracy, also renders these states more vulnerable to hybrid threats, such as disinformation campaigns. These campaigns can exploit societal divisions, erode public trust in institutions, and weaken the very foundations of democracy. Additionally, law-abiding states are constrained by their commitment to international law and democratic values, which require measured and legal responses to hybrid aggression. These constraints can place democracies at a disadvantage when responding to autocratic adversaries, who face no such limitations and can act unilaterally and ruthlessly to achieve their objectives (Gaiser, 2020).

Hybrid threats function as a synchronised and multi-faceted force multiplier, operating along horizontal and vertical axes. Their greatest strength lies not only in the diverse combination of instruments they employ but in the synchronised and coordinated execution of these tools, a capability significantly enhanced by modern technology (Bērziņš, 2014). The Swedish CATS think tank categorises hybrid warfare into three interconnected stages that often act as precursors to conventional military actions: active measures, information operations, and hybrid operations (Nicander and Arnevall, 2015). Hybrid threats escalate in two distinct ways. Vertically, they increase or decrease intensity through actions such as shifting from low-level disinformation campaigns to overt military provocations. Horizontally, they coordinate the use of diverse instruments of power across domains, synchronising efforts across military, political, economic, civilian, and informational (MPECI) spheres. This horizontal escalation allows aggressors to exploit vulnerabilities by targeting multiple domains simultaneously. These vulnerabilities are further analysed through the PMESII framework (political, military, economic, societal, informational, and infrastructure), which identifies critical weaknesses in a state’s operational systems. Modern hybrid threats further expand the traditional PMESII model to incorporate additional domains such as cyber spaces, intelligence, legal frameworks, space operations, and public administration – collectively referred to as PMESII+.

Hybrid threats typically avoid adhering to a linear trajectory. A phase of vertical escalation may be followed by de-escalation, or vice versa, with horizontal manoeuvres often taking precedence. These threats can escalate horizontally without evolving into a full-scale armed attack, thereby preserving their inherent ambiguity. This tactic is particularly prevalent during preparatory battle phases, where autocratic states may orchestrate non-violent protests or initiate cyberattacks to destabilise the targeted state while maintaining plausible deniability. A prime example is Russia’s hybrid war against Ukraine in 2014. The campaign began with the strategic escalation of anti-government protests, which gradually developed into an armed civil conflict aimed at undermining Ukraine’s government and creating conditions for external intervention by Russia (Loishyn et al., 2021:16).

Hybrid threats have undergone significant evolution, transitioning from a phenomenon primarily associated with non-state actors to one increasingly dominated by state-centric actors. Initially, hybrid threats were largely linked to non-state entities such as parastatal organisations, paramilitaries, proxies, and terrorist groups, often acting under foreign influence. Between 2002 and 2013, the term referred specifically to the growing battlefield sophistication of non-state actors like the Taliban, Al Qaeda, or Hezbollah (Renz, 2016). Unlike non-state actors, states possess the full range of MPECI tools – military, political, economic, civilian, and informational – to exert pressure on their targets. This allows states to escalate conflicts both vertically and horizontally without the significant financial or operational limitations faced by non-state actors. Nevertheless, the methodologies employed by states and non-state actors overlap considerably. Both rely on the synchronised application of diverse instruments of power to exploit vulnerabilities within their targets, blurring the distinctions between the two in terms of tactics and strategy.

Hybrid threats have faced substantial criticism on three primary fronts, stemming from their conceptual characteristics.

First, hybrid threats are not fundamentally new. Their origins trace back to the early 21st century, with antecedents in older military concepts such as asymmetric and irregular warfare. Senchenko argues that conventional warfare has always encompassed the full spectrum of power instruments (Loishyn et al., 2021:18). Similarly, Weissmann (2019:19) describes hybrid warfare as “old wine in new bottles”, representing an evolution of preexisting strategies rather than a novel concept.

Second, hybrid threats are often criticised for their vagueness, with detractors claiming they risk becoming a catch-all term. This lack of analytical precision reduces the concept to an untestable “war-winning formula” or an overly expansive strategic idea comparable to grand strategy itself (Galeotti, 2016a; Preble, 2024). While the prominence of hybrid threats as an analytical framework grew after Russia’s annexation of Crimea in 2014, it has been predominantly embraced in Western academic circles. Russian analysts, on the other hand, dismiss the concept. Ruslan Pukhov, for instance, regards it as a Western propaganda device, asserting that “any attempt to define it ends with the conclusion that there really is nothing very new in the idea” (Renz, 2016:4).

Third, hybrid threats remain insufficiently regulated by law. From an international legal perspective, hybrid threats fall under Article 2 (4) UN Charter, which prohibits the use of force except in cases of self-defence or with UN Security Council authorisation (Charter of the United Nations, 1945). Article 2 (7) UN Charter further restricts UN intervention in domestic matters. Additionally, UN General Assembly Resolution 2625 (XXV) includes safeguards against aggression propaganda, support for irregular forces, or actions of civil strife (UN General Assembly, 1970). Yet, these frameworks primarily address conventional warfare and are inadequate for countering hybrid threats, which evade traditional definitions of attack and exploit “grey zones”. This ambiguity complicates effective retaliation and the invocation of self-defence obligations. Hybrid threats also involve lawfare, wherein autocracies manipulate legal norms to disseminate disinformation, feign compliance, and subvert democratic systems. While the Geneva Conventions address jus in bello in conventional wars, they lack provisions to manage the intricacies of hybrid conflicts (International Committee of the Red Cross, 1949).

From a comparative national viewpoint, responses to hybrid threats also vary widely. Ukraine, for example, lacks a clear definition of hybrid threats in its “On National Security” law, and its National Security Strategy mentions the term only twice. Similarly, the United States’ new National Security Strategy avoids using the term “hybrid”, instead referencing broader concepts such as “asymmetric threats” and “transforming warfare” (US National Securoty Strategy, 2022). In contrast, Germany explicitly identifies hybrid threats in its 2023 National Security Strategy, highlighting the necessity of international cooperation to address them (Germany’s National Security Strategy, 2023). France also prioritises hybrid threats in its 2022 National Strategic Review, dedicating Strategic Objective nine to combating the “phenomenon of globalised hybrid warfare” (France’s National strategic review, 2022).

Methodology

This section outlines the methodological framework adopted in this article, explaining the rationale for the selected methods, the benchmarks guiding the analysis, and the process for data collection and evaluation.

Documentary analysis and law-in-context

Documentary analysis is a systematic method of reviewing and interpreting documents to extract meaningful insights (Bowen, 2009). Merriam and Tisdell (2016) define “documents” broadly to include written, visual, and multimedia sources such as books, photographs, videos, and institutional records. However, for the scope of this article, documents primarily consist of written texts: official NATO reports, strategic documents, policy papers, speeches, academic articles, and media publications.

Document analysis is particularly well-suited for this research for two reasons. First, it provides access to stable, unaffected data that is not subject to the researcher’s influence, as can occur with other qualitative methods such as interviews or participant observation (Merriam and Tisdell, 2016). As Morgan (2021) states, documentary research allows researchers to “gain access to the best source of data for completing a project”. Second, documentary research offers both descriptive and evaluating capabilities (Braun and Clarke, 2013), making it ideal for this article’s purpose to explore NATO’s adaptation to hybrid threats and provide a possible roadmap. By allowing access to key institutional texts, it provides insights into NATO’s legal and strategic evolution.

The Law-in-Context approach complements this analysis by examining legal norms within their broader geopolitical and institutional environments. This method contextualises NATO’s foundational treaty, policies, and strategic decisions, highlighting how legal structures influence its practical responses to hybrid threats. By integrating legal analysis with documentary research, this methodology captures the interplay between NATO’s formal obligations and its operational strategies in adapting to hybrid threats.

Operationalising NATO’s benchmarks

To guide the evaluative phase, this research employs three core benchmarks: strategy, responsiveness, and focus. These criteria will be used to identify both strengths and weaknesses in NATO’s adaptation to hybrid threats and will provide the foundation for recommendations aimed at enhancing NATO’s capacity to address hybrid threats.

Strategy defines the coherence of NATO’s strategic responses to hybrid threats. This includes assessing the capacity of NATO to integrate hybrid threats into its strategic documents and overall security framework.

Responsiveness refers to NATO’s ability to act swiftly in the face of hybrid threats, reflecting the agility of NATO’s organisational structure to take rapid actions against a fast-moving threat. Key indicators include the speed of decision-making, military mobilisation, and timeliness of responses.

Focus examines how well NATO prioritises its efforts to address the most critical hybrid threats. The evaluation explores whether and to what extent NATO allocates financial resources and concentrates its efforts on hybrid threats.

Type of data and two-phase approach

The study employs both primary and secondary sources, selected and evaluated according to four criteria: authenticity, credibility, representativeness, and meaning (Flick, 2018; Kridel, 2015).

Authenticity ensures that documents are genuine and reliable (Dunne et al., 2016). Priority is given to official NATO publications such as strategic concept documents, summit declarations, communiqués, and annual reports. These are verified for authorship, source reliability, and publication context.

Credibility assesses the accuracy and trustworthiness of a document’s content (Dunne et al., 2016). NATO’s institutional narratives are balanced with critical perspectives from peer-reviewed articles and independent analyses to ensure objectivity. Triangulating multiple sources enhances the robustness and objectivity of the analysis (Bowen, 2009).

