One hundred and twenty-five pages on the hybrid threat in all its manifestations (cyber attacks, disinformation, cognitive dimensions), a call to prepare a “legitimate and timely reaction” and a request for a significant reinforcement of military personnel, “even about 10-15 thousand units dedicated to the cyber sector, the electromagnetic spectrum and new technologies”, with a strong operational branch capable of integrating into multi-domain operations. In not paper illustrated yesterday to the Supreme Defense Council by the minister Guido Crosetto there is no room for small talk: «We are under attack and the hybrid bombs keep falling: the time to act is “now”».
Systemic and simultaneous crises, “just enduring it is not enough”
This document is structured starting from the “what” (definitions, actors and tools), continuing with the “where” (vulnerability analysis by sector) and ending with the “how”, namely the response and action path. The section on alliances (NATO, EU and G7) shows the framework and constraints facing Italy. As a case study, the focus on the Russian-Ukrainian conflict cannot be ignored and in the appendix there are references to cyber organizations from Germany, the UK, France, Spain, the United States and Canada. «Containing it alone is not enough», writes Crosetto in his foreword: «We cannot think of dealing with hybrid threats with a sectoral or one-dimensional approach because the resulting crises will be increasingly systemic and simultaneous. It is important to develop, with clear tools and quickly, the capacity to carry out predictive and adaptive actions aimed at preventing, deterring and absorbing hybrid attacks.”
From Russia to China, these are the hostile foreign actors
The protagonists of this hybrid threat are “hostile” foreign actors: authoritarian states – among the countries highlighted in this report are Russia, China, Iran and North Korea – and non-state organizations acting as agents or proxies implementing synergistic actions in various fields (diplomatic, informational, military, economic-financial and intelligence). With clear objectives: «Eroding the resilience of democracy, weakening citizens’ trust in institutions, dividing society, influencing public opinion with false information». Attack where the target country’s systemic weakness or dependency is greatest.
In Italy, +53% cyber attacks in the first half of 2025, SMEs are easy targets
Italy is aware of this: the greatest risks lurk in the energy sector, given its dependence on imports, critical infrastructure, from ports and airports to the power grid, and in the political-social ecosystem, which is vulnerable to foreign interference, disinformation campaigns and the exploitation of social divisions. «Incessantly – which is not stated on paper in black and white – our country receives dozens of cyber attacks and suffers from them in all areas and at all levels». Data collected by the National Cybersecurity Agency shows clearly: in 2024, there were 1,979 cyber events and 573 managed incidents (48 per month): +40% and +89% respectively compared to 2023. The number of victims was 2,734 people. In the first half of 2025, 1,549 events were recorded, 53% more than in the same period the previous year. And the number of accidents whose impact was confirmed was 346.+98 percent. «Impressive figures – says the document – and continuing to rise». The health sector is the sector most affected, but so is the manufacturing sector, which is largely due to the large number of small and medium-sized businesses that are “without adequate defensive structures” and are therefore more vulnerable to threats. ransomware. Soft targets, the report defines them.
Up to 15 thousand more soldiers and civilian volunteers for cyber reserves
Examining the responses of NATO, the EU and countries such as the United States, Britain, France and Germany, Defense outlines what must be done: we start from joint command to integrate the cyber, electromagnetic and cognitive spectrum domains with the development of specific military capabilities in the cyber domain and in the information and cognitive environment, starting from the creation of a “defensive cyber reserve” to support the cyber workforce (operational and other parts composed of “civil volunteers”) to the strengthening of military personnel with 10-15 thousand more units dedicated to cyber, the electromagnetic spectrum and new technologies; Come on cyber command foreign military systems as national reference points for the protection of critical infrastructure and the fight against cognitive manipulation strengthening links between the defense and intelligence sectors.
