A Europe that protects: good progress on tackling hybrid threats

The European Union and Member States have made good progress in tackling hybrid threats through a number of concerted actions in a wide range of sectors to significantly boost capacities, shows the latest report adopted by the Commission and the European External Action Service.

The 22 measures identified under the 2016 Joint Framework on Countering Hybrid Threats and the 2018 Joint Communication on increasing resilience and bolstering capabilities to address hybrid threats range from improving exchange of information and strengthening protection of critical infrastructure and cybersecurity, to building resilience in our societies against radicalisation and extremism. Member States have received support through the framework, and the EU’s response to hybrid threats has been successfully tested, including in a parallel and coordinated way with NATO in a number of exercises.

Key findings

The report outlines detailed progress on a large number of areas, which include:

Strengthening strategic communications to tackle disinformation: The Action Plan against Disinformation, endorsed by the European Council in December 2018, is a key development of the last 12 months. In March 2019, a Rapid Alert System on Disinformation was set up to enable Member States and EU institutions to facilitate sharing of data and development of common responses, enable common situational awareness, , and ensure time and resource efficiency.

Cybersecurity and cyber defence: To deter and respond to cyber-attacks which constitute a threat to the EU and its Member States, a new sanctions regime was established on 17 May. This further expands the set of tools available to the EU Member States under the Cyber Diplomacy toolbox, a framework encompassing CFSP measures to respond to malicious behaviour in cyber space. The toolbox has been put to use on several occasions since the last progress report, most recently through the HRVP declaration on behalf of the EU on 12 April. Also, a range of projects and measures have been adopted to boost cybersecurity, including the April 2019 sector-specific guidance on cybersecurity in the energy sector that identifies the main actions to be taken by the Member States and energy operators in order to preserve cybersecurity and be prepared for possible cyber-attacks.

Chemical, Biological, Radiological and Nuclear related risk: the Commission, in cooperation with a number of Member States, developed a classified list of more than 20 chemical substances of concern. The Commission has also continued to engage with private actors in the supply chain to work together towards addressing evolving threats from chemicals that can be used as precursors.

Protection of critical infrastructure: The Commission, in cooperation with Member States, has finalised the work on developing vulnerability indicators for the resilience and protection of critical infrastructure against hybrid threats. The Commission also continues close engagement with Member States and third countries on efforts to diversify energy sources, for example by progressing on the geographical supply diversification via greater engagement with the United States on Liquefied Natural Gas (LNG) imports to the EU, as well as unlocking the potential of priority projects such as the Southern Gas Corridor and the development of East Med Gas.

Conclusions

Amongst the key achievements, a large number of legislative proposals have been adopted to underpin efforts at national and EU level – the Regulation on the screening of foreign direct investments into the EU is a recent example. Chemical and cyber sanctions regimes have been added to the array of response measures. Countering disinformation, election protection, cybersecurity, defence industry cooperation add on to the list of areas concerned but, by far, do not exhaust it.

More information

Access the complete news

Report

Factsheet on countering hybrid threats