Europe's cyber and hybrid defence architecture has advanced significantly over the past decade. Yet NATO's recent articulation of cognitive warfare reveals ground that remains to be covered: much of the activity that shapes decision-making environments operates before existing response mechanisms engage. This contribution examines how current toolkits must adapt to an expanded "risk perimeter."
NATO and the EU have developed hybrid defence frameworks (see also) in response to coordinated use of cyber operations, disinformation, economic coercion, and political interference by state and non-state actors. These frameworks address threats that exploit systemic vulnerabilities while remaining below the threshold of open conflict.
Cognitive warfare, as defined by NATO, extends this framework: the deliberate exploitation of cognition to disrupt, influence, or modify decision-making across civilian and military populations below the threshold of armed conflict. Traditional influence tools such as psychological operations, information operations, and strategic communications are typically mission-bound and time-limited. Cognitive warfare, by contrast, is continuous, cumulative, and preparatory. It shapes the cognitive environment in which future events are interpreted, generating ambiguity, eroding trust, and constraining sense-making in ways that amplify the impact of other hybrid activities over time.
Understanding cognitive warfare as an extension of the hybrid threat landscape has important implications for preparedness. If the cognitive dimension operates through sustained engagement and environmental shaping rather than discrete incidents, then the effectiveness of existing cyber and hybrid defence toolkits depends on how well they account for these preparatory dynamics. The question is not whether current frameworks are obsolete, but how they might be adapted to reflect a strategic environment in which cognition itself—shaped by AI-driven algorithms, synthetic content at scale, and 24/7 engagement-oriented media ecosystems—has become a central terrain of competition.
From Janet M. Blatny and Steen Søndergaard, Cognitive Warfare: NATO Chief Scientist Research Report, NATO Science and Technology Organization, 2025, p. 10, https://www.sto.nato.int/wp-content/uploads/chief-scientist-report-cognitive-warfare-final.pdf.
AI-enabled cognitive operations now operate at industrial scale, expanding the risk perimeter to include the ambient information environments that shape perception and decision-making across critical sectors, often before publics, enterprises, and institutions recognize they are under influence. Off-the-shelf models allow state and non-state actors to generate localized, multi-language narratives faster than institutions can verify or respond, creating simultaneous pressure on defense procurement, energy infrastructure, and financial stability.
This operates across critical sectors, including:
- Energy and critical minerals: Localized, multi-language narrative campaigns targeting European and western energy companies and supply chain operators create operational nightmares—undermining project financing, delaying permits, and destabilizing community relations—while advancing adversarial interests over strategic resources. These campaigns combine digital amplification with physical and institutional penetration, coordinating across multiple sources and jurisdictions to present as organic local opposition.
- Financial systems: AI-scaled attacks misrepresenting institutions and executives threaten the trust infrastructure on which financial systems operate. False claims propagating across consumer, investor, and regulatory audiences can trigger rapid behavioral shifts—deposit withdrawals, market selloffs, compliance actions—with implications spanning private operations, consumer protection, and systemic stability.
- Defense procurement and industrial policy: Coordinated and persistent narrative attacks targeting advanced technology sectors, semiconductor supply chains, and critical infrastructure—extensively documented in Russia's war in Ukraine—shape government decision-making, public opinion, and alliance cohesion across the defense-industrial ecosystem. Given the complexity of defense procurement decisions and the consensus-building required across member states, conditioning the information environment before formal policy debates begin significantly constrains strategic options.
II. Mapping Cognitive Infrastructure: Evidence from Russian Drones in European Airspace
Recent research demonstrates that aspects of cognitive operations can be empirically observed through their infrastructural, temporal, and behavioural signatures, particularly in proximity to real-world events. Open-source cognitive threat intelligence analysis conducted by Alto Intelligence in response to the wave of Russian drone incursions into European airspace in fall 2025 shows how coordinated networks of ostensibly local and thematic media outlets activate in close temporal alignment with kinetic or geopolitical developments. These activations occur within narrow time windows—often minutes—rapidly saturating and shaping the narrative environment in which events are first interpreted, well in advance of institutional verification or response cycles.
