The Iranian Hybrid Warfare Operations in the Middle East

Iran Hybrid Warfare Operations
Navy of the Army of the Guardians of the Islamic Revolution commandos in the Strait of Hormuz, Persian Gulf. February 2015. (sayyed shahab-o- din vajedi/Wikimedia Commons)

Iran is applying hybrid warfare operations in the Middle East to advance its final goals and discourage a West intervention in the region.

Key Judgments

KJ-1.    It is highly likely that Iran will keep targeting Saudi and Israeli energy companies and government entities, disrupting the power balance in the region. By doing this, Iran will also pressure the United States to decrease the economic sanctions imposed on the country.

KJ-2.    It is highly likely that Iran will try to influence the next presidential election in Iraq in October 2021. Its final aim is to regain its strong presence in the neighbouring country.


On the 3rd of August 2021, Sayyid Ebrahim Raisolsadati, also known as Ebrahim Raisi, became the new president of the Islamic Republic of Iran, putting an end to Hassan Rouhani’s presidency.

Raisi, who held various posts in the Iranian judicial system since the Islamic Revolution in 1979, won the presidential election with only 17.9 million votes, due to the low turnout.

Raisi inherited a country affected by poverty and healthcare and economic crisis. Iran is also exacerbated by the international sanctions, first introduced in 1979.

Official relationships between Iran and Saudi Arabia (KSA) were cut in 2016, when the Saudi embassy in Iran was attacked, following the execution of a Shia cleric on behalf of Saudi Arabia.

Moreover, KSA opposes the Joint Comprehensive Plan of Action (JCPOA), the nuclear deal between the US and Iran, which is deeply affecting the Iranian economy.

Foreign Cooperation

Iran is trying to expand its influence and power within the Middle East region. In 2021, it signed two cooperation agreements, respectively with Russia and China.

In January 2021, Iran and Russia signed a cooperation agreement on information and communications technology (ICT) and cybersecurity. Defence capabilities and the sharing of information are at the centre of this cooperation.

In March 2021, China and Iran signed the Joint Comprehensive Strategic Partnership between the Islamic Republic of Iran and the People’s Republic of China. This 25-year cooperation will strengthen their economic and political alliance. From the security point of view, the two countries will share intelligence and increase their defence and military cooperation.

Hybrid Warfare Operations in Saudi Arabia and Israel

Since 2019, the Iranian Navy and its proxies, such as the Houthis, are implementing hybrid warfare operations against KSA and Israel. They are conducting attacks against Saudi and Israeli infrastructures using small boats to seize and attack other vessels, and naval ships to hinder oil tankers.

In May 2019, more than half of the oil production of Saudi Arabia was taken offline for some weeks, due to the various drone attacks on the main production facility in the country.

Iran exploits its capabilities in the cyber realm to commit theft of intellectual property and to target energy supplies in the Gulf and the US.

Since 2015, Iranian companies were able to hack into international companies and governments, and steal a huge amount of data. In 2020, Mabna Institute managed to exfiltrate more than 31 terabytes of intellectual property and data from universities and various governmental entities, such as the US Department of Labor, and the State of Hawaii.

Mabna Institute is a private government contractor that operates on behalf of the Iranian Islamic Revolutionary Guard Corps (IRGC).

The Iranian proxies

On the 7th of March 2021, Yemen’s Houthi rebels, supported by Iran, attacked with ballistic missiles, and explosive-laden drones the Ras Tanura port, an oil port in Saudi Arabia, and the city of Dhahran, where one of the residential compounds of Saudi Aramco is located.

According to the Houthis military spokesman, Brigadier Yahya Sareea, the militia group is targeting Saudi Arabia and its oil facilities because of its role in the Yemeni war.

As part of its hybrid warfare operations, Iran is targeting Saudi Arabia and its oil tankers in the region. This is a reaction to how Donald Trump dealt with the Iranian sanctions and regain regional supremacy.

By attacking the Saudi oil facilities, Iran is causing the rising of oil prices. Consequently, this could put pressure on the United States to relax the sanctions. Since 2015, when the US withdrew from the JCPOA, Iran has lost in oil export revenues more than $120 billion.

Between April and July 2020, Iran targeted Israeli many water facilities. Their malfunctions caused irregularities and unplanned changes in data.

Iranian Drones

On the 29th of July 2021, a suicide drone attacked an oil tanker run by Zodiac Maritime, an Israeli company, off the shores of Oman. Both the US and the UK accused the Iranian government of being responsible for the act.

This attack fit the pattern of past offensives carried out between Iran and Israel. Since 2019, more than 150 attacks have occurred in the eastern Mediterranean coast, the Red Sea and Gulf waters. Israel as well targeted ships headed to Syria, carrying Iranian military supplies and oil.

Hybrid Warfare Operations
Iranian suicide drone, DeltaQuad VTOL surveillance UAV; via Wikimedia Commons / Bridges For Peace

In the last years, Iran built a drone army and sent them and their technology to Iraq, Syria, and Yemen. Iranian leaders stated more than once that Israel should “be wiped from the map”. Iran, with its drone army and missile forces, poses a real threat to Israel.

These methods and strategies implemented by Iran are part of Iran’s hybrid warfare operations. Thanks to its new agreement with Russia, Iran was able to take a cue from Russian strategies and apply them. The same methods that Russia employed in Ukraine, are now applied by the Iranian government against KSA and Israel. In order to advance its final goals and discourage a West intervention, Iran is using hybrid warfare operations.  


It is highly likely that Iran will keep targeting Saudi and Israeli energy companies and government entities, disrupting the power balance in the region. By doing this, Iran will also pressure the United States to decrease the economic sanctions imposed on the country.

Hybrid Warfare Operations in Iraq

Raisi’s goals in Iraq are to cement Iranian influence and hinder any Iraqi attempt to find new economic partners. Raisi is aiming at isolating Iraq from the West, and especially from the US.

Moreover, with the IRGC’s help, which can increase the military and political pressure on the US, Raisi will try to expedite the eviction of the US forces from Iraq. Once again, in order to regain trust and influence in Iraq, Iran applied hybrid warfare operations in the neighbouring country.

Iraq and its territories are significant for Iran. The latter would like to keep its predominance on the Shia population, which constitutes 60% of the whole country. In the last three years and since the Iraqi liberation from ISIS, Iran lost influence in the neighbouring country.

If in 2016 the 70% of the Iraqi Shia population was favourable to Iran influence, in 2019 was only 15%. The increase of illegal drugs coming from Iran to Iraq caused hostility against Iran. Secondly, the economic crisis in Iran negatively impacted the Iraqi one.

Many Iraqi companies had to shut down because they were not able to compete against the Iranian prices. These were below market price, due to the open-door policy applied by the Iraqi government towards Iranian products.

Raisi’s Strategy

With Raisi in charge, the Quds Force and the IRGC will try to regain the lost control over Iraq. After the overthrown of the Ba’athist regime, Shia politicians supported the formation of Shia militias. These were then advised and armed by the IRGC. Iran provided these militias with short-range ballistic missiles, drones, and sophisticated rockets, which can undermine the US presence in Iraq.

The various attacks that hit the United States were also a way to avenge the death of Qasem Soleimani, IRGC-Quds Force former commander. Soleimani was killed by a strike ordered by the Trump administration in January 2020.

Hybrid Warfare Operations
At the bottom, there is an Iran-made Dezful medium-range ballistic missile and Zolfaghar road-mobile single-stage solid-propelled liquid-fuelled missile; via The Trumpet

Iraqi Shia militias backed by Iran keep targeting US military bases in Iraq. The US arrived in the country in 2019 to help Iraq fight against the Islamic State. These militias, whose commanders are also part of the Iraqi government are targeting the 2,500 American military personnel. Iraq is at the centre of the conflict between Iran and the US, which intensified after the US withdrew from the JCPOA.

The October Elections

In October 2021, the parliamentary elections will take place in Iraq and, consequently, the election of the President and the Prime Minister.

The current Prime Minister, Mustafa al-Kadhimi always tried to curb the Iranian influence in Iraq. He also gave some of the most important security positions within the government to commanders that were not pro-Iran.

This political approach can only be maintained if the international arena will exert pressure on Iran and will find an agreement on the JCPOA.

Moqtada al-Sadr, a prominent political figure, decided not to take part in the October elections, withdrawing his support from the government and distancing himself from it. Sadr is opposed to the American presence in Iraq and does not want Iraq to be influenced by Iran. According to Reuters, Sadr decided to withdraw his candidacy due to an Iran-backed Shi’ite groups campaign aimed to blacken Sadr’s and his movement reputation.

Even though Sadr withdrew from the elections, he did not dismantle the Sadrist Movement, which could maintain some seats in the parliament. Sadr represents a threat for Iran and its militias, which now have more chances to install their influence in Iraq.  


It is highly likely that Iran will try to influence the next presidential election in Iraq in October 2021. Its final aim is to regain its strong presence in the neighbouring country.


Social Media Influencers and Cyber Warfare

(Cyber operations specialists of the 780th Military Intelligence Brigade. Image retrieved via Fort George Meade Flickr)


As the number of influencers grow on social media and the internet, countries are recruiting them for a new dimension of cyber warfare. Governments are utilising new forms of psychological operations and censorship of dissidence via social media, by recruiting influencers or flooding pages with post. (Source)

Key Judgement 1:

It is highly likely that nations are utilizing social media influencers to crush dissent and spread state-approved views and messages.

  • Modern intelligence continues to grow into the digital world, and nations see that social media is increasingly important. As most political dissidence occurs online, nations are rushing to control their own populations through any means. 

  • Social media manipulation is observable in countries across the world. Vietnam had a psychological warfare unit known as “Force 47”, who pose as pro-government pages and profiles while leading civilians to report antigovernmental posts. Furthermore, Kenya was also found to have paid social media influencers to use hashtags that promote government policies. (Source)

  • In the coming future, it is likely that more countries will recruit military units or civilians to communicate government-approved messages and narratives. This power will be used to thwart dissidence online.

Key Judgement 2:

It is highly likely that nations will use social media influencers in other nations abroad to stir dissent or curry favor to one side before or during a hybridized conflict. 

  • Warfare has now evolved to the fifth generation of itself. Hybridized warfare is used in power projection and psychological operations. Social media influencers are another tool used in this new capacity of warfare. 

  • Russia has been found doing so in Ukraine, where media-groups that are controlled by Russian entities favor Russian separatists. Also, Russia leaked a phone call between Putin and Petro Poroshenko to propagate the idea that Ukraine’s leader was not in favor of their own sovereignty. (Source)

  • The United States also has measures deployed in Latvia called “techcamp” – a combination of government and civilian assets to empower Russian-speaking Latvian social media influencers to speak out against Russian measures in the region. (Source)

  • There is a high incentive for countries to use hybridized techniques and modern psychological tactics. This is to either diminish sovereign authority in rival nations, or to strengthen another country’s authority against another. Regardless, countries will continue this soft cyberwar to win hearts and minds and to curry opinions in other societies and nations. (Source)

(Headquarters of the Internet Research Agency, a Russian online social media influence operation. Image retrieved via Politico)

Key Judgement 3:

It is likely that many nation’s population will be a “collateral damage” in terms of these types of operations. 

  • Recent flare-ups in the Israeli-Palestinian conflict have garnered celebrity support for both populations, however most of these influencers and celebrities are not from either country. Many celebrities in the United States and United Kingdom took stances against either side on social media. (Source

  • While this does not seem deliberate from the Israeli government, in the future other governments may use this ability to garner support for a cause in another nation and possibly lead to division and instability within other nations, or to garner a response from a more powerful nation to intervene on their side. This conflict in particular has caused violence indirectly in other parts of the world already. (Source)  

  • With social media and its algorithmic design becoming increasingly prevalent, countries are bound to illicit debate and favor their side in third-party nations. This favouritism is done to broaden their cause, or force an intervention by another country.


The Montoneros: Hybrid Political-Guerrilla Terrorist Organisation

The Montoneros was a hybrid political-terrorist organisation that operated in the 1970s and 1980s in Argentina. With ideology as a driver, hierarchical structure with overt and covert capabilities suffered from a logistical change to a clandestine nature.

Why does this matter?

With Juan Domingo Peron in exile in Madrid in 1970, the Montoneros were born as a terrorist-insurgent organisation lobbying for Peron’s return to Argentina. The Montoneros achieved significant attacking and networking capabilities in the decade, considering their outlawing in 1975 and their loss of capabilities in 1976 with the arrival of Jorge Rafael Videla’s military dictatorship. The ideological driver of the group associated with Peronism highlights the trait of a political-terrorist hybrid organisation.

  • Isolating all military-related branches in La Havana with aid from the Cuban government likely highlights an ideological approach within attacks and targets. Targeting figures responsible for the exile of Peron like Pedro Aramburu in 1970 is an indicator of a preferred profile of targets.
  • The existence of training camps and elite units highlight the violent nature of the group despite propagandistic political actions. Any political support was rejected by the shift of Peronism towards a right-wing ideology. Montoneros’ propaganda campaigns had little visible effect during the dictatorship.
  • Videla’s military dictatorship brought the hybridity of the organisation to light. Targeting capabilities within Argentina were heavily reduced. Propaganda became an increasingly used methodology while the military branch continued to provide aid to Central America leftist governments and militias, including counterparts in Africa.

Importance of Context

The concept of hybridity to define the Montoneros can and should be used as an attempt in defining Peronism. The complexity of the ideology, nicknamed the ‘third position’, points at separation from the right and left-wing currents during the Cold War. Consequently, the movement has been described as both right or left-wing, but populistic policies remain at the heart of the ideology. Considering the Montoneros a purely left-wing branch within the Peronist movement reduces the attention placed on kidnappings and violence. On the contrary, pointing to the violence, logistics, and terrorist nature fails to provide political and social context for the drivers of the Montoneros, leading to a hybrid political-terrorist organisation.

The dictatorship of Videla hampered Montonero’s capabilities at organising and targeting objectives. Attacks occurred on a smaller basis, while less visible actions like propaganda campaigns were introduced to project human rights violations carried out by Videla. A figure close to 30,000 disappearances which include torture, rape, and executions were carried out under the rule of the dictator. The rise and fall of the government in 1982 following the conflict in the Falklands did not have a direct effect on the Montoneros. The hybrid political-terrorist trait allowed the group to maintain a weak structure despite dropping financial support from the Castro regime.

The Montoneros:Tactics, Techniques and Procedures

 Considering guerrilla warfare to be their specialty, the Montoneros had at their peak in 1973 a recruitment pool of 2,500 combatants with around 11,000 sympathisers. Counter Insurgency (COIN) and a focus on Montoneros weakened their capability in 1976, dropping the number of combatants to 300 within Argentina in 1977. Considering ideology to be a part driver of the terrorist organisation, support by Juan Peron’s government was likely crucial for the maintenance of capacities. The decision to outlaw the Montoneros likely pointed towards a lack of capability to function in a clandestine nature, as was seen by the split within Montoneros in 1979 of the political and military branch.

The Montoneros

Training functioned through 3 processes where potential combatants were screened and trained. Sites of training included Argentina as well as Brazil, Cuba or Lebanon, highlighting the international network of Montoneros which became prominent under the leadership of Videla. While the concept of hybridity does explain the nature of the Montoneros, the particular training with Improvised Explosive Devices (IED) highlights the original shift from kidnappings and robberies to targeted organised attacks, increasing the military-clandestine role of the terrorist group.

The Montoneros

Executions and kidnappings are the status quo of Montoneros’ methodologies in Argentina although the time frame provides a difference within methodologies. Until being outlawed in 1975, the organisation was lawful and managed to have a significant base of combatants. Aramburu, considered partly responsible for the fall of Peron in 1955, was kidnapped by 2 combatants dressed as armed forces personnel, and later executed after a mock trial.

According to a CIA report, a Buenos Aires businessman named Soldatti in 1979 was killed after his car was trapped while driving by other vehicles. After opening fire, his car exploded killing him and his driver. It is almost certain that Montoneros’ attacking methodologies were influenced by their context and overt support from the government. The organisation showed a degree of adaptation to insurgency tactics. Nevertheless, the hybrid political-terrorist organisation likely suggests that without a minimal degree of overt governmental support, the tactics employed would only alienate the group further from achieving political influence in Argentina.

International Network

One of the indicators that projects the importance Montoneros placed on attacking capabilities was its organisational structure and the division between Mexico and Cuba. In 1982, with the fall of the dictatorship, 60 combatants reportedly remained in Argentina compared to the 300 exiled. While the political branch was established in Mexico City, the intelligence, counterintelligence and ‘weapons and logistics’ branches were all established in La Havana. The Cuban capital acted as a springboard for the organisation to provide aid to other leftist militias or organisations like the Sandinistas or Costa Rican militias. While the hybrid political-terrorist component is significant and defines the multi-faceted nature of the organisation, a driver towards armed action highlights the violent nature under which the Montoneros approached each issue.

The political branch in Mexico established clandestine propaganda radios in Costa Rica and in Buenos Aires during the 1978 World Cup, with little visible effect. In comparison, the effectiveness of international networks provided the military branches with contacts outside the continent. The Palestinian Liberation Organisation (PLO) established contacts with the Montoneros in Beirut and Mozambique. The former for IED training courses and exercises, which several dozen Montoneros attended, while Mozambique in 1984 served as a liaison. Financially backed by Cuba until the Falklands, ideological rifts within the Montoneros created a separation. On one side, those seeking a lawful integration within the political system like leader Firmenich, exiled in Brazil until his extradition to Argentina in 1984. On the other side, those looking to continue the armed conflict like Cuba which was likely interested in maintaining a structure similar to a guerrilla network.

While Videla’s dictatorship cooperated with the United States, the complex nature of Argentina’s environment provided an opportunity for the Montoneros to create and use a hybrid political-terrorist organisational approach. Overt and covert functions covered both components of the profile of the Montoneros. While each branch operated and potentially sought to formally divide the organisation, eventually both violent and non-violent approaches were likely connected due to a similarity in origin and ultimate objective.

Image: Pajaro Rojo (link)

Image2: Infoveloz (link)


QUAD aka Asian NATO Revived as Hybrid War Intensifies

Chinese intelligence operations in Australia

Even if the trade war de-escalates, it is unlikely that Chinese vs Australian bilateral relations will improve significantly. This article explores the breakdown of relations, revelations of Chinese intelligence operations in Australia, and the Quad. The outlook will be assessed, with a potential clandestine military outpost being built 200km away in Papua New Guinea.

 Key Judgements

  • Australia’s geopolitical stance and role in the Five Eyes (FVEY) intelligence alliance, comprising the US, UK, Canada, and New Zealand, places the nation at odds with Beijing.
  • China’s intensified military modernisation and aggressive bid for hegemony via hybrid warfare in the region alarms Australian officials and key allies. This is supported by the revival of the Quadrilateral Security Dialogue (Quad/Asian NATO) in 2017. The US, Japanese, Australian, and Indian security framework is seen as a direct threat to Chinese interests.
  • China and Australia’s ongoing hybrid warfare has led to a trade war that has resulted in blackouts in China, while 6% of Australia’s GDP is at risk.


Bilateral relations unravelled leading up to 2020 reaching a concerning status quo. Following reports of Chinese election interference in Australia’s capital Canberra, 2017, Australia bans foreign political donations. In 2018, Australia bans covert foreign interference in the political process and outlaws foreign industrial espionage. Di Sanh Duong, president of the Oceania Federation of Chinese Organisations, is linked to Chinese intelligence. November 2020, Duong becomes the first person charged under the 2018 laws following a Counter Foreign Interference Task Force investigation.

Citing national security concerns, Australia was the first FVEY member to ban Huawei 5G infrastructure in 2019. A further 10 Chinese investment projects were also blocked. Members of the alliance have also followed suit, a move met with severe criticism from China. The 5G infrastructure posed a foreign intelligence gathering threat and risked potential access to the national grid and critical infrastructure. Huawei lobbied relentlessly to avoid denial from Western markets, calling the claims baseless.

Between 2019-2020, Australia ramped up political pressure on China, publicly criticising aggressive foreign policy in the South China Sea and Taiwan. Australia also criticised aggressive power consolidation in Hong Kong and human rights concerns over Uyghur Muslims in Xinjiang. Australia called for an inquiry into the origins of COVID-19, which beyond a reasonable doubt, increased existing tensions. The hybrid warfare in the information space is evident. In November, a Chinese Foreign Ministry official tweeted a doctored image of an Australian soldier holding a knife to an Afghan child. This was in response to an investigation revealing Australian special forces unlawfully killed at least 39 civilians in Afghanistan. Australian calls for an apology are rejected.

China’s foreign policy focuses on aggressively promoting Chinese interests internationally. Criticism that this is against the international order is met with the argument that this order was tailored to benefit the West, not China. Australian tensions are perceived as an extension of US influence in the region and Xenophobia. China being Australia’s largest trading partner, at face value Australia almost certainly has more to lose, economically. The information warfare in Sino-Australian relations is unlikely to de-escalate in the short-term.

Trade War

China totals 35% of Australia’s trade, in contrast, Australia totals 6% for China. In the economic soft power frontier, China orchestrated its strategy from a position of power. In May, an 80% tariff on Australian barley imports were imposed, threatening the $1.5 billion trade between the nations. Next in line was Australian beef imports, citing ‘technical issues’ rather than a response to the COVID-19 inquiry calls. Coal became the next target, placing informal quotas that led to $700 million worth of Australian coal delayed at ports. Lobster, cotton, and wine faced dubious screening practices, stranding imports. A 200% tariff on wine imports followed, diminishing a $6 billion industry. Timber is now the latest target on grounds of contamination issues.

Chinese intelligence operations in Australia

Timing of these measures, with a deterioration of relations, make the assessment that China is attempting to ‘punish’ Australia accurate. Iron ore imports, a $41 billion trade industry, leaves China dependent on Australian imports (supplying 60%). Measures on iron ore have seen a sharp rise in the price, to the dismay of Chinese steel mills. A similar response from Australia would highly likely leave significant portions of Chinese steel mills closed. The coal sanctions may likely have backfired. In 2019, 57% of thermal coal imports were from Australia. Several provinces in China have faced partial power blackouts from the lack of energy. By ‘punishing’ Australia, China sends an unintentional international message that economic dependence comes with strings attached. There are no winners in this dispute.

Intel Ops

Chinese intelligence operations in Australia are enormous in scale. Zhenhua Data, a Shenzhen company openly linked to Chinese military intelligence, is relevant evidence. A leak revealed a global database of 2.4 million people of interest to the Chinese Communist Party (CCP). 35,558 Australians were on the database, including politicians, lawyers, executives, and military officials. The database utilises open-source and dark web intelligence collection on individuals. Chief executive Wang Xuefeng endorses hybrid and psychological warfare. The company claims it has 20 ‘collection nodes’ globally. Two nodes were discovered in the US and South Korea. Australia’s node remains hidden. This revelation and a suspected June Chinese cyber-attack on Australian infrastructure decrease the likelihood of positive relations between the nations.

Asian NATO and Chinese ‘Exploration’

In November, the Quad alliance held its largest naval military drills in the Indian Ocean. This move is a direct message to Chinese ambitions in the Indo-Pacific. The Quad, founded in 2007, disbanded following Chinese and Australian criticism. The geopolitical landscape is now different. Quad alliance members are at odds with CCP policies in the region. China claims the energy-rich Paracel Islands, ignoring the Philippines, Malaysia, Vietnam, and Taiwan claims. A 2016 UN tribunal labelled Chinese claims unlawful. The Quad itself has no coherent strategy to address their Chinese competition.

Quad discussions to create a belt and road initiative alternative failed. It is unlikely the Quad at present will sway Chinese ambitions significantly. A $200 million fishery complex to be built 200km at Daru Island supports this. The area has no commercial fishing activities. CCP controlled fisheries are trained to support the military. Armed fishing militias play a major role in CCP strategy. These militias have engaged in hybrid warfare with US naval vessels. The new base not only provides China with a new intelligence base but a potential military launchpad in the grey zone and further Chinese intelligence operations in Australia.


Image: NHK World (link)

Image2: Lijian Zhao / Twitter (link)

Image3: Vietnam Times (link)


Hybrid threat?

Hybrid threat

The 4th March poisoning of Sergei and Yulia Skripal with a Novichok nerve agent has once again brought Russia, and its foreign affairs strategy, to the fore of Western politics. As such, the ‘Fusion Doctrine’ recently announced by Theresa May, which will allow the UK to utilise a wide spectrum of resources to counter Russian aggression, has reignited interest in the concept of Russian ‘hybrid warfare’ and its “Hybrid Threat” among the intelligence community.

The Russian intelligence services remain notoriously secretive, despite the insights and documents revealed by defectors such as Vasili Mitrokhin and Oleg Gordievsky, and the controlled release of sensitive information after the collapse of the USSR. It is therefore unsurprising that they have yet to be fully understood by Western intelligence practitioners. Whether Russia follows a consistent strategy when conducting their foreign intelligence operations is a question which has particularly fascinated experts in recent years. In February 2013, the chief of the Russian General Staff, General Valery Gerasimov, published an article that gave the perspective of a senior military leader on the future of war. While this piece was not remarked upon in the West after its publication, it has been heavily scrutinised in the wake of the 2014 Russian intervention operation in Ukraine.

Within his article, Gerasimov remarks that “The very ‘rules of war’ have changed”, suggesting that non-military means have become more important than weaponry when conducting military operations. By urging greater cooperation between the Russian military, intelligence agencies, and the Academy of Military Sciences, Gerasimov highlights the importance Russia places upon the information sphere, and the use of political, diplomatic, and other measures in winning wars. This article has become the focus of recent Western efforts to understand Russian military and intelligence strategy, leading to a theory of ‘hybrid warfare’, in which a combination of conventional and unconventional warfare is utilized. This has become the principal term in which Russian intelligence is discussed by Western theorists, and now (it seems) politicians, leading to the suggestion that the strategy currently being used by Russian in its foreign intervention operations is frighteningly new and unpredictable.

Despite its recent popularity, however, the concept of ‘hybrid warfare’ is largely unhelpful when applied to Russian intelligence strategy. It was a term coined in 2009 by Frank Hoffman, who did not mention Russia at all when describing his theory, perceiving no uniqueness in a Russian incarnation of the strategy. Furthermore, intelligence scholars Michael Kofman and Matthew Rojansky have pointed to the imprecision of the term, which is simply a new word to both define a combination of previously defined types of warfare in order to make sense of the 2014 Ukrainian security crisis. Most importantly, notions of a Russian strategy of ‘hybrid warfare’ assume that Russian actions in Ukraine are unprecedented and unpredictable. Despite a multitude of recent discussions about the form which modern Russian military strategy assumes, a coherent Western understanding of Russian intelligence strategy during foreign intervention operations remains elusive. 

In actuality, when Russian intelligence strategy is examined throughout a number of foreign intervention operations, it becomes apparent that there are notable consistencies in the ways in which the intelligence agencies have conducted themselves since the 20th century and beyond. A Russian ‘hybrid threat’ is therefore nothing new. For example, the use of the information sphere has been cited as a defining characteristic of this new Russian way of working. However, the use of ‘dezinformatsiya’ (disinformation), as a method of promoting the Russian state while simultaneously reducing popular trust in alternate governments has been utilised before this new buzzword.

Prior to the second Chechen invasion, the Kremlin used a Russian Information Centre, which released videos of Chechens killing Russian soldiers in the First Chechen War, as a tool to denounce Chechen separatists as terrorists in order to legitimise another intervention. This use of the newly established internet easily parallels Russian use of social media during the Ukrainian conflict and in influencing the US 2016 election. The covert nature of recent influence campaigns is equally traceable to the KGB use of ‘front organisations’ such as the World Peace Council during the Cold War in order to undermine Western narratives and willingness to invest in defence. ‘Hybrid’ warfare is thus far from a new doctrine.

Hybrid threat

This remarkable consistency in Russian strategy can be explained. Gerasimov states that “In the twenty-first century we have seen a tendency towards blurring the lines between the states of war and peace”, thereby linking hybrid warfare doctrine to Russian activities. This mentality is undeniably held by Russian intelligence practitioners, who have consistently made use of the information and political spheres, as well as non-combatants. However, far from being the new phenomenon suggested by some theorists, this has formed an underlying factor in the consistency of Russian intelligence strategy since the Tsarist period.

Russia has traditionally viewed war in a similar way to Carl von Clausewitz, who wrote in the early 1800s that “War is not merely a political act, but also a real political instrument”. Indeed, Russia has consistently lacked a delineation between war and peace and has instead seen itself as under constant hybrid threat from its neighbouring states, most recently NATO and the EU, as reflected in the 2014 Military Doctrine which details fourteen major risks to the Russian Federation, each a thinly veiled criticism of Western expansionism. Therefore, rather than being seen as new, threatening and ‘hybrid threat’, the eagerness of the Russian intelligence services to make use of non-state actors and the information sphere should be viewed as symptomatic of a deeper intelligence culture that has consistently informed its strategy during foreign intervention operations.

It is also worth noting the extent to which the modern intelligence services base their culture and doctrine upon that of their predecessors. The KGB was officially dissolved on 31 December 1991, an act heralded as signalling impending oversight of the intelligence activities of the Kremlin. However, due to the volatile political environment of the post-Soviet state, Yeltsin relied upon the security services to stay in power, leading to a dependence on former KGB personnel. Thus, the five new agencies which were formed from the KGB directorates were headed by ex-KGB staff. This has important ramifications for the consistency of a Russian intelligence strategy, since with the continuation of personnel in the Russian security services came a continuity in methodology. Putin’s assertion that “There is no such thing as an ex-KGB man” suddenly takes on a more sinister meaning.

Thus, the attempted murder of the Skripals should not come as a shock. Even leaving aside the case of Alexander Litvinenko in 2006, the Russian government has a long history of targeting dissidents, often many years after their defection. Despite now forming part of intelligence legend, the 1978 assassination of Bulgarian writer Georgi Markov with a ricin tipped umbrella is a very real case of so-called ‘hybrid’ techniques being employed before the incarnation of any such doctrine. One could even go so far as to trace the strategy back to the Cheka, the Bolshevik secret police, who operated in Paris in the 1920s to eliminate Tsarist sympathisers and further bolster the fledgeling Communist state.

While the targeting of the Skripals appears to have confounded the UK and its allies, it is simply the latest case of a Russian strategy that does not delineate between war and peace, combatants and non-combatants. The current preoccupation with a ‘hybrid threat’ merely distracts from recognising the consistency and precision with which Russia conducts its foreign intelligence strategy; a strategy which sees nothing new in the use of old KGB tactics, including the use of poisons and nerve agents.


Russia’s Threat to Estonia in the Next 24 Months

Estonia-Russia relations are turbulent, due to several high profile diplomatic failures and tensions regarding Russia’s 2022 invasion of Ukraine. Russian conventional military action against Estonia over the next 24 months is unlikely due to Estonian membership in multiple multilateral security agreements, and Russian dedication of military assets to its offensive actions against Ukraine. However, Estonia is still challenged with countering Russia’s hybrid warfare threats.

Key Judgement 1: In the next 24 months, Russia is highly likely to employ misinformation techniques to attempt to gain support amongst the large Russian-native population within Estonia.

  • The Kremlin views Estonia’s membership in NATO and the EU, and therefore alliance with Western States, as a threat to its security, sovereignty, and autonomy [source].

  • Estonia has a large ethnically Russian and Russian-speaking community, accounting for up to 25% of the populace. This is due to Estonia’s former Soviet occupation, which ended in 1991 [source].

  • Russia has vowed to ‘protect the interests of all Ethnic Russian people’, highlighting its vested interest in appealing to this demographic [source].

  • Russia has a history of highly successful misinformation campaigns against the Baltic States. Much of this has been done by appealing to the shared cultural and linguistic ties of the Russian diaspora in Estonia [source]. Russia does so through several means, such as through radio, television, internet broadcasting, and social media campaigns [source].

  • Considering overwhelming Western disapproval of the 2022 Russian invasion of Ukraine, which Estonia has denounced repeatedly, misinformation will be critical to the Kremlin to control narratives and perspectives towards Russia within Estonia.

Key Judgement 2: In the next 24 months, Russia is likely to continue cyber operations against Estonia, although Estonia maintains high resilience to such threats.

  • Russia maintains advanced cybersecurity capabilities, and consistent documented use of such means to target Estonian private and state organisations [source]. Russia has historically launched a mixture of Denial of Service (DoS) attacks, Distributed Denial of Service (DDoS) attacks, website defacement, attacks against Data Name Servers (DNS), and mass email comment spam. Most commonly, these attacks target government servers and other public institutions [source].

  • These cyber-attacks occur on an immense scale, with Estonia being Russia’s main target for bot attacks [source]. The Estonian President stated that Estonia have experienced over 150 cyber-attacks per day in 2022 from Russian origins [source].

  • Estonia has high cyber operation readiness and resilience, with investment in cybersecurity increasing in recent years [source]. Similarly, Estonia takes part in multilateral cyber defence efforts, including the Cooperative Cyber Defence Center of Excellence (CCDCOE) [source].

  • In spite of this, Russia continues to launch cyber offensives against Estonia as part of its hybrid warfare strategy [source].

Key Judgement 3: In the next 24 months, Russia and Estonia are unlikely to resolve border disputes through diplomatic and political dialogue. However, conventional military action against Estonia is unlikely.

Russia's threat to Estonia
(Img; A small area of Russian land cuts across Estonian territory, Named the ‘Saatse Boot’. This area was due to be ceded to Estonia in border treaties drafted in both 2005, and then 2014, but is still yet to be ratified; via RFERL)
  • Diplomatic relations between Tallinn and Moscow are poor, with diplomatic dialogue beginning in 2021 after two years of very limited political engagement [source]. Russia and Estonia both expelled diplomats from the reciprocal countries in 2021 due to alleged classified documentation leaks, although these leaks have not been independently verified [source, source].

  • Estonia has repeatedly condemned Russia’s 2014 annexation of Crimea [source], and the 2022 invasion of mainland Ukraine [source]. Russia recognises Crimea and Ukraine as sovereign to Russia.

  • In spite of this, both countries have shown significant interest in ratifying the treaty concerning the countries’ shared but disputed border [source]. Therefore, both countries are likely to continue to show interest in diplomatic dialogue for strategic reasons.

  • However, Russian conventional military action against Estonia is unlikely. Russia’s military assets are currently engaged in conflict in Ukraine, with progress being much slower than analysis prior to the invasion suggested [source, source].

  • Estonia is a member of multiple multilateral security agreements, including NATO membership and military agreements with the US, Switzerland, and the Baltic States [source]. As part of these agreements, Estonia has increased its military readiness, through increased international troop presence and increased military spending [source, source]. Therefore, Estonia and its allies boast asymmetric warfare capabilities against Russia’s current military availability [source].

Intelligence Cut-Off Date: 6th May 2022


Russia’s Threat to Latvia in the Next 24 Months

Latvia, a NATO member, and Russia have a tense relationship gripped by Russian meddling, since the former broke from the Soviet Union in 1991. Exacerbated by the Russian invasion of Ukraine, many nations that share a border with Russia are wary of their actions. Latvia is closely in support of Ukraine.

Latvia has also been on the receiving end of Russian disinformation and psychological operation campaigns, even warranting an official response by NATO in the region to combat it. Given the current climate of instability in the region, it is likely that Russian influence and operations in the Baltic state will increase in the next 24 months. 

Russian Threats to Latvia, NATO
A combination of NATO and Latvian troops in Latvia during Operation Silver Arrow. (Source)

Key Judgment 1: In the next 24 months, it is highly unlikely that Russia will launch military offensives against Latvia. 

  • Latvia is a member of NATO, and houses a complete Enhanced Force Presence and Force Integration Unit close to the capital of Riga. These units have been stationed in the Baltic states to ward off any Russian aggression after the Warsaw Summit in 2016 (Source). The Enhanced Force Presence in Latvia is a mix of infantry, mechanized, and reconnaissance units from participating NATO countries (Source).

