Hybrid threat, Crosetto's report: 'We are under attack, need 10-15 thousand more troops'

With a clear objective: 'Erode democratic resilience, undermine citizens' trust in institutions, divide societies, influence public opinion with false information'. Attacking where the systemic weaknesses or dependencies of the target countries are greatest.

The Italy knows something about this: the greatest risks lurk in energy, given its dependence on imports, in critical infrastructures, from ports and airports to electricity grids, and in the political-social ecosystem, exposed to foreign interference, disinformation campaigns, and the exploitation of social divisions. "In a relentless manner," the non-paper puts in black and white, "our country receives dozens of cyber attacks and suffers them across the board and at all levels.

The data collected by the National Cybersecurity Agency speak for themselves: in 2024, 1,979 cyber events and 573 incidents (48 per month) were handled: respectively +40% and +89% compared to 2023. The total number of victims was 2,734. In the first half of 2025, there were already 1,549 census events, 53% more than in the same period last year. And the number of accidents with a confirmed impact was 346, +98 per cent.

'Impressive numbers,' says the document, 'and constantly accelerating'. First and foremost, the health sector is targeted, but also the manufacturing sector, largely due to the prevalence of small and medium-sized enterprises "lacking adequate defence structures" and therefore more susceptible to ransomware. 'Easy targets', the report calls them.

Looking at the responses from NATO, the EU and countries such as the US, the UK, France and Germany, Defence lines up what should be put in place: they range from a joint command to integrate cyber, electromagnetic spectrum and cognitive domains to the development of specific military capabilities in the cyber domain and in the information and cognitive environments, from the establishment of a 'Defence cyber reserve' to support the cyber workforce (one part operational and another made up of 'civilian volunteers') to the strengthening of military personnel with 10-15 thousand more units dedicated to cyber, electromagnetic spectrum and new technologies; from the cyber command of foreign military apparatuses as national reference points for the protection of critical infrastructures and the fight against cognitive manipulation to the strengthening of the link between defence and the intelligence sector.

Specifically, the roadmap recommended in the non-paper envisages first of all the assignment of all 'military cyber operations' only to the new joint command, which would operate according to the policy issued by the Defence General Staff. Secondly, it would require the creation of a civil-military cyber weapon, appropriate to the observed threat level and endowed with 'functional guarantees' for the civil and military specialists deployed. "It can be assumed," the document states, "that a truly adequate and reassuring force should be at least 5,000, with a prevalent operational component.

Realistically, one could start with an initial capacity of 1,200-1,500 units, with 75 per cent dedicated to operational tasks to ensure 24/7 action all year round. Finally, the establishment of a 'Centre for Combating Hybrid Warfare' is suggested. Everything, of course, through an 'urgent update of the regulatory framework': a reform that defines the cyber space of national interest as a real 'field of operations' on which the Ministry of Defence can act seamlessly.