The analysis documents coordinated media infrastructure producing millions of articles monthly across hundreds of domains that present as local sources while syndicating content from state-linked outlets including RT—formally sanctioned in Europe—and Xinhua. These types of infrastructures operate globally across strategic contexts (Iran, Venezuela), indicating reuse and persistence at scale rather than case-specific activity.
Crucially, the analysis highlights how different actors and media types function as systemic amplifiers within this environment. Content moves sequentially from low-visibility sources to more prominent outlets, creating saturation and normalization before reaching mainstream awareness. When viewed in temporal relation to physical-world events, these patterns suggest a structured process of pre-positioning and escalation, rather than spontaneous or purely reactive information activity. Taken together, these signals point to a coordinated cognitive infrastructure that remains largely invisible to existing early-warning systems.
Alto Intelligence’s network analysis of 49,906 articles from 20,029 profiles revealing 25 distinct clusters engaging in temporal proximity to Russian drone incursions into European airspace in fall 2025. III. Beyond Persuasion: Contaminating the Information Substrate
The scale, persistence, and saturation observed in contemporary cognitive activity do not only affect immediate sense-making and decision-making; they also shape the longer-term informational environments upon which institutions increasingly depend for analysis, assessment, and response.
Used by analysts, institutions, and publics alike, LLMs are quickly becoming central infrastructure for sense-making. As these systems train on open information environments, sustained cognitive operations pose a risk of systemic contamination rather than episodic distortion. This enables what Danet terms "LLM grooming": the large-scale contamination of training data with biased or fabricated content, transforming generative AI systems into vectors of disinformation.
Table 1: Didier Danet. LLM Grooming: A New Cognitive Threat to Generative AI. 2025. ffhal-05241525
At sufficient scale and duration, coordinated narrative campaigns contaminate the training data and retrieval sources on which LLMs rely, altering what these systems treat as factual, authoritative, or contextually relevant. The effect extends beyond human perception to the AI models that institutions increasingly use for threat assessment, monitoring, and decision support.
Cognitive warfare thus operates not just through narrative persuasion, but by poisoning the data layers that feed analytical systems. This strengthens the case for adapting existing toolkits to detect and map pre-positioned cognitive infrastructure and tactics upstream, before contamination becomes embedded and difficult to reverse.
IV. Recommendations: Adapting EU Defence Architecture for Cognitive Operations
EU cyber and hybrid defence toolkits—the Cyber Diplomacy Toolbox, Hybrid Toolbox, and crisis management mechanisms—were calibrated for discrete incidents and infrastructure compromise. Cognitive operations rarely present such clear thresholds. Yet DISARM-based analysis increasingly enables identification of patterns (narrative seeding, coordinated amplification, strategic prepositioning) that may constitute meaningful thresholds for response, even without conforming to traditional incident models. The DISARM (Disinformation Analysis and Risk Management) framework has emerged as a widely used taxonomy for analyzing influence campaigns, modelled on cybersecurity frameworks like MITRE ATT&CK. Its core value lies in providing a common analytical language that enables interoperability across research, defense, and practitioner communities. DISARM proves particularly valuable for cognitive operations because it emphasizes process over content. Where the primary concern is not isolated messages or events but the orchestration, sequencing, and persistence of activity over time.
The opportunity is clear: extend DISARM and related frameworks to support collectively operationalizing detection of long-term conditioning, ambient influence, and cumulative cognitive effects. The EU Hybrid Fusion Cell, EEAS StratCom Task Forces, and Hybrid Centre of Excellence already provide institutional architecture for early situational awareness. What remains is their fuller integration with cognitive indicators and AI-enabled detection capabilities that can surface preparatory activity before it reaches crisis thresholds.
Alto Intelligence, "European Airspace Violations: Why Kinetic–Cognitive Narrative Attacks Matter to Risk, Comms, and Security Teams," 9 January 2026, https://www.altointelligence.com/alto-blog/synchronized-kinetic-cognitive-hybrid-operations-european-airspace Example: Temporal mapping of cognitive operations synchronized with drone incursions into European airspace, fall 2025, illustrating how preparatory tactics preceded kinetic events and enabled narrative shaping within minutes of physical incidents.
This requires adapting existing toolkits to engage earlier in the cognitive cycle—incorporating cognitive indicators, longer temporