Hybrid Attack Signals – Typology
This document outlines the "Hybrid Attack Signals – Typology," which categorizes and describes the primary types of hybrid attack signals monitored by the Hybrid Attack Panel (HAP). This typology serves as a foundational guide for feed selection, analytical approaches, and the prioritization of responses within the Ardens Project.
Purpose
To categorize and describe the main types of hybrid attack signals we aim to monitor as part of the Hybrid Attack Panel (HAP). This typology guides feed selection, analysis, and response prioritization.
Signal Categories
| Signal Category | Description | Examples of Sources / Indicators |
|---|---|---|
| DNS Registration Anomalies | Suspicious domain registrations or changes linked to disinformation or cyber operations | Newly registered domains matching threat actor patterns, sudden bulk changes, phishing domains |
| Infrastructure Sabotage Reports | Physical or cyber disruptions to critical infrastructure (energy, transportation, communications) | OSINT reports of rail disruptions, power outages, telecom interference |
| Military/Civilian Overlap Incidents | Events where military or paramilitary actors interact with civilian systems or populations in ambiguous ways | Border incidents, no-claim airspace violations, proxy militia activity |
| Psychological/Information Operations | Coordinated campaigns aimed at influencing public opinion or disrupting social cohesion | Social media bot activity, misinformation spikes, fake news reports |
| Maritime and Airspace Violations | Unauthorized presence or maneuvers in contested maritime zones or airspace | Satellite imagery, maritime AIS anomalies, restricted airspace breaches |
| Electoral Process Interference | Attempts to disrupt or manipulate elections via cyber, misinformation, or coercion | Vote hacking reports, fake voter registration campaigns, election-day misinformation |
| AI-Generated Forgeries and Deepfakes | Use of synthetic media for deception, impersonation, or sowing confusion | Deepfake videos, AI-synthesized voice recordings, fake news bots |
Note: This typology is evolving and may be refined as more signals emerge or existing ones change.
Possible New Candidate Signal Categories
- Emerging regional conflict(s)
- Environmental catastrophe(s)
- Major civil disobedience
- Emerging pandemic(s)
- Energy/power disruptions
- Economic distribution channel disruption(s)
- Religious upheaval
- Civil liberty destruction/change
- Global financial indices
- Military buildup/reductions
- Mercenary military movements