Representativeness ensures that the selected documents reflect a broad and comprehensive view of NATO’s actions (Kridel, 2015). Institutional documents, though authoritative, may not capture all perspectives or on-the-ground realities. To address this, this research supplements official NATO publications with policy papers and media reports.

Meaning pertains to the significance of a document’s content and how it relates to broader strategic and security contexts (Kridel, 2015). Documents are analysed within the broader geopolitical context, linking NATO’s official strategies to real-world challenges and emerging hybrid threats.

The methodology of this paper follows a two-phase structure. First, the descriptive analysis. This phase focuses on documenting NATO’s adaptation strategy to hybrid threats. It involves extracting data from official and academic sources to provide a systematic account of NATO’s actions, priorities, and policies regarding hybrid threats. Second, the evaluative analysis. Building on the descriptive analysis, this phase critically assesses NATO’s adaptation. It identifies strengths and gaps in NATO’s current strategies, using the benchmarks of strategy, responsiveness, and focus. Based on this evaluation, the study proposes a roadmap of reforms to enhance NATO’s adaptability to hybrid threats.

NATO’s adaptation to hybrid threats

This section provides a descriptive analysis of NATO’s adaptation process in response to the rise of hybrid threats. It argues that hybrid threats have progressively shaped NATO’s policies since the early 21st century, culminating in Russia’s 2022 invasion of Ukraine. To conceptualise this evolution, the analysis identifies three diachronic pivotal stages in NATO’s adaptation to hybrid threats.

The first stage, marked by the 9/11 terrorist attacks, heightened NATO’s awareness of the dangers posed by threats that blend conventional and non-conventional methods. The second stage emerged with Russia’s illegal annexation of Crimea in 2014, which brought hybrid threats to the forefront and underscored the urgency of a clear strategic response. The third stage, Russia’s full-scale war of aggression in Ukraine in 2022, demonstrated the integration of hybrid threats into conventional warfare, demanding further refinement of NATO’s approach.

Across these stages, NATO has systematically adapted its security framework to integrate hybrid threats and develop more robust operational mechanisms to counter them.

Catalyst for change: The 9/11 terrorist attack

The terrorist attacks on the Twin Towers on 11 September 2001 marked a transformative moment in NATO’s history, often described as a “paradigm shift” (Hallams et al., 2013). This event not only precipitated NATO’s second significant adaptation – shifting from cooperative security to out-of-area operations – but also signalled a departure from traditional Cold War-era warfare, coinciding with the emergence of the concept of “hybrid threats”. Notably, the invocation of Article five of the Washington Treaty, which has only occurred once to date, has been in response to the hybrid nature of the 9/11 attacks, underscoring the evolving threat landscape.

Terrorism became the central driver of NATO’s early 21st-century adaptation to hybrid threats, recognised as a fundamental component of hybrid warfare. This recognition led to initiatives such as the establishment of the European Centre of Excellence for Countering Hybrid Threats in 2016, a joint effort by NATO and the EU (Banks and Samuel, 2019). Additionally, cyber threats were incorporated into NATO’s strategic framework, as evidenced by the 2002 Prague Summit Declaration (Prague Summit Declaration, 2002:para. 4(f)).

In this phase, NATO responded resolutely and cohesively to an “unacceptable act of violence without precedent in the modern era” (Statement by the North Atlantic Council, 2001; NATO’s Response to Terrorism, 2001). Allies swiftly equated terrorist attacks to armed attacks under the mutual defence clause, activating Article 5 NAT within 24 hours of the 9/11 attacks. NATO adopted eight measures to support US security, breaking long-standing “taboos” (NATO Public Diplomacy Division, 2006:167-74; Sadik and Yalcin-Ispir, 2023). These measures included the launch of Operation Eagle Assist, NATO’s first anti-terrorism operation, which deployed Airborne Warning and Control System (AWACS) aircraft to patrol US airspace. In the Mediterranean, NATO initiated Operation Active Endeavour, later succeeded by Operation Sea Guardian in 2016. NATO took leadership of the International Security Assistance Force (ISAF) in Afghanistan in 2003, marking its first peacekeeping operation outside Europe. ISAF was replaced by the Resolute Support Mission (RSM) in 2015, which continued until NATO’s withdrawal from Afghanistan in 2021.

The global nature of terrorism also created fertile ground for cooperation with non-NATO states. In 2002, NATO referenced “non-military and asymmetrical threats” – an embryonic acknowledgment of what would evolve into today’s hybrid threats – in the NATO-Ukraine Action Plan, which strengthened military interoperability and political consultations with Ukraine (NATO-Ukraine Action Plan, 2002). Similarly, terrorism became a foundation for NATO-Russia cooperation, establishing a mutually reinforcing partnership (NATO-Russia Relations: A New Quality, 2002). NATO and partners also endorsed a Partnership Action Plan against Terrorism (Partnership Action Plan against Terrorism, 2002).

This phase also saw a significant overhaul of NATO’s military capabilities. Over 400 enhancements were made under the Prague Capabilities Commitment, initiated in 1999 and culminating at the 2002 Prague Summit (Prague Summit Declaration, 2002:para. 4(c)). NATO created the NATO Response Force (NRF), a joint multinational force capable of rapid deployment across land, sea, and air to address a wide range of threats. Operational by 2006, the NRF could deploy 25,000 troops within 5 days for missions lasting over 30 days if resupplied (Riga Summit Declaration, 2006:para. 23). The NRF was established alongside the EU’s Headline Goal, which aimed to deploy 50,000–60,000 troops within 60 days by 2003 – a target that, despite its ambition, remains unrealised over two decades later (Helsinki European Council, 1999). The Prague Summit also introduced the Military Concept for Defence Against Terrorism, emphasising a “multi-faceted and comprehensive” approach (Prague Summit Declaration, 2002:para. 4(d)). NATO streamlined its Command and Control (2C) structure (Prague Summit Declaration, 2002:para. 4(c)), creating Allied Command Operations (ACO) in Mons, Europe, and Allied Command Transformation (ACT) in Norfolk, US. France rejoined ACT in 2009, ending its withdrawal from NATO’s integrated military command since 1966.

The 2006 Israel-Hezbollah conflict further shaped NATO’s understanding of hybrid threats. Hezbollah’s actions exemplified the complexity of hybrid warfare: a non-state actor with political significance in Lebanon, backed by Iran, engaging in conflict with a state, Israel (Biddle and Friedman, 2008). This prompted NATO to acknowledge an evolving security environment dominated by “conventional and especially asymmetric threats and risks” (Comprehensive Political Guidance, 2006). The term “asymmetric tactics” appeared in a NATO summit declaration for the first time in 2008 (Bucharest Summit Declaration, 2008: para. 15).

Nevertheless, as it is always the case with novelty, hybrid threats did not fully permeate NATO’s strategic framework from the beginning. NATO’s initial response to hybrid threats was cautious, reflecting uncertainty about their future evolution (Balcaen and Siman, 2022). The 2010 Strategic Concept omitted any direct reference to hybrid threats, maintaining a narrow focus on traditional military domains (Strategic Concept, 2010). NATO’s broader adaptation began to take shape with the 2011 Comprehensive Approach Action Plan, which integrated political, military, and civilian tools (A ‘comprehensive approach’ to crises, 2024). Revised in 2017, the Comprehensive Approach responded to an increasingly complex security landscape, emphasising civilian preparedness as a first step towards addressing the multifaceted consequences of hybrid attacks (Van Weezel, 2010).

A wake-up call: Russia’s illegal annexation of crimea

Russia’s illegal annexation of Crimea in 2014 marked a critical turning point, forcing NATO to confront hybrid threats as an immediate and tangible danger to transatlantic security (Calha, 2015). Previously regarded as a theoretical concern, hybrid threats now posed a challenge to NATO’s core functions, particularly logistics and communications, which rely heavily on private companies during crises (Dailey, 2023). Russia’s actions were characterised by “a full spectrum of activities, ranging from incitement of violence, kidnapping, and attempted assassination to infiltration and covert action combined with military efforts” (Kramer and Speranza, 2017). Therefore, the 2014 annexation of Crimea starkly demonstrated that hybrid threats were no longer confined to non-state actors such as Al-Qaeda or Hezbollah.

In response to Russia’s aggression, NATO Allies convened under Article 4 NAT for only the fourth time in history. They recognised the annexation as a threat to the territorial and political integrity of NATO, underscoring the need for enhanced deterrence and adaptation to hybrid warfare (Statement by the North Atlantic Council, 2014). NATO subsequently redefined hybrid threats as “asymmetrical tactics to probe for and exploit weaknesses via non-military means (such as political, informational, and economic intimidation and manipulation) [that] are backed by the threat of conventional and unconventional military means” (Calha, 2015). This shift was underpinned by the so-called “Gerasimov Doctrine”, which highlighted the blurred boundaries of modern warfare and the necessity for NATO to adapt to the ambiguous “grey zone” of conflict (Bērziņš, 2020). As NATO Secretary General Jens Stoltenberg remarked, hybrid warfare is “the dark reflection of our comprehensive approach”, requiring NATO to prepare for, deter, and, if necessary, defend against this emerging form of aggression (Keynote speech, 2015).

The NATO Summit held in Wales in 2014 marked a new momentum in the Alliance’s response to hybrid threats. For the first time, NATO recognised the need to develop “the necessary tools and procedures required to deter and respond effectively to hybrid warfare threats, and the capabilities to reinforce national forces” (Wales Summit Declaration, 2014:para. 13). The key decisions taken by leaders in 2014 form, the facto, the embryonic archetype of NATO’s current hybrid response system, based on strategic communication, hybrid exercise scenarios and enhanced coordination with other organisations, in particular the European Union (Wales Summit Declaration, 2014:para. 104). To support this renewed focus, NATO established the Strategic Communications Centre of Excellence in Riga, Latvia, serving as a hub for expertise in new information technologies and operational environments (NATO Centres of Excellence, 2023). In November 2014, NATO launched Iron Sword, its first live hybrid threat exercise, underscoring its resolve to address this complex challenge (LaCount, 2014). The Readiness Action Plan, also introduced at the Wales Summit, strengthened NATO’s collective defence posture (Wales Summit Declaration, 2014:para. 5). It included the creation of the Very High Readiness Joint Task Force (VJTF), a rapid-response multinational brigade of 5,000 troops (Wales Summit Declaration, 2014:para. 8), which was deployed for the first time during the Exercise Noble Jump in 2015 (Statement by NATO Defence Ministers, 2015:para. 4). To ensure the sustainability of these initiatives, NATO leaders endorsed the NATO Investment Pledge, committing member states to reverse declining defence expenditures (Wales Summit Declaration, 2014:para. 14). They agreed to allocate 2% of GDP to defence budgets, with 20% of this spending focused on major equipment and research and development.

In 2015, NATO adopted its first formal Hybrid Strategy, built on three key pillars: preparedness, deterrence, and defence (Countering Hybrid Threats, 2024). Preparedness is the prerequisite for developing effective deterrence and defence. In countering hybrid threats, preparedness requires NATO to serve as the central hub of expertise to assist Allies in staying informed, trained and technically equipped in the hybrid domain, including assessment and detection activities. At the same time, Allies themselves must be able to adapt to the range of hybrid threats, thereby reducing NATO’s vulnerability. For this reason, preparedness is rooted in both collective and national responsibility to counter hybrid threats and is legally enshrined in Article 3 NAT, which states that “[Allies], separately and jointly, by means of continuous and effective self-help and mutual aid, will maintain and develop their individual and collective capacity to resist armed attack” (North Atlantic Treaty, 1949). As for deterrence, NATO is “resolve to act promptly, wherever and whenever necessary” (Countering Hybrid Threats, 2024). To this end, the Alliance must streamline its decision-making processes and institutional systems, increase its responsiveness, and enhance Allies’ preventive and responsive capabilities. Finally, the strategy calls for NATO to be ready to act and defend its Allies, including by enhancing the Alliance’s military capabilities, in line with its structural shift from out-of-area operations to deterrence and defence after 2014. Despite the evolving nature of hybrid threats, NATO’s 2015 Hybrid Strategy remains the foundation of NATO’s basic conceptual framework against hybrid tactics and is continually reviewed in light of current events.

The Warsaw Summit in 2016 further cemented NATO’s approach to hybrid threats. Leaders expanded their definition to include “a broad, complex, and adaptive combination of conventional and non-conventional means, and overt and covert military, paramilitary, and civilian measures, are employed in a highly integrated design by state and non-state actors to achieve their objectives” (Warsaw Summit Communiqué, 2016:para. 72).

The meeting identified three key guidelines. First, the leaders declared that “the primary responsibility to respond to hybrid threats or attacks rests with the targeted nation” (Warsaw Summit Communiqué, 2016:para. 72). This decision follows the general rule that defence is primarily a national matter. Obviously, each nation has different vulnerabilities, and NATO can only provide technical and training assistance to help address them. To this end, NATO established the Joint Intelligence and Security Division (JISD) with the specific aim to “improve NATO’s ability to draw on a wide range of intelligence resources” (Warsaw Summit Communiqué, 2016:para. 79), and the Counter Hybrid Support Teams to provide “tailored, targeted assistance to Allies, upon their request, in preparing for and responding to hybrid activities” (Brussels Summit Declaration, 2018:para. 21). Second, for the first time, NATO declared that hybrid threats could trigger collective defence under Article 5 NAT (Warsaw Summit Communiqué, 2016:para. 72). This decision marked a significant step in NATO’s deterrence strategy against hybrid threats. Until then, hybrid warfare had been seen as a phenomenon that blurred the lines between regular and irregular military activity and was to be fought with a comprehensive approach of civil-military tools. At the Warsaw Summit, instead, Allies decided to treat hybrid threats as equivalent to an armed attack under the concept of collective defence, whereby an attack against one Ally is considered an attack against all Allies. Third, the Alliance “committed to effective cooperation and coordination with partners and relevant international organisations, in particular the EU … In efforts to counter hybrid warfare” (Warsaw Summit Communiqué, 2016:para. 72). Indeed, the Alliance recognised the global reach of hybrid tactics and the need to strengthen cooperation with partners, particularly Ukraine, Bosnia and Herzegovina, Georgia, and the Republic of Moldova. The 2016 Warsaw Summit paved the way for an enhanced strategic partnership between the EU and NATO, resulting in the signing of three joint declarations in 2016 (Joint Declaration, 2016), 2018 (Joint Declaration, 2018) and 2023 (Joint Declaration, 2023), which identified countering hybrid threats as the first area for deepened coordination. On this basis, the EU and NATO agreed on 20 practical proposals to address hybrid threats by improving situational awareness, strategic communication and resilience (Council Conclusions on the Implementation of the Joint Declaration, 2016, Council Conclusions on the Implementation of the Joint Declaration, 2017). Both organisations also jointly launched the European Centre of Excellence for Countering Hybrid Threats, established in Helsinki, Finland, in 2017. Its specific task is to improve situational awareness in countering hybrid threats (Hybrid CoE, 2007). The EU-NATO cooperation in countering hybrid threats “has reached unprecedented levels” (Brussels Summit Communiqué, 2021), and their strategic partnership can undoubtedly be defined as one of the most successful and advanced expressions of cooperation in the hybrid domain worldwide (Mariani and Genini, 2021; Seventh progress report, 2022).

Further advancements in NATO’s military capabilities were made, particularly at the Brussels Summit in 2018. NATO introduced the NATO Readiness Initiative, which aimed to enhance rapid response capacity by adding 30 naval, 30 air, and 30 ground combat forces available within 30 days’ notice (Brussels Summit Declaration, 2018:para. 14). NATO also updated its 2C structure by launching the Enablement Plan for the Supreme Allied Commander Europe’s (SACEUR) Area of Responsibility (AOR), which was implemented in 2021 through the establishment of the Joint Support and Enabling Command (JSEC) in Germany (Brussels Summit Declaration, 2018:para. 16). The JSEC plays a crucial role in coordinating the reinforcement and sustainment of forces under SACEUR’s direct authority during times of crisis. Additionally, NATO adapted its Command Structure (NCS) to meet modern security demands (Brussels Summit Declaration, 2018:para. 29). This adaptation included the creation of a Cyberspace Operations Centre in Belgium, and a Joint Force Command Norfolk headquarters in the United States to safeguard transatlantic communication lines. In 2021, NATO adopted two strategic documents: the Deterrence and Defence Concept (DDC), designed to address multi-domain threats; and the NATO Warfighting Capstone Concept (NWCC), aimed at maintaining the Alliance’s technological edge (Brussels Summit Communiqué, 2021).

A direct challenge: Russia’s full-scale invasion of Ukraine

On 24 February 2022, Russia launched a full-scale and illegal invasion of Ukraine, blatantly violating Ukraine’s sovereignty, independence, and territorial integrity. This act marked the return of high-conventional land warfare to Europe after over 75 years, evoking the devastation of the Second World War and shattering hopes of perpetual peace on the continent. Russia’s aggression has been described as a “tectonic shift in European history” (Versailles Declaration, 2022:para. 6). In response, a coalition of Allies – Bulgaria, Czechia, Estonia, Latvia, Lithuania, Poland, Romania, and Slovakia – convened extraordinary consultations under Article 4 NAT. This marked only the seventh invocation of this mechanism in NATO’s history, reaffirming the Alliance’s steadfast commitment to collective defence in the face of Russia’s aggression (Statement by the North Atlantic Council, 2022).

From the outset of its invasion, Russia has combined conventional attacks with systemic hybrid (and nuclear) threats, aligning with its 2019 “active defence” doctrine (Ionita, 2023). As Lewis pointed out, the war in Ukraine “was not the first “cyber war” … But it was the first major conflict involving large-scale cyber operations” (Lewis, 2022). In their commentary, “Ukraine’s lessons for the future of hybrid warfare”, Kong and Marler (2022) identify Russia’s hybrid strategy as a blend of propaganda, kinetic attacks, and espionage. Notably, Russia has leveraged Artificial Intelligence (AI) for deception purposes, with one prominent example being the AI-generated appearance of Ukrainian President Zelensky promoting the surrender of Ukrainian soldiers on 16 March 2022 (Osadchuk, 2022). Furthermore, Russia has weaponised legal norms to justify its actions. By issuing passports to residents in annexed Ukrainian territories – Donetsk, Kherson, Luhansk, Mykolayiv, Zaporizhzhya, and Crimea – it fabricated a legal pretext to intervene under the guise of protecting its citizens while simultaneously delegitimising Ukrainian authority. This manipulation of legal arguments to support hybrid operations is well-documented (Janičatová and Mlejnková, 2021:313).

The scale of Russia’s cyber warfare has been staggering. As of December 2023, Ukraine had faced 3,225 cyberattacks from 126 different threat actors, primarily targeting critical infrastructure (Cyber Peace Institute, 2023). While Russia’s methods are not overall technologically innovative, the frequency and coordination of attacks are alarming: “the number of attacks, the perpetrators, and the use of cyber against critical infrastructure are cause for alarm” (Duguin and Pavlona, 2023). In response, NATO officially condemned Russia’s hybrid tactics at the 2024 Washington Summit, denouncing “sabotage, acts of violence, provocations at Allied borders, instrumentalisation of irregular migration, malicious cyber activities, electronic interference, disinformation campaigns and malign political influence, as well as economic coercion” (Washington Summit Declaration, 2024:para. 20).

Russia’s widespread use of hybrid actions against Ukraine has aimed to expose the vulnerability of its Western neighbours on multiple fronts. One prominent tactic has been the manipulation of energy as a political weapon to sway European countries’ support for Ukraine, leveraging the EU’s 45% reliance on Russian fossil fuel imports. The sabotage of the North Stream gas pipeline in September 2022 is perhaps the most symbolic expression of Russia’s energy war against the West (Jones and Bachman, 2022). Additionally, Moscow’s targeting of critical infrastructure is evident in the severing of two fibre-optic telecommunications cables connecting Finland to Germany and Sweden to Lithuania (Höller, 2024). Russia has also weaponised migration flows, exacerbating the fragile stability of Europe’s post-pandemic recovery. In almost 2 years, 6.3 million Ukrainians fled to neighbouring countries, with Poland alone absorbing around 60% of all refugees from Ukraine (United Nations High Commissioner for Refugees, 2024). Moreover, Russia’s naval blockade in the Black Sea has sparked a regional and global food crisis, with disruptive consequences in Africa and the Middle East, among others. Efforts by the international community, particularly through the UN and Türkiye, culminated in the “Black Sea Grain Initiative” (BSGI) on 22 July 2022. However, the agreement, once hailed as a “beacon of peace”, was not renewed after its third term expired on 17 July 2023, leaving the fragile accord in jeopardy (Guterres, 2022).

The combination of all hybrid actions undertaken by Moscow since 2022 has been specifically aimed at reducing Western support for Ukraine, breaking the transatlantic link down, and weakening the US’ ironclad back on European Allies within NATO. However, Russia achieved the exact opposite – unless Donald Trump’s re-election in the US shatters transatlantic unity. NATO has enlarged through the historic accession of Finland and Sweden, united in opposition to Russia’s unprovoked aggression in Ukraine by providing support packages, and deepened its partnership with the EU.

“And the reality is that President Putin made at least two big strategic mistakes when he invaded Ukraine last year. The first and most important was, of course, that he totally underestimated the Ukrainians. The strength, the commitment, the courage of the Ukrainian people, the Ukrainian political leadership and the Ukrainian armed forces. The other big strategic mistake he made was to underestimate us. The other big strategic mistake he made was to underestimate us. Our willingness, our commitment to support Ukraine, to stand by Ukraine, with economic sanctions, with political support, but not least, with the military support.” (Stoltenberg, 2023)

From the outset, NATO has unequivocally condemned Russia’s invasion of Ukraine and pledged unwavering support to Ukraine for as long as it takes (Statement by the North Atlantic Council, 2022). In response to the invasion, NATO updated its Strategic Concept at the 2022 Madrid Summit to address the evolving security landscape (Strategic Concept, 2022). The 2022 Strategic Concept represented a major reshaping of NATO’s defence posture against hybrid threats, moving beyond a mere reiteration of the key outcomes of the 2016 Warsaw Summit (Strategic Concept, 2022:para. 27). In particular, NATO has focused on authoritarian actors in juxtaposition with the democratic values and interests championed by the Western countries in NATO, the EU and G5 forums. Unlike the previous 2010 Strategic Concept, Russia and its main supporter, China, monopolised the new NATO strategic document as a reflection of the events in Ukraine. Russia’s intention to establish spheres of influence through both conventional and hybrid means against NATO Allies is now considered “the most significant and direct threat to Allies’ security and to peace and stability in the Euro-Atlantic area” (Strategic Concept, 2022:para. 8).

NATO reopened its doors to enlargement 3 years after its last accession (Strategic Concept, 2022:para. 40), extending an official invitation to Finland and Sweden to join the Alliance under Article 10 NAT (Madrid Summit Declaration, 2022). Finland officially became a NATO member in April 2023, followed by Sweden in March 2024, after delays in Sweden’s ratification by Hungary and Türkiye, which lasted nearly 2 years (Stuart, 2024). The accession of Finland and Sweden further bolstered NATO’s capacity to counter hybrid threats, exemplified by their role in hosting the NATO Hybrid Symposium. This event included a 2-day training session aimed at strengthening cooperation within the hybrid community, reaffirming that “NATO has a key role in countering hybrid activities” (Symposium in Finland, 2023). A year later, in October 2024, 100 experts from NATO Allies reconvened at the NATO Hybrid Symposium in Prague, Czechia, to discuss hybrid threats and propose strategies for improving NATO’s deterrence mechanisms (NATO Allies and experts, 2024). These efforts culminated in NATO launching its largest live exercise since the Cold War, named NATO Steadfast Defender, to demonstrate Alliance unity and resolve in response to Russia’s aggression against Ukraine (SHAPE Public Affairs Office, 2024). Russia’s Deputy Foreign Minister, Alexander Grushko, defined NATO Steadfast Defender as an “irrevocable return” to Cold War patterns and part of “the hybrid war unleashed by the West against Russia” (Kelly, 2024).

NATO has implemented significant military adaptations. The NATO Force Model, capable of deploying over 300,000 troops on short notice, replaced the NATO Response Force (Madrid Summit Declaration, 2022:para. 9). Additional multinational battlegroups were deployed on heightened alert in Eastern Europe, and the Alliance approved a new generation of regional plans alongside its first Defence Production Action Plan, aimed at strengthening industrial cooperation on security equipment (Vilnius Summit Communiqué, 2023:para. 36). Cyber and critical infrastructure defences were similarly enhanced, with the establishment of the NATO Integrated Cyber Defence Centre and the development of the Centre for Security of Critical Undersea Infrastructure (Washington Summit Declaration, 2024:para. 7). These measures are particularly crucial as Russia intensifies its hybrid warfare tactics. As NATO Secretary General Rutte has stated, Russia is engaged in “an intensifying campaign of hybrid attacks across our allied territories, interfering directly in our democracies, sabotaging industry and committing violence” (Posaner, 2024). In light of these actions, NATO Allies have officially condemned Russia’s hybrid campaigns across Europe (Statement by the North Atlantic Council, 2024).

Recognising the growing threat posed by hybrid warfare, NATO reaffirmed its commitment to Article 5 NAT in the context of hybrid attacks. For the first time, however, Allies explicitly declared that the attribution of responsibility for hybrid threats is exclusively a “sovereign national prerogative” (Vilnius Summit Communiqué, 2023:para. 64). This recognition of hybrid threats as a matter of national sovereignty enhances the practical feasibility of invoking Article 5 in response to a hybrid attack, an option first introduced at the Warsaw Summit in 2016. By delegating the responsibility for determining the perpetrator to the targeted nation, NATO aims to reduce potential disputes among Allies within the North Atlantic Council regarding attribution, thereby streamlining the decision-making process.

NATO’s support for Ukraine has also deepened. Allies agreed that “Ukraine will become a member of NATO” (Vilnius Summit Communiqué, 2023:para. 11), affirming that Ukraine’s accession is on an “irreversible path” (Washington Summit Declaration, 2024:para. 16). To facilitate this process, NATO introduced an ad hoc accession pathway for Ukraine that omits the traditional Membership Action Plan (MAP). In a historic move, NATO also provided its platform for the conclusion of the Ukraine Compact in July 2024 – a comprehensive agreement between Ukraine and NATO Allies (Ukraine Compact, 2024). The Ukraine Compact serves as a formal bridge toward Ukraine’s Transatlantic aspirations and represents the first transatlantic security agreement of its kind.

In response to hybrid threats, NATO has extensively utilised its NATO-Ukraine Platform on Countering Hybrid Warfare. Launched in 2016 to facilitate NATO-Ukraine intelligence cooperation on Russia’s hybrid tactics following the 2016 Warsaw Summit, it formed an integral component of the Comprehensive Assistance Package (CAP). Since February 2022, the NATO-Ukraine Platform has been further developed under the Enhanced CAP Programme for Ukraine, aiming to “help rebuild the Ukrainian security and defence sector and transition Ukraine towards full interoperability with NATO” (Vilnius Summit Communiqué, 2023:para. 13). Additionally, the establishment of the NATO-Ukraine Council (Vilnius Summit Communiqué, 2023:para. 12) has reinforced this collaboration. In this context, NATO hosted an event titled “Countering the Russian Manipulation of History and False Historical Narratives”, specifically addressing Russia’s malicious narratives aimed at discrediting NATO’s support to Ukraine (NATO-Ukraine Platform on Countering Hybrid Warfare, 2023).

As a final step in the process of adapting to hybrid threats, NATO Allies renewed their financial commitment to defence at the Vilnius Summit in 2023 (Vilnius Summit Communiqué, 2023:para. 27). Allies pledged to allocate at least 2% of their GDP in defence annually, with at least 20% of their defence budgets dedicated to major equipment. Unlike the 2014 Defence Investment Pledge, the 2% GDP target is now viewed as a floor, rather than a ceiling, meaning that Allies must not only meet this target but exceed it.

Critical assessment: A roadmap

Building on the previous section, this section evaluates NATO’s adaptation to hybrid threats through three key variables: strategy, responsiveness, and focus. The ultimate objective is to propose a roadmap for reforms that will strengthen NATO’s capacity to address hybrid threats moving forward. As hybrid threats continue to shape modern conflicts and reshape the security landscape, NATO must address its vulnerabilities to ensure effective deterrence and defence of its member states.

NATO’s efforts to adapt have already mitigated some of the advantages hybrid threats might offer adversaries like Russia. Analysts argue that Russia’s reliance on hybrid tactics has been counterproductive, contributing minimally to its conventional military attack while undermining its overall military operation (Bateman, 2022). What is certain, however, is that hybrid tactics have largely served as a smokescreen for Russia’s brutal attacks on Ukrainian civilians and its operational failures on the battlefield.

Since 2002, NATO has progressively incorporated hybrid threats into its strategic framework, adapting to shifting geopolitical realities. Initially, hybrid threats were concentrated in the US and the Middle East, with notable examples such as the 9/11 terrorist attacks and Hezbollah’s hybridised warfare. These earlier lessons remain instructive; for instance, Piotrowski (2015) argues that NATO should closely study Hezbollah’s combination of conventional and asymmetric tactics, along with its civilian structure and propaganda machinery, to better counter hybrid threats from Russia. Similarly, NATO’s political guidance on hybrid threats has evolved. While the term “hybrid threats” was formally coined by Hoffman in 2007, NATO recognised such tactics much earlier. Today, NATO is far more prepared, armed with a Hybrid Strategy and several official communiqués addressing the interplay between hybrid and conventional warfare. The 2022 Strategic Concept, which associates autocratic regimes with hybrid threats, marks a pivotal shift in NATO’s strategic posture, reflecting the transition from unipolarity to a multipolar global order reminiscent of the Cold War. Despite these advancements, NATO’s strategic framework remains outdated, as it still relies on a 2015 model that fails to account for the drastically changed security landscape – ranging from Crimea to the broader Ukrainian conflict – and the increasingly sophistication of hybrid threats, such as sabotage. NATO Secretary General has called for a clearer, updated definition of hybrid threats, acknowledging that current definitions are insufficient, with plans for a revised framework by mid-2025 (To Prevent War NATO Must Spend More, 2024). Additionally, NATO must renew its Hybrid Strategy to align with the regional plans approved in 2023, integrate the NATO Force Model, and develop a comprehensive defence-industrial programme with clear targets and timelines to strengthen transatlantic security. Meanwhile, enlargement has been another critical element of NATO’s adaptation, with two new members and the Ukraine Compact highlighting NATO’s commitment to countering Russian hybrid threats. Ukraine’s prospective membership could significantly enhance European and North American security, deterring authoritarian regimes and fostering a robust collective defence system (Grod, 2024). As NATO Secretary General pointed out before the 2023 Munich Security Conference, “supporting Ukraine is not only the morally right thing to do. It is also in our own security interest” (Opening remarks, 2023). However, strategic ambiguity clouds this process, as NATO has tied membership to unanimous Allied agreement, leaving Ukraine’s accession postponed sine die. Clarifying this stance is essential for NATO’s effective adaptation to emerging security challenges (Dempsey, 2023).

In parallel with strategic updates, NATO has worked to streamline its decision-making processes to enhance its responsiveness to hybrid threats. NATO doctrine now equates hybrid attacks with armed attacks, allowing for the legal activation of Article 5 NAT in response to hybrid threats (Monaghan, 2022). This framework reduces the risk of external miscalculations. However, the practical application of Article 5 NAT remains constrained by two key factors: the inherent ambiguity and lack of accountability surrounding hybrid threats, and the requirement for unanimous consensus among NATO Allies in the North Atlantic Council (Piella, 2022). Although accountability has become a “sovereign national prerogative” since 2023, it is unlikely that all Allies will set aside their differing political preferences and foreign interests on the basis of a single Ally’s allegations of responsibility. Moreover, Article 5 NAT is considered an extrema ratio, typically prospecting the mobilisation of substantial military resources – an approach that is not always appropriate for addressing hybrid threats. As a result, consultations under Article 4 NAT, which are triggered when a member state’s “territorial integrity, political independence, or security… Is threatened” (Lanz, 2019:36), are often a more feasible response. To overcome these obstacles, NATO should establish specialised agencies to address hybrid threats, complementing existing structures such as the Joint Intelligence and Security Division. These agencies would enhance situational awareness, provide legal accountability, and offer tailored support to member states targeted by hybrid tactics. Expanding non-Article 5 responses, such as sanctions, could further facilitate consensus among Allies and reduce reliance on military interventions under Article 5 NAT. While the decision on how to respond to hybrid attacks ultimately rests with the victim state (Gaiser, 2020:19), NATO’s role in supporting its member states should not be underestimated.

Resource allocation is another critical area for reform. While 23 Allies met the 2% GDP defence spending benchmark in 2024, investment remains uneven. Eastern European nations – Poland, Estonia, Latvia, Lithuania, Finland – shoulder a disproportionate share of NATO’s financial burden, alongside the US (NATO, 2024). Notably, the US alone accounts for approximately 70% of NATO’s total defence spending, underscoring the Alliance’s continued dependence on American support. This imbalance risks leaving European Allies vulnerable if US attention shifts elsewhere, such as to the Middle East – a scenario aligned with Donald Trump’s foreign policy vision. Meanwhile, Croatia, Portugal, Italy, Canada, Belgium, Luxembourg, Slovenia, and Spain have postponed meeting the 2% benchmark until the end of the decade, escaping from the commitment. Only Poland, Estonia, the US, Latvia, and Greece spend more than 3% of their GDP on defence, fulfilling even the more ambitious Vilnius objective. It is also worth noting that Europe and Canada together reached, but did not exceed, the 2% target for the first time in 2024. As a counterbalance, all Allies except Canada and Belgium invest more than 20% of their defence budgets in equipment (NATO, 2024).

However, investments to counter hybrid threats remain generally low and uneven among Allies. Specifically, infrastructure investments to address hybrid threats are particularly low, averaging just 5.17% of total defence spending in 2024, down from 5.46% in 2023. Eastern nations like Lithuania and Romania, which are geographically closer to Russia, lead in infrastructure investment, while others, such as Finland and Greece, allocate less than 0.5% of their defence budgets. Despite these disparities, Allies collectively invest a third of their defence budgets in research, development, and major equipment – strategic sectors essential for effectively combating hybrid threats.

To address these challenges, NATO must encourage Allies to capitalise on the current momentum of increased defence spending spurred by the war in Ukraine. Investments should prioritise research, development, and critical infrastructure to reduce vulnerabilities. Hybrid threats are fast-evolving, increasingly shaped by emerging technologies like artificial intelligence, deepfakes, and cryptocurrencies (Cattler, 2021). AI-related technologies can be used in a variety of ways to influence military operations – such as creating a fictitious personas to manipulate a targeted state’s internal society or generating fake speeches released by influential politicians (Mazzucchi, 2022). These tools enable adversaries to execute covert and efficient hybrid operations, making NATO’s technological preparedness all the more vital. While NATO cannot replace national governments in this effort, it can incentivise and facilitate collective action. Through education, training, technical assistance, and coordinated investment, NATO can help its members build robust defences against hybrid threats. Maintaining a technological edge and fostering collaboration among Allies will be essential to deterring adversaries and ensuring long-term security.

Conclusion

The 21st century has presented NATO with one of its greatest challenges: the rise of hybrid threats. While public perception often equates conflict with conventional military attacks, Russia’s illegal invasion of Ukraine – initiated in 2014 and culminating in a full-scale war in 2022 – has vividly demonstrated the integration of both hybrid and conventional threats in modern warfare.

Hybrid threats, though “nothing new in essence” (Keynote speech, 2015; Thiele, 2020), have evolved significantly over time. From Al-Qaeda’s terrorist attacks in 2001 to the sophisticated use of disinformation, sabotage, and legal manipulation, hybrid threats now pose a far more complex challenge to the West. In the 21st century, they are frequently employed alongside traditional military operations, as seen in Russia’s use of hybrid tactics. Hybrid threats have become faster, more scalable, and more integrated into conventional warfare strategies, making them an urgent concern for NATO.

NATO has embarked on a comprehensive adaptation process to address these challenges. Key milestones include the 2014 Wales Summit, the 2016 Warsaw Summit, and the 2023 Vilnius Summit. These summits have shaped NATO’s approach to hybrid threats, leading to the development of a Hybrid Strategy in 2015, the integration of hybrid threats into Article 5 doctrine, and the assignment of accountability to the targeted state. NATO has also bolstered its military capabilities through the NATO Force Model, reinforced its Eastern flank, and expanded its membership.

Despite these efforts, Russia’s full-scale invasion of Ukraine in 2022 marked a pivotal moment. Unlike the annexation of Crimea, this conflict has made hybrid threats a direct and immediate security challenge vis-à-vis NATO and its Allies, forcing the Alliance to return to its core mission of deterrence and defence. Arguably, Russia has become the raison d’être for NATO’s increased adaptation to hybrid threats. Often described as a declining power, Russia has become a master of hybrid tactics, leveraging a “sophisticated, resourceful, comprehensive, and concerted” hybrid toolbox (Jopling, 2018). Ironically, this decline may be incentivising Russia’s leadership to disrupt the European security order more aggressively, using hybrid instruments to further its objectives (Fried and Volker, 2022).

