This IWI Project Europe Fireside Chat examines Belgium’s perspectives on hybrid warfare, with a particular focus on cyber-attacks and information warfare. To do so, we welcomed one of Belgium’s key figures in the cyber domain: Major-General Pierre Ciparisse. Appointed in September, General Ciparisse serves as Commander of the Belgian Cyber Force and simultaneously heads the Belgian Cyber Command, the cyber pillar embedded within the Belgian Military Intelligence Services, responsible for addressing the full spectrum of cyber-related challenges.
The first part of the fireside chat explored General Ciparisse’s understanding of hybrid threats and the defining characteristics of this broad concept. He highlighted two core features: ambiguity and asymmetry. Attribution of hybrid attacks remains time-consuming and analytically complex, often resulting in assessments that retain a degree of uncertainty. This ambiguity, combined with asymmetry, forces defenders to invest significant resources to maintain an effective defensive posture against a wide array of potential threats. We also discussed whether hybrid threats are genuinely novel, or merely “old wine in new bottles.” While General Ciparisse partially agrees with this characterization, pointing to historical precedents such as SOE operations during the Second World War, he stresses that cyberspace has fundamentally altered the scale and reach of such activities. Cyberspace, he argues, must be understood across its physical, logical, and cognitive layers, all of which significantly expand the potential for hybrid operations.
Technology plays a central enabling role in this evolution. General Ciparisse highlighted artificial intelligence as a force multiplier for adversaries, particularly in the domains of information warfare and cybercrime. AI enables the rapid generation of large volumes of highly credible content, as well as more sophisticated phishing campaigns. At the same time, he emphasized that AI also holds considerable promise for defensive applications. The key challenge lies in the pace of technological acceleration, which demands sustained investments in skilled personnel and analytical capacity to keep pace.
General Ciparisse also provided insights into the current threat landscape, distinguishing between the evolution of attack techniques and the actors behind them. As malware and tools can be reused and adapted, the overall number of attacks is increasing, resulting in a clear acceleration in both cyber-attacks and disinformation campaigns. While Russia is a prominent actor, it is by no means the only one. For instance, Belgium regularly experiences DDoS attacks following public expressions of support for Ukraine. China, by contrast, is primarily associated with cyber espionage activities. Despite these trends, General Ciparisse remained cautiously optimistic, noting that most attacks have thus far not been sufficiently disruptive to cause systemic harm. However, he warned of the potentially disastrous consequences of coordinated, multi-vector attacks; particularly against critical infrastructure.
The discussion then turned to Belgium’s cyber ecosystem and the division of responsibilities among key actors countering hybrid threats. These include the Centre for Cybersecurity Belgium, which is responsible for the national cybersecurity strategy; the Belgian State Security Service, focusing on internal threats; and the Cyber Command within Military Intelligence, addressing external threats. When threats escalate beyond a certain threshold, the Crisis Centre is activated to ensure broader coordination. Strategic communication and the media also play a crucial role, particularly in countering and debunking disinformation.
Adopting a whole-of-society approach, General Ciparisse underscored the importance of enhancing citizens’ critical awareness; both in their use of AI and in how they consume information. He also emphasized the vital role that large industrial players can play in strengthening societal resilience in the cyber domain. As he succinctly put it, “it takes a network to defeat a network.” In Belgium, this collaborative approach is exemplified by Agoria’s “Cyber Made in Belgium” initiative, which brings together key national cyber stakeholders.
Finally, the fireside chat addressed the role of cyber forces within broader military campaigns, particularly below the threshold of armed conflict. General Ciparisse reflected on the feasibility of synchronizing cyber operations with conventional military activities to maximize effects against an adversary, drawing lessons from the war in Ukraine. He identified three phases: first, operations below the threshold of conflict aimed at destabilizing the population; second, a brief phase at the onset of the invasion in which cyber and kinetic operations were more closely aligned (though limited by the long preparation times required for cyber access); and third, the ongoing use of cyber capabilities to support targeting processes, for example by enabling the detection of targets for kinetic strikes. Together, these phases illustrate both the potential and the constraints of cyber operations within modern military campaigns. He ultimately concluded that while the cyber domain must be taken into account, it is insufficient by itself to determine the outcome of wars.
Views expressed in this article solely reflect those of the author(s) and do not reflect the official position of the Irregular Warfare Initiative, Princeton University’s Empirical Studies of Conflict Project, the Modern War Institute at West Point, or the United States Government.
Leave a Reply