  • In working closely militarily with neighboring Baltic countries, Latvia is part of the Baltic Joint Military Staff (source) the Baltic Naval Squadron (BALTRON) (source), as well as the Baltic Air Surveillance Network (BALTNET) (Source). These are linchpins to the Baltic states’ shared notion of mutual defense against Russia, and these institutions serve as  blockades to Russian attacks.

  • It is unclear what Russia’s exact motivation in Ukraine and the Baltic states, but a full-scale war with Latvia and NATO is not within reason for the Russian state within the next 24 months. Russia has faced clear setbacks in its invasion of Ukraine, primarily through Ukrainian defensive tactics and NATO countries responding with supplying Ukraine. Due to this, direct action against NATO-allied nations and NATO is highly unlikely. 

Key Judgment 2: In the next 24 months, it is highly likely that Russia will heighten their misinformation, subversion and political measures within Latvia’s social and political systems.

  • Russia has historically launched misinformation campaigns against the almost 25% Russian-speaking/of descent population in Latvia. The Baltics have been an interesting battleground of hybrid warfare, and Latvia is no exception. Over the past 4 years, Latvia has claimed election interference from the GRU (source), Russian bots flooding Latvian social media channels (source), as well as hacks on websites displaying the text: “Fellow Latvians, this concerns you. The Russian border has no limits!” (Source)

  • Disinformation measures by Russia have prompted NATO to employ “techcamp” within Latvia. Accordingly, this method actively includes recruiting members of the Russian-speaking minority to speak out against Russian propaganda on Latvian social media (Source). 

  • In early March, Latvia’s prime minister urged tech companies like Meta and Google to curb disinformation coming from Russia in light of the invasion in Ukraine (Source). This heightened the sense of panic among the Baltic states reflects the vulnerability of social media to targeted disinformation campaigns from the Russian state – and indicates a critical point that Russian entities could strike. 

Key Judgment 3: In the next 24 months, there is a realistic probability Russia may provide support for pro-Russian political parties within Latvia, such as Harmony, as well as Russian-speaking ethnic minorities in the country. 

  • The Harmony Party in Latvia has official ties to Moscow (Source). On top of this, it is also rife with corruption and scandals, down to local-level governments (Source). The party represents Latvia’s Russian speaking ethnic minority population, and advocates for closer ties with Russia. Due to Russia’s use of Latvia as a money laundering waystation, it has been dubbed the “Russian Laundromat” (Source). 

  • Harmony almost took 20% of the parliamentary vote in October of 2018, receiving the majority seat (Source). With a pro-Russian party in power, the situation in Latvia is prime for political coercion from the Kremlin and Russia’s United Way party.

  • Compounding with pressure from the situation in Ukraine, the next two years could see Latvia’s politicians, particularly those who represent Russian speaking ethnic minority populations moving closer in parity to the Kremlin. 

Intelligence cut-off date: 6th of May 2022


Camp Lemonnier: Line in the Sand

Camp Lemonnier
Aerial view of Camp Lemonnier; retrieved via

The purpose of this report is to analyze the benefit of Camp Lemonnier in Djibouti for US/AFRICOM. The article will analyze the foreign presence and will provide the implications of various strategies on the US presence. The time frame for this will be between 2020-2030. 

Key Judgment 1

The United States Africa Command (AFRICOM) presence in Djibouti, Camp Lemonnier, provides the US with strategic and geopolitical benefits. Nonetheless, they still compete with Chinese and Russian spheres of influence in the region. 

Key Judgement 2

The US presence presents an opportunity to promote closer cooperation with Djibouti in the form of military training. This can be useful to promote infrastructure development and trade. This is also the case for neighboring East African countries such as Kenya, Somalia, and Sudan. 

Key Judgement 3

NATO allies UK, Italy, France, Germany, and Spain are present in the country, boosting AFRICOM capabilities. Japan’s military facility in Djibouti and cooperation with India are almost certainly a threat. China’s Belt Road Initiative and Indian Ocean Hegemony could be the main affected. Tensions are likely to increase between 2020-2030, with a highly unlikely chance for conflict between 2020-25. This likelihood rises to unlikely in the second half of 2025-30.

Key Judgement 4

The biggest threat from state competitors to long-term US strategy is China, deeply invested in Djibouti infrastructure projects and trade. Russia is also a threat to a lesser extent and neighboring Saudi and UAE entities will almost certainly increase influence. It is likely that under its current pace, by 2030, China will outcompete the US for influence in Djibouti.

Key Judgement 5

A reduction of AFRICOM presence will highly likely provide advantageous conditions for China and Russia to compete in the region. Military Force is highly unlikely to solve African issues. Economic and human development initiatives and favorable loans and projects will increase success likelihood for US goals. 

Camp Lemonnier: Context

US leased The Camp Lemonnier base in 2001. The Combined Joint Task Force-Horn of Africa (CJTF-HOA) moved to Djibouti in 2003. (Source) The camp announced in 2007, expansion from 97 acres to around 500 acres. In 2014, the camp agreed on a 30-year lease with Djibouti with $63 million in annual payments. In October 2018, the camp paid $240 million to expand facilities. (Source)

There are around 4,000 US troops, around two-thirds of AFRICOM’s forces on the continent. US Defense Secretary Mark Esper is reviewing the reduction of US presence in the continent. (Source) The facility not only provides a facility for counterterrorism against groups in Africa but functions as a counter to Chinese and Russian expansion in the region.

Situated between the Red Sea and the Gulf of Aden, Djibouti will become a hub for international commerce. This attracts the strategic interests of international competitors, including the US, France, Italy, Japan, and China. (Source) Camp Lemonnier provides US strategic benefits for air operations and closer strategic cooperation but also provides intelligence gathering benefits such as reconnaissance and surveillance.

Chinese competition is the largest threat to AFRICOM’s viability in Djibouti. As Djibouti’s largest source of capital, Beijing is in an advantageous position. Through hybrid warfare methods of economic and strategic maneuvering, China seeks to establish significant influence in the region. China will seek to secure a sphere of influence in the Gulf and the Indian Ocean while limiting US influence.  

Camp Lemonnier: AFRICOM/US Presence

The US has failed since 2008 to persuade any country on the continent to host AFRICOM. This means Djibouti’s presence is vital for US interests for counterterrorism and limiting Chinese/Russian influence in the region. There is a $31 million train-and-equip partnership between the US and Djibouti military. (Source) The US military’s payments amount annually over $200 million, direct and indirect, equivalent to around 10% of Djibouti’s GDP. AFRICOM has an estimated $2 billion budget. There are calls to increase this to increase counterterrorism capabilities and counter Chinese and Russian expansion. (Source)

AFRICOM resources are stretch, limiting the growth of US capabilities in Africa while China is investing heavily in Africa. Mark Esper ordered a “zero-based review” of force posture on the continent to counter Russia and China. (Source) Flying a nuclear-capable B-52 over the Somali coastal town of Kismayo was a message to adversaries in the region. (Source) This is part of a US B-52 installation in Diego Costa in the Indian Ocean. This adds strategic geographic value to the Djibouti base as part of an Indian Ocean presence.

A Changing Stance

US military training is the ‘gold standard’ among African nations. The US can use this as a pretext for closer cooperation with Djibouti and neighboring countries. Strategic partnership under this pretext can aid in the increase of trade and cooperation. Esper is a part of ongoing reviews of rebalancing troops. US may increase force posture in areas addressing great power competition while focusing less on CT ops. (Source) In this context, it is likely that AFRICOM presence may see a transfer to Djibouti. 

General Townsend, commander of AFRICOM, indicated China and Russia are in a position of advantage in Central and Southern Africa. (Source) Similar reductions in Djibouti will likely limit the US position in the Horn of Africa. Military and trade cooperation, simultaneous with better alternative infrastructure and loans for Djibouti’s state-building, will highly likely reduce Chinese and Russian influence. 

Camp Lemonnier

International Presence 

A Chinese Expansion

China operates in an advantageous position in Djibouti because of deep economic ties and infrastructure projects. China is Djibouti’s largest source of capital. Chinese firms amount to almost 40% ($1.4 billion) of major investment projects in Djibouti. (Source) The infrastructure projects include the Djibouti-Ethiopia Railway project, the Djibouti-Ethiopia Water pipeline, and most importantly the Dolareh port. The importance of the port not only boosts the Chinese Belt and Road initiative but military goals in the region.

This also raises growing concerns that control of the port by Chinese authorities is threatening the existence of Camp Lemonnier. The Dolareh Containment Terminal is critical for resupplying Camp Lemonnier. Djibouti’s growing debt to China on unfavorable terms can likely facilitate China taking control of key facilities. This can happen especially if payments fail as seen in the Dolareh port. In Kenya, a $3.2 billion loan for the Nairobi rail line was under the conditions of Mombasa’s port authority. This was collateral for defaulted payments. (Source) Meaning defaults would result in Chinese firms managing the port to regain revenues. China Merchants operate their own terminal at the previous DP port already. 

Beyond A Passive Presence

Chinese presence in the region provides intelligence collection on US military applications and methods. This will likely limit the strategic benefits of US presence in Djibouti. Also indicating threats to counterintelligence on US Airforce operations in case of future conflict. There have been calls for China to use electromagnetic weapons, including lasers, to protect Chinese exploration interests. US officials have acknowledged 20 occasions where lasers were used to target US pilots to interfere with operations. (Source)

An incident in 2018 near the base caused minor eye injuries to a US pilot. While these are small probes, in February 2020, a Chinese destroyer used a “weapons-grade laser”. (Source) No crew or equipment was hurt or damaged, but these tactics may create hesitation in future US maneuvers near Chinese forces. An escalation of this form of warfare could limit the willingness of operations, which is not yet the case. The Defense Intelligence Agency assesses that China will be able to deploy ground-based lasers during the 2020s. (Source) This indicates growing aggressive conduct to secure Chinese interests. 

Allied Eastern Ties

Japan and India have both been present in anti-piracy operations in the Gulf of Aden. Japan has its own military base in Djibouti which China perceives as a threat to the Belt Road Initiative. The ‘String of Pearls’ tactic exists to surround India with military and commercial facilities to achieve Indian Ocean Hegemony. (Source) Japan and India have been in close cooperation and an Acquisition and Cross-Servicing Agreement is likely. Japan and India are key partners of the US. An increase in tensions in Djibouti with China would highly likely bring AFRICOM into play.

Camp Lemonnier

Russia and Gulf States

Russia has been denied a military base in Djibouti, as Djibouti seeks to not become involved in a proxy war. This is already becoming the case. Russia has a military footprint in Sudan and Eritrea, which seeks to expand Russian geopolitical influence. (Source) Saudi Arabia is also seeking a base, but due to their alliance with UAE and the Djibouti DP port breakdown of relations, this prospect is unlikely.

NATO Presence

Italy and France both have military bases in Djibouti, prompting support for AFRICOM in the region. (Source) The partnership also boosts intelligence collection and sharing which will likely benefit US interests in the region. German and UK forces are also present, and a reduction of AFRICOM footprint would also severely affect allied capabilities. This would result in advantageous conditions for China and Russia. 

Far Away from Camp Lemonnier: Predictions

Chinese Hegemony Scenario

It is likely that China will increase its strategic strength in Djibouti and undermine AFRICOM’s presence. This is based on the extent of existing economic and infrastructure and the high likelihood that this will increase. It is also likely maneuvering to disrupt US operations in the Indian Ocean will increase around 2027. This is due to China’s increased military capacity.  Failure to increase AFRICOM funding or an actual decrease will limit the strategic benefits of the base.

Though there has been an increase in US imports, increased Chinese trade may limit the benefits of the US-Djibouti partnership. Djibouti’s political inclination sides towards China for authoritarianism policies, limiting US partnership. Chiba makes this scenario is possible as it avoids all-out conflict with AFRICOM. This itself fails to embrace hybrid warfare to the same degree of success.

AFRICOM Surge Scenario

There is an even chance that US strategic goals will consider the significance of AFRICOM’s presence in Djibouti. Budged and presence would thus increase. This will limit the growth of China if synonymous with closer military cooperation and trade agreements. Investment and loans on more favorable terms will entice future African nation cooperation while limiting Chinese and Russian expansion. This would strengthen the US interests. Nonetheless, it will to a degree, contain the considerable gains from China and Russia. These have involved military base establishment and infrastructure network building. Investment and loans on more favorable terms will entice future African nation cooperation.

Worst Case Scenario

Conflicting interests and lack of dialogue among the US and non-competing nations escalate. An incident such as laser targeting could cause an international crisis. Conflict in the region has instability reverberations on a wide scale and existing military assets suffer heavy casualties. This is a highly unlikely scenario but not impossible. The ongoing South China Sea crisis would likely impact the stability in the Indian Ocean. This would likely raise the likelihood of conflict for AFRICOM.

Consideration after Camp Lemonnier analysis

It is likely that some aspects will materialize in mentioned scenarios to a degree while some will not. AFRICOM is likely under an existential threat by the end of the time scale provided. This is more likely not to be through military force. It will rather be strategic maneuvering from China if no one addresses the current issues.


Project Toledo: The Secret Russian Biological Weapons Program

Project Toledo

While previous Grey Dynamics articles analysed Russian hybrid warfare via Wagner PMCs and GPS spoofing, a secret Russian biological weapons program provides a new ‘dynamic’. In 2017, the last of Russia’s chemical weapons were allegedly disposed. This article will explore the Project Toledo, heavily denied by Putin, brewing behind closed doors.

 Key Findings

  • The clandestine Project Toledo is identified in an OpenFacto report as a project linked to the 48th, 33rd, and 27th Central Research Institute. The 48th and 33rd institutions are under sanctions by the US for highly likely participation in the Russian Biological Weapons Program.
  • The 48th institute directly supplies the FSB military Unit 68240, a multi-purpose R&D body. UNIT 34435 or Lab NII-2, directly linked to Unit 68240, is hosting a clandestine Biological Weapons Program according to Bellingcat. Bellingcat investigated the unit in relation to the Navalny Novichok Poisoning.
  • UNIT 34435’s procurement supports biochemical research, with joint institutions researching rare/lethal pathogens such as Ebola and MERS.
  • Unit 68240 incorporates UNIT 35533 focuses on cyber capabilities and UNIT 44239, focusing on robotic explosives. As both units have alleged offensive capabilities, this may indicate the directorate of UNIT 34435, and possibly the nature of Project Toledo.
Project Toledo

Project Toledo?

Project Toledo remains an unknown and elusive project, almost certainly by design. In 1958, the Spanish town of Toledo was ravaged by a plague. While in 1918, Toledo, Ohio, was devastated by the Spanish influenza epidemic. Inspiration for the project codename is pure speculation. The 48th Central Research Institute, led by Colonel Sergey Borisevitch, specialises in Ebola, MERS, Marburg virus, and anthrax.

The institute played a significant role in vaccine development during the Ebola crisis in Guinea, which is not part of the analysed Russian biological weapons program. The 48th is registered as a subsidiary incorporate records to the 33rd institute, allegedly responsible for developing Novichok agents used in the Navalny and Skripal poisoning. In August 2020, both institutes were sanctioned for involvement in a clandestine program. It was during 2015-2017, the Project Toledo link was identified.

Currently, there is no open-source intelligence that discloses what Project Toledo is. The project was requested by UNIT 68240, managed by UNIT 34435, and fulfilled by the 48th. Corporate registries provided evidence of the 17,000,000 rubles (180,000 euros) transaction that displayed the financial agreement with UNIT 68240. The defence-related projects of the other units, utilising offensive R&D, possibly indicates intent. UNIT 33445 is recognised as the host of a secret Russian biological weapons program. The corporate registries show that the unit is also ordering a significant number of live animals for test purposes (2100 mice and rats in 2012), and metal research with a request for ‘special magnets’. The 33rd, 48th, and 27th Central Research Institutes, and the defence sector linked Siberian Scientific institute, evidently have partnership activities with UNIT 33445. Despite evidence of ties within institutes and units, the project remains a mystery.

Novichok Inc.

Russia’s military intelligence unit, the GRU, was allegedly behind the poisoning of Skripal. While the Federal Security Service (FSB), which focuses on domestic operations, allegedly poisoned opposition leader Alexey Navalny. Novichok agents were used in both operations. FSB agents for two years monitored Navalny before the poisoning. The agents were part of a unit specialising in handling chemical agents. Two of the three agents, Alexey Alexandrov and Ivan Osipov, are both registered as medical doctors. The third agent was Vladimir Panyaev, who joined the FSB’s Criminalistics Institute. An institute that officially focuses on forensics but unofficially focuses on clandestine chemical handling, in this case, poisoning for political purposes.

On October 15th, 2020, the EU imposed sanctions on Russian officials for the use of alleged novichok agents against Navalny. In 2017, Putin personally watched the destruction of the last of Russia’s chemical weapons, allegedly. The overhaul of the Russian Biological Weapons Program is the narrative for denying any clandestine operations. The 33rd Central Experimental Institute for Scientific Research of the Ministry of Defense and Scientific Institute for Organic Chemistry and Technology (“GosNIIOHT”) were identified by Bellingcat to be in constant communication leading to the Navalny poisoning.

Dr. Alexey Alexandrov, Dr. Ivan Osipov, and Vladimir Panyaev. Source: Passport files (Bellingcat)


Plausible deniability remains a common theme in Russia’s state-sponsored grey zone activities. While the nature of Project Toledo remains unclear, the units established in partnership with research institutes attract warranted suspicion. This is justified in correlating units that focus on offensive capabilities, as well as investigations linking the supposed dismantled Russian Biological Weapons Program to political poisoning. By camouflaging itself behind a mirage of research institutes and subsidiaries, it is highly likely that Russia maintains chemical warfare capabilities. The willingness to use chemical agents in the UK, and the institute’s Project Toledo is linked to, raises fears that this may be a codename for weaponised lethal pathogens. It is highly unlikely that the truth will be known in the near future.

Image: MyCentralOregon (link)


Operation Gladio: An Introduction

Operation Gladio

This Grey Dynamics article explores the creation myth of the anti-communist NATO-allied project known as Operation Gladio, and the context behind why it was created – to prevent the post-World War II spread of communism across Europe using clandestine proxy forces.

Communism. The red and yellow colored, hammer and sickle stamped, bourgeoisie smashing elephant in the room. Some violently hate it, others view it as the only true system of liberation. And then some, who live under it, have no choice in the matter. Nonetheless, it is safe to say that as long as communist uprisings and governments have existed, its opponents have done everything they can to prevent its spread. And when I say, “everything they can”, I mean that in a literal sense.

Joseph Stalin’s Union of Soviet Socialist Republics (USSR) played a vital role in the Second World War (WWII), but not without its internal tensions within the Allies as a result of its Marxist state. The conclusion of the war shifted the West’s attention towards the potential of communist infiltration and expansion into Europe. This was not ideal, and as the Cold War approached, the West sought out ways to thwart the Communists as they spread across the globe. Some were unconventional, to say the least.

In essence, Operation Gladio was the convergence between the concept of a “stay-behind resistance force” and the Western/NATO-led attempted prevention of a Communist Europe. In the words of Colonel Kevin D. Stringer of the Special Operations Command Europe (SOCEUR), “Hybrid warfare is an effective mix of military and nonmilitary activities with conventional and irregular components ranging from diplomatic and legal campaigns to clandestine transfers of armed personnel and weapons. These activities fall short of actual armed conflict and can destabilize and subvert a target nation’s stability and sovereignty but not trigger North Atlantic Treaty Organization (NATO) or bilateral treaty commitments. To mitigate this risk, a targeted state’s society must be ready to conduct resistance should all or parts of its territory be occupied or subverted by a foreign invader or its proxies.

In typical unconventional fashion, such a resistance force did exist in Europe during Operation Gladio, and it managed to stay in the shadows until October 1990 in which case Italian Prime Minister Giulio Andreotti, for the first time, publicly acknowledged its existence in front of the Italian national senate.

The October 1990 acknowledgment of Operation Gladio was not the first time it had been mentioned within Italy, nor was Prime Minister Andreotti the first to mention it, although his caliber and governmental role gave credibility to his claim. In 1972, an Italian neo-fascist terrorist named Vincenzo Vinciguerra carried out a car bombing attack in the Sagrado municipality in the Gorizia province. During his trial in 1984, Italian investigators tracked down the origins of the explosives Vinciguerra used which ultimately led them to Gladio. The C4 in the bomb was from an arms dump located in a cemetery in the city of Verona, and that dump was a Gladio site. This revelation, alongside Prime Minister Andreotti’s, started an international conversation about the extent of Gladio’s reach, and the NATO countries involved.

The early creation of Gladio traces back to the end of WWII when the North Atlantic Treaty was signed. The treaty, signed on the 4th of April 1949, was signed at first by 12 countries: Belgium, Canada, Denmark, France, Iceland, Italy, Luxembourg, the Netherlands, Norway, Portugal, the United Kingdom, and the United States. The countries under the NATO treaty agreed to a mutual defense that according to the official website “was to create a pact of mutual assistance to counter the risk that the Soviet Union would seek to extend its control of Eastern Europe to other parts of the continent.” Following the signing of the treaty, and the formation of the NATO organization, various internal committees were formed to handle different aspects of the NATO mission.

The “Clandestine Planning Committee” (CPC) was the NATO element that developed the early implementation of Operation Gladio, which included the formation of domestic paramilitary forces, planned escape and logistical routes within involved countries, and the establishment of various weapons and equipment cache sites strategically placed as a contingency plan against Soviet invasion (like the one in the Verona, Italy cemetery).

Since Operation Gladio was brought to light, and the 1990 recognition by Prime Minister Andreotti, there has been a decent amount of controversy about the reported involvement of foreign intelligence agencies, such as the CIA. Critics of Western foreign policy outside of the intelligence community have attributed the CIA to using Operation Gladio as a way to bolster right-wing and fascist groups within Europe. Those claims have not been corroborated, and the true extent of CIA involvement remains outside of the public sphere.  

Image: Libcom (link)