At the same time, NATO’s response to hybrid threats remains characterised by setbacks. First, NATO’s strategic outlook, last updated in 2015, does not reflect the technological advancements and evolving tactics of aggressors. Hybrid threats are fast-moving and require a more agile, forward-looking strategy. Second, the activation of Article 5 NAT is not a routine measure, but it demands a high level of political responsibility and the mobilisation of massive military resources. Consequently, Article 5 NAT remains an unlikely option for addressing hybrid threats, as they often operate below the threshold of an armed attack, complicating attribution and requiring unanimous consensus within the North Atlantic Council. Lastly, NATO must find ways to increase investment in defence, particularly in infrastructure and Research and Development. While an increasing number of Allies – led by Eastern European countries – have accelerated defence spending following Russia’s large-scale invasion of Ukraine, NATO still faces financial shortfalls in addressing a more volatile geopolitical landscape characterised by power politics (Nikolov, 2024). Moreover, the return of a second Trump administration in the US raises the prospect of renewed debates within NATO over achieving a more equitable burden-sharing between Europe and the US, which could lead to a new pledge of 5% of GDP for defence (Fisher et al., 2024).

As NATO celebrated 75 years of collective defence, its ability to adapt to hybrid threats will be crucial to its continued relevance and success. The proliferation of hybrid threats challenges not only NATO’s operational capacity but also its foundational principles of unity and shared responsibility. By embracing innovation and reinforcing its structures, NATO can ensure it remains a cornerstone of transatlantic security in an increasingly unpredictable world. Reforming itself is not merely an option – it is an imperative for the future.

Footnotes

Declaration of conflicting interests

The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Funding

The author(s) received no financial support for the research, authorship, and/or publication of this article.

ORCID iD

Davide Genini

Author biography

Davide Genini is a PhD Candidate in EU Law at Dublin City University, specialising in European Security Law. He is also a researcher at the Brexit Institute and the Dublin European Law Institute. His research focuses on the impact of the war in Ukraine on the EU and NATO, the integration of defense policies, and the broader future of European security.

References

A ‘comprehensive approach’ to crises (2024). Available at: https://www.nato.int/cps/en/natohq/topics_51633.htm

Adapting to Change: The Role of International Organizations (2015). Available at: https://www.youtube.com/watch?v=4fW-YR6HqW0

ARSIWA (2001) United nations. Available at: https://legal.un.org/ilc/texts/instruments/english/draft_articles/9_6_2001.pdf

Aver’yanova

(2018) Konsolidatsiya ukrayinsʹkoho suspilʹstva v suchasnykh umovakh hibrydnoyi viyna [Consolidation of Ukrainian society in modern conditions of hybrid war]. VISNYK Kyyivsʹkoho natsionalʹnoho universytetu imeni Tarasa Shevchenka 1(18): 5–7.

Balcaen

Siman

(2022) Balancing Conventional and Hybrid Threats in (Future) State Competition, Vol. 283. Copenhagen, Denmark: Egmont.

Banks

Samuel

(2019) Hybrid Threats, Terrorism, and Resilience Planning. Washington, DC: ICCT.

Bateman

(2022) Russia’s Wartime Cyber Operations in Ukraine: Military Impacts, Influences, and Implications. Stockholm, Sweden: Carnegie.

Berdal

(2011) The ‘new wars’ thesis revisited. In: The Changing Character of War. Oxford, UK: Oxford University Press.

Bērziņš

(2014) Russian “new generation warfare”: More democracy is the solution. 5. Deterrence Paper. Washington, DC: Center for European Policy Analysis.

10.

Bērziņš

(2020) The theory and practice of new generation warfare: the case of Ukraine and Syria. Journal of Slavic Military Studies 33(3): 355–380.

11.

Biddle

Friedman

(2008) The 2006 Lebanon Campaign and the Future of Warfare: Implications for Army and Defense Policy. PA, USA: US Army War College Press.

12.

Blokker

(2019) NATO as an International Or O as an International Organization: T ganization: Ten Brief Obser en Brief Observations. Emory International Law Review 34: 30.

13.

Bowen

(2009) Document analysis as a qualitative research method. Qualitative Research Journal 9(2): 27–40.

14.

Braun

Clarke

(2013) Successful Qualitative Research: A Practical Guide for Beginners. UK: Sage.

15.

Brussels Summit Communiqué (2021) NATO. Available at: https://www.nato.int/cps/cz/natohq/news_185000.htm

16.

Brussels Summit Declaration (2018) NATO. Available at: https://www.nato.int/cps/en/natohq/official_texts_156624.htm

17.

Bucharest Summit Declaration (2008) NATO. Available at: https://www.nato.int/cps/en/natolive/official_texts_8443.htm

18.

Calha

(2015) Hybrid warfare: nato’s new strategic challenge? NATO Parliamentary Assembly. Available at: https://www.eerstekamer.nl/id/vk3nbmfqmt7x/document_extern/nato_pa_rapport_hybrid_warfare_nato/f=/vk3nbqkjzced.pdf

19.

Carment

Belo

(2020) Gray-zone conflict management theory, evidence, and challenges. Journal of European, Middle Eastern, & African Affairs 2(2): 21–41.

20.

Cattler

(2021) What is NATO doing to address hybrid threats? Available at: https://www.nato.int/cps/en/natohq/news_183004.htm

21.

Charter of Paris (1990) Osce. Available at: https://www.osce.org/files/f/documents/0/6/39516.pdf

22.

Charter of the United Nations (1945) 1 unts XVI. Available at: https://treaties.un.org/doc/publication/ctc/uncharter.pdf

23.

Clark

(2024) Austin underscores enduring strength of NATO alliance. Available at: https://www.defense.gov/News/News-Stories/Article/Article/3659353/austin-underscores-enduring-strength-of-nato-alliance/

24.

Comprehensive Political Guidance (2006) NATO. Available at: https://www.nato.int/cps/en/natohq/official_texts_56425.htm

25.

Corrigan

(2017) Defining adaptation. In: The Oxford Handbook of Adaptation Studies Get Access Arrow. Oxford, UK: Oxford University Press, 23–35.

26.

Council Conclusions on the Implementation of the Joint Declaration (2016) EU. https://data.consilium.europa.eu/doc/document/ST-15283-2016-INIT/en/pdf

27.

Council Conclusions on the Implementation of the Joint Declaration (2017) EU. https://www.consilium.europa.eu/media/31947/st14802en17.pdf

28.

Countering Hybrid Threats (2024). Available at: https://www.nato.int/cps/en/natohq/topics_156338.htm

29.

CyberPeace Institute (2023) Quarterly analysis report Q3 july to september 2023 – cyber dimensions of the armed conflict in Ukraine. Available at: https://cyberpeaceinstitute.org/wp-content/uploads/2023/12/Cyber-Dimensions_Ukraine-Q3-2023.pdf

30.

Dailey

(2023) NATO Needs a Plan for Military and Nonmilitary Instruments of Power to Work Together. Washington, DC: Atlantic Council.

31.

De Wet

(2019) The invocation of the right to self-defence in response to armed attacks conducted by armed groups: implications for attribution. Leiden Journal of International Law 32(1): 91–110.

32.

De Wijk

(1997) NATO on the Brink of the New Millennium: The Battle for Consensus. VA USA: Brassey’s.

33.

Dempsey

(2023) Judy asks: is Ukraine’s NATO membership realistic? Carnegie. Available at: https://carnegieendowment.org/europe/strategic-europe/2023/07/judy-asks-is-ukraines-nato-membership-realistic?lang=en

34.

Deterrence and Defence in the XXI century (2021) Speech by NATO secretary general Jens Stoltenberg at the first strategic concept seminar. Available at: https://www.nato.int/cps/en/natohq/opinions_190200.htm

35.

Duguin

Pavlona

(2023) The Role of Cyber in the Russian War against Ukraine: Its Impact and the Consequences for the Future of Armed Conflict. European Parliament - Policy Department for External Relations. Available at: https://www.europarl.europa.eu/RegData/etudes/BRIE/2023/702594/EXPO_BRI(2023)702594_EN.pdf

36.

Dunne

Pettigrew

Robinson

(2016) Using historical documentary methods to explore the history of occupational therapy. British Journal of Occupational Therapy 79(6): 376–384.

37.

EEAS (2018). Available at: https://www.eeas.europa.eu/node/46393_en

38.

Fisher

Foy

Schwartz

(2024) Trump wants 5% Nato defence spending target. Europe Told. London: Financial Times.

39.

Falick

(2018) An Introduction to Qualitative Research. Newcastle, UK: Sage.

40.

Founding Act (1997) NATO. Available at: https://www.nato.int/cps/en/natohq/official_texts_25468.htm?

41.

France’s National strategic review (2022) République français. Available at: https://www.sgdsn.gouv.fr/files/files/rns-uk-20221202.pdf

42.

Fried

Volker

(2022) The Speech in Which Putin Told Us Who He Was. Virginia, USA: Politico.

43.

Gaiser

(2020) NATO - EU collaboration on hybrid threats: cooperation out of necessity with potential consequences on international legal framework. National Security and the Future 20(1–2): 13–23.

44.

Galán

(2018) Amenazas híbridas: nuevas herramientas para viejas aspiraciones. Madrid, Spain: Real Instituto Elcano.

45.

Galeotti

(2016a) Hybrid, ambiguous, and non-linear? How new is Russia’s “new way of war”. Small Wars and Insurgencies 27(2): 282–301.

46.

Galeotti

(2016b) Hybrid War or Gibridnaya Voina? Getting Russia’s Non-linear Military Challenge Right. Lulu.com.

47.

Germany’s National Security Strategy (2023) The federal government. Available at: https://www.nationalesicherheitsstrategie.de/National-Security-Strategy-EN.pdf

48.

Grod

(2024) Five Reasons Why Ukraine Should Be Invited to Join NATO. Washington, DC: Atlantic Council.

49.

Guterres

(2022) Black Sea Grain Initiative ‘a Beacon of Hope, Relief’ for World, Says Secretary General, as War Coninues in Ukraine. United Nations.

50.

Hallams

Ratti

Zyla

(2013) Introduction – a new paradigm for NATO? In: NATO beyond 9/11 – New Security Challenges. London, UK: Palgrave Macmillan.

51.

Halper

(2013) China: The Three Warfares, Report for the Director of Office of Net Assessment. US Department of Defence. Available at: https://www.esd.whs.mil/Portals/54/Documents/FOID/Reading_Room/Litigation_Release/Litigation_Release-China-_The_Three_Warfares_201305.pdf

52.

Harari

(2018) 21 Lessons for the 21st Century. London, England: Jonathan Cape.

53.

Helsinki European Council (1999) UE. Available at: https://www.europarl.europa.eu/summits/hel1_en.htm

54.

Herța

L-M

(2017) Hybrid warfare – a form of asymmetric conflict. International conference Knowledge-Based Organization 23(1): 135–143.

55.

Hickman

Weissmann

Nilsson

, et al. (2017) Hybrid threats and asymmetric warfare: what to do? Swedish Defence. Stockholm, Sweden: University.

56.

Hoffman

(2007) Conflict in the 21st Century: The Rise of Hybrid Wars. Arlington, VA: Potomac Institute for Policy Studies.

57.

Höller

(2024) The shallow Baltic Sea holds deep secrets about a hybrid war on NATO. Defence News. Available at: https://www.defensenews.com/special-reports/2024/12/09/the-shallow-baltic-sea-holds-deep-secrets-about-a-hybrid-war-on-nato/

58.

Hybrid CoE (2007). Available at: https://www.hybridcoe.fi/

59.

International Committee of the Red Cross (1949) Geneva Convention Relative to the Protection of Civilian Persons in Time of War, Vol. 75. UNTS 287.

60.

Ionita

C-C

(2023) Conventional and hybrid actions in the Russia’s invasion of Ukraine. Security and Defence Quarterly 44(4): 5–20.

61.

Janičatová

Mlejnková

(2021) The ambiguity of hybrid warfare: a qualitative content analysis of the United Kingdom’s political–military discourse on Russia’s hostile activities. Contemporary Security Policy 42(3): 312–344.

62.

Joint Declaration (2016) NATO. Available at: https://www.nato.int/cps/em/natohq/official_texts_133163.htm

63.

Joint Declaration (2018) NATO. Available at: https://www.nato.int/cps/cn/natohq/official_texts_156626.htm

64.

Joint Declaration (2023) NATO. Available at: https://www.nato.int/cps/en/natohq/official_texts_210549.htm

65.

Jones

Bachman

S-D

(2022) Hybrid warfare’: nord Stream attacks show how war is evolving. The Conversation. Available at: https://theconversation.com/hybrid-warfare-nord-stream-attacks-show-how-war-is-evolving-191764

66.

Jopling

(2018) Countering Russia’s hybrid threats: an update. NATO Parliamentary Assembly. Available at: https://www.nato-pa.int/download-file?filename=/sites/default/files/2018-12/166_CDS_18_E_fin-HYBRID_THREATS-JOPLING_0.pdf

67.

Kelly

(2024) NATO’s steadfast defender exercises mark return to Cold war schemes, Russia says. Reuters. Available at: https://www.reuters.com/world/europe/natos-steadfast-defender-exercises-mark-return-cold-war-schemes-russia-says-2024-01-21/

68.

Keynote speech (2015). Available at: https://www.nato.int/cps/it/natohq/opinions_118435.htm

69.

Kong

Marler

(2022) Ukraine’s lessons for the future of hybrid warfare. The National Interest. Available at: https://nationalinterest.org/feature/ukraines-lessons-future-hybrid-warfare-205922

70.

Kramer

Speranza

(2017) Meeting the Russian Hybrid Challenge. Washington, D.C.: Atlantic Council.

71.

Kridel

(2015) The biographical and documentary milieu. In: The Sage Guide to Curriculum in Education. Newcastle, UK: Sage, 311–318.

72.

LaCount

(2014) NATO Kicks off Major Military Exercise Iron Sword 2014. Atlanta, Georgia US: Dvids.

73.

Lanz

(2019) El conflicto en las sombras: aspectos generales y elementos jurídicos de las operaciones en la zona gris. límites jurídicos de las operaciones actuales: nuevos desafíos 201, Cuadernos de estrategia. Logroño, Spain: IEEE. Ministerio de Defensa.

74.

Lewis

(2022) Cyber War and Ukraine. Washington, DC: Center for Strategic International Studies.

75.

Loishyn

Tkach

Havrylko

, et al. (2021) Analysis of the features of hybrid warfare. Political Science and Security Studies Journal 2(1): 14–25.

76.

Lonardo

(2021) EU Law against hybrid threats. A first assessment. European Papers 6: 1075–1096.

77.

Madrid Summit Declaration (2022) NATO. Available at: https://www.nato.int/cps/cn/natohq/official_texts_196951.htm

78.

Mariani

Genini

(2021) EU and NATO: the legal foundation of an extraordinary partnership. Eurojus 4: 187–209.

79.

Mazzucchi

(2022) AI-based technologies in hybrid conflict: The future of influence operations. 22, Hybrid CoE Paper, June. Hybrid CoE. Available at: https://www.hybridcoe.fi/wp-content/uploads/2022/06/20220623-Hybrid-CoE-Paper-14-AI-based-technologies-WEB.pdf

80.

Mearsheimer

(1990) Back to the future: instability in Europe after the Cold war. International Security 15(1): 5.

81.

Menon

Welsh

(2011) Understanding NATO’s sustainability: the limits of institutionalist theory. Global Governance 17(1): 81–94.

82.

Mercier

(2018) Conference Adaptation in a Complex World: NATO at the Turn of the Century. Paris: Sciences Po.

83.

Merriam

Tisdell

(2016) Qualitative Research: A Guide to Design and Implementation. 4th edition. Hoboken, NJ: Jossey Bass.

84.

Mestre

(2021) Las balas humanas de Mohammed VI. Madrid, Spain: OK Diario.

85.

Michael

Diessen

De Kermabon

, et al. (2011) NATO Countering the Hybrid Threat. Institute for National Strategic Security. Washington, DC: National Defense University.

86.

Militärstrategisk doktrin (2016) MSD 16. Stockholm: Swedish armed forces (försvarsmakten). Available at: https://goteborgsforsvar.se/wp-content/uploads/2016/01/militarstrategisk-doktrin-2016.pdf

87.

Monaghan

(2022) Five Steps NATO Should Take after the Nord Stream Pipeline Attack. Washington, D.C.: Center for Startegic & International Studies.

88.

Morgan

(2021) Conducting a qualitative document analysis conducting a qualitative document analysis. Qualitative Report 27(1): 64–77.

89.

Mumford

McDonald

(2014) Ambiguous warfare. In: Report Produced for the DCDC.

90.

National Security Strategy of Ukraine (2020) 392/2020.

91.

NATO (1949) The signing cerimony. Available at: https://www.nato.int/cps/en/natohq/declassified_137799.htm

92.

NATO (2024) Defence expenditure of NATO countries (2014-2024). Available at: https://www.nato.int/nato_static_fl2014/assets/pdf/2024/6/pdf/240617-def-exp-2024-en.pdf

93.

NATO Allies and experts (2024) NATO. Available at: https://www.nato.int/cps/is/natohq/news_230089.htm?selectedLocale=en

94.

NATO Centres of Excellence (2023). Available at: https://www.act.nato.int/article/nato-stratcom-coe/#:∼:text=The_NATO_Strategic_Communications_Centre_of_Excellence%2C_located_in_Riga,its_Allies%2C_and_its_Partnerss

95.

NATO Public Diplomacy Division (2006) Combating new threats and developing new capabilities. NATO Handbook. 168–180. Available at: https://www.nato.int/docu/handbook/2006/hb-en-2006.pdf

96.

NATO-Russia Relations: A New Quality (2002) NATO. Available at: https://www.nato.int/cps/en/natohq/official_texts_19572.htm

97.

NATO-Ukraine Action Plan (2002) NATO. Available at: https://www.nato.int/cps/sn/natohq/official_texts_19547.htm

98.

NATO-Ukraine Platform on Countering Hybrid Warfare (2023) NATO. Available at: https://www.nato.int/cps/on/natohq/news_221171.htm?selectedLocale=en

99.

NATO’s Open Door Policy (1999). NATO, Available at: https://www.nato.int/docu/comm/1999/9904-wsh/pres-eng/04open.pdf

100.

