WASHINGTON — With potential attacks against Baltic nations by Russia fresh in the minds of European allies, both NATO and the European Union are focusing on strategies to either prevent or respond to “gray zone” warfare — unconventional tactics designed to remain below the threshold of conventional military conflict.
While such tactics have been seen from Russia since its annexation of Ukrainian territory in 2014, NATO planners believe they are evolving as Moscow studies how that alliance has operated in nations like Afghanistan.
“Our adversaries, our competitors around the world have observed how NATO has operated in Afghanistan. They also observed how coalitions of primarily NATO nations, but other nations as well, operated in the Middle East,” Maj. Gen. William Hickman, director of strategic plans and policy for NATO Allied Transformation Command in Norfolk, Virginia, told Defense News in an interview during a June 6 event.
“Because of that, our adversaries or competitors are seeing an ability to work below the level of Article 5. Or, as NATO would say, to work below the level of conflict."
Showcasing of electronic warfare capabilities in Syria, as well a cyberattacks and disinformation campaigns in Estonia, Latvia and elsewhere are examples of how Moscow is deliberately dancing just below the threshold of kinetic conflict.
Efforts among Western allies to counter such hybrid tactics, particularly those rooted in subversion, “cannot focus on Russia” or retaliation, according to a 2016 report from Project Gray Symposium, a joint endeavor of the U.S. Army’s John F. Kennedy Special Warfare Center and School, the Special Operations Center of Excellence, and the National Defense University. Rather, the focus must be on information operations and counter propaganda within those countries targeted by Russia’s subversion, the report stated.
For the European Union, that’s involved both countering false messages out of Russia and sharing threat information across member states.
“We have strategic communication teams looking at information coming from specific areas including Eastern Europe and Russia, then looking at what news is being published in our own media and trying to detect disinformation and fake news,” Pedro Serrano, the deputy secretary general of the External Action Service, the EU’s diplomatic arm, said during the same event. “We’re then issuing [notices] and correcting things that need to be corrected. We also have created a rapid alert system, where member states inform [allies] of any sort of disinformation or fake news to raise the level of awareness.”
That rapid response system is part of a broader approach to hybrid warfare — which merges information from intelligence sources with open sources across all sectors of society within the EU — to detect gray zone tactics targeting members. For example, the EU engages with major internet providers and social media outlets to identify and weed out misinformation and for assurance that certain cybersecurity standards are met.
The result is greater resilience and “collective engagement” across all 28 member states, Serrano said.
Likewise, resiliency among individual nations is the ultimate goal for NATO, “so if military forces were to have to reinforce Europe, the nations would be able to provide the resources and the infrastructure to support that reinforcement,” Hickman said. “The nations end up defending their nations, whether it be through technology built to survive, the [education of their own] populations or the stability of their own infrastructure."
Both Hickman and Serrano pointed to cybersecurity as a priority. Spurred in part by Russian cyberattacks on Estonia in 2007, NATO established cyber centers to provide lessons learned and educate member states on best practices, so each can work from a common playbook to defend their own networks. Similarly, the EU established the Agency for Network and Information Security to set standards and establish corrective measures for helping member states increase the security of their information systems.
“We are developing cyber response teams in order to assist member states that are under cyberattack, as well as a cyber response toolbox, which helps member states coordinate actions when they are victims of a cyberattack,” Serrano said.
Beyond the technological response to ensure recovery of systems, the response toolkit defines proper diplomatic actions — including when attribution of attacks or sanctions is appropriate. Such policy recognizes that doctrine is needed to define how to counter hybrid warfare tactics, as did NATO’s declaration in 2016 that a cyberattack could trigger Article 5 — that is, a military response.
Of course, NATO has not clearly defined what factors would influence a military response to a cyberattack.
“That would be a decision at the point in time of the 29 nations,” Hickman said. The factors are undefined purposely, he added, “because we may or may not have consensus, but you don’t want to publicize that.”