NATO’s outlook towards 2030 and beyond (2021) Speech by NATO secretary general Jens Stoltenberg at the event. Available at: https://www.nato.int/cps/fr/natohq/opinions_189089.htm

101.

NATO’s Response to Terrorism (2001). Available at: https://www.nato.int/cps/en/natohq/official_texts_18848.htm?selectedLocale=en

102.

Nicander

Arnevall

(2015) ‘Fingret i magen’: ryska utmaningar för svensk-finskt försvarspolitiskt tänkande. Stockholm, Sweden: Kungl Krigsvetenskapsakademiens Handlingar och Tidskrift, 129–135.

103.

Nikolov

(2024) Bulgaria will invest €6 billion in infrastructure to rapidly deploy NATO forces. Euractiv. Available at: https://www.euractiv.com/section/politics/news/bulgaria-will-invest-e6-billion-in-infrastructure-to-rapidly-deploy-nato-forces/

104.

North Atlantic Treaty (1949) 34 UNTS 243. Available at: https://www.nato.int/cps/en/natolive/official_texts_17120.htm

105.

Nye

(1990) Soft Power. Washington, D.C.: Foreign Policy, 80, 153–171.

106.

Opening remarks (2023) NATO. Available at: https://www.nato.int/cps/en/natohq/opinions_212041.htm

107.

Osadchuk

(2022) Russian War Report: Hacked News Program and Deepfake Video Spread False Zelenskyy Claims. Washington, D.C.: Atlantic Council.

108.

Papadimos

Stawicki

(2021) Hannah arendt’s prognostication of political animus in America: social platforms, asymmetric conflict, and an offset strategy. Open Journal of Philosophy 11(1): 85–103.

109.

Partnership Action Plan against Terrorism (2002). NATO, Available at: https://www.nato.int/cps/en/natohq/official_texts_19549.htm

110.

Partnership for Peace (1994) NATO. Available at: https://www.nato.int/cps/en/natohq/official_texts_24469.htm?mode=pressrelease

111.

Piella

(2022) NATO’s strategies for responding to hybrid conflicts. In: Hybrid Threats, Vulnerable Order. Barcelona: CIDOB - Barcelona Centre for International Studies, 47–52.

112.

Piotrowski

(2015) Hezbollah: The Model of a Hybrid Threat. Warszawa: The Polish Institute of International Affairs (PISM).

113.

Posaner

(2024) NATO’s Rutte says Russian attacks on Europe are ‘intensifying. Politico. Available at: https://www.politico.eu/article/natos-rutte-says-russian-hybrid-attacks-on-europe-are-intensifying/

114.

Prague Summit Declaration (2002) NATO. Available at: https://www.nato.int/cps/el/natohq/official_texts_19552.htm

115.

Preble

(2024) A credible grand strategy: the urgent Need to set priorities Security & strategy – reimagining US grand strategy program, january. Stimson. Available at: https://www.stimson.org/2024/a-credible-grand-strategy-the-urgent-need-to-set-priorities/

116.

Renz

(2016) Russia and ‘hybrid warfare. Contemnporary Politics 22(3): 283–300.

117.

Riga Summit Declaration (2006) NATO. Available at: https://www.nato.int/cps/es/natohq/official_texts_37920.htm

118.

Sadik

Yalcin-Ispir

(2023) Counter-terrorism. In: Research Handbook on NATO. Cheltenham, UK: Edward Elgar Pub, 253–266.

119.

Sari

(2020) Hybrid threats and the law: concepts, trends and implications. 3, hybrid CoE trend report, April. Hybrid CoE. Available at: https://www.hybridcoe.fi/wp-content/uploads/2020/07/Hybrid-CoE-Trend-Report-3.pdf

120.

Seventh progress report (2022) NATO and EU. Available at: https://www.nato.int/nato_static_fl2014/assets/pdf/2022/6/pdf/220620-progress-report-nr7-EU-NATO-eng.pdf

121.

SHAPE Public Affairs Office (2024) NATO marks the start of exercise Steadfast Defender 2024. Available at: https://shape.nato.int/stde24/newsroom/news-/nato-marks-the-start-of-exercise-steadfast-defender-2024

122.

Statement by NATO Defence Ministers (2015) NATO. Available at: https://www.nato.int/cps/en/natolive/news_121133.htm?selectedLocale=en

123.

Statement by the North Atlantic Council (2001). Available at: https://www.nato.int/cps/en/natohq/official_texts_18863.htm?selectedLocale=en

124.

Statement by the North Atlantic Council (2014). NATO, Available at: https://www.nato.int/cps/en/natolive/news_107716.htm?selectedLocale=en

125.

Statement by the North Atlantic Council (2022). NATO, Available at: https://www.nato.int/cps/en/natohq/official_texts_192404.htm

126.

Statement by the North Atlantic Council (2024). NATO, Available at: https://www.nato.int/cps/en/natohq/official_texts_225230.htm

127.

Stoltenberg

(2023) Opening Remarks. Brussels, Belgium: NATO.

128.

Strategic Concept (2010) NATO. Available at: https://www.nato.int/nato_static_fl2014/assets/pdf/pdf_publications/20120214_strategic-concept-2010-eng.pdf

129.

Strategic Concept (2022) NATO. Available at: https://www.act.nato.int/wp-content/uploads/2023/05/290622-strategic-concept.pdf

130.

Stuart

(2024) Sweden declines Orbán’s push for NATO negotiations. Politico. Available at: https://www.politico.eu/article/sweden-declines-orbans-push-for-nato-negotiations/

131.

Summary of the US National Defence Strategy (2018) US department of defence. Available at: https://dod.defense.gov/portals/1/documents/pubs/2018-national-defense-strategy-summary.pdf

132.

Symposium in Finland (2023) NATO. Available at: https://www.nato.int/cps/en/natohq/news_221179.htm?selectedLocale=en

133.

Thiele

(2020) Artificial Intelligence – A Key Enabler of Hybrid Warfare. Working Paper. Hybrid CoE. Available at: https://www.hybridcoe.fi/wp-content/uploads/2020/07/WP-6_2020_rgb-1.pdf

134.

(2021) How does NATO apply instruments of power as it prepares for the possibility of conventional warfare against a peer adversary? Applying a ‘DIMEFIL’ analysis. The Journal of Military History and Defence Studies 2(1): 133–149.

135.

To Prevent War NATO Must Spend More (2024) NATO. Available at: https://www.nato.int/cps/en/natohq/opinions_231348.htm

136.

Ukraine Compact (2024) EU. Available at: https://neighbourhood-enlargement.ec.europa.eu/news/ukraine-compact-2024-07-12_en

137.

UN General Assembly (1970) Declaration on principles of international law concerning friendly relations and Co-operation among states in accordance with the charter of the united nations. A/RES/2625(XXV). https://treaties.un.org/doc/source/docs/A_RES_2625-Eng.pdf

138.

United Nations High Commissioner for Refugees (2024) Emergency handbook - operational data portal. Available at: https://www.unrefugees.org/emergencies/ukraine/#:∼:text=There_are_nearly_3.7_million,(as_of_January_2024).&text=More_than_6.3_million_refugees,(as_of_January_2024)

139.

US National Securoty Strategy (2022) The white house. Available at: https://www.whitehouse.gov/wp-content/uploads/2022/10/Biden-Harris-Administrations-National-Security-Strategy-10.2022.pdf

140.

Van Weezel

(2010) NATO’s Comprehensive Approach CIMIC branch focuses on civilian-military cooperation. Marshall Center. Available at: https://www.marshallcenter.org/sites/default/files/files/2020-11/pC_V1N4_en_van_Weezel.pdf

141.

Versailles Declaration (2022) EU. Available at: https://www.consilium.europa.eu/media/54773/20220311-versailles-declaration-en.pdf

142.

Vilnius Summit Communiqué (2023) NATO. Available at: https://www.nato.int/cps/ge/natohq/official_texts_217320.htm

143.

Wales Summit Declaration (2014) NATO. Available at: https://www.nato.int/cps/cn/natohq/official_texts_112964.htm

144.

Wallander

(2000) Institutional assets and adaptability: NATO after the Cold war. International Organization 54(4): 705–735.

145.

Waltz

(1979) Theory of International Politics. Boston: Addison-Wesley Publishing Company.

146.

Waltz

(1993) The emerging structure of international politics. International Security 18(2): 44–79.

147.

Warsaw Summit Communiqué (2016) NATO. Available at: https://www.nato.int/cps/cn/natohq/official_texts_133169.htm

148.

Washington Summit Declaration (2024) NATO. Available at: https://www.nato.int/cps/cn/natohq/official_texts_227678.htm

149.

Weissmann

(2019) Hybrid warfare and hybrid threats today and tomorrow: towards an analytical framework. Journal on Baltic Security 5(1): 17–26.

150.

Wessel

(2016) Institutional lawmaking: the emergence of a global normative web. In: Research Handbook on the Theory and Practice of International Lawmaking. Cheltenham, UK: Edward Elgar Publishing, 179–199.

151.

Wijnja

(2021) Countering hybrid threats: does strategic culture matter? defence Studies. Defence Studies 22(1): 16–34.

152.

Zambakari

(2023) War in Ukraine: US, Russia, China and the return of the multipolar world. In: The Great Power Competition in Eurasia. Phoenix, USA: The Zambakari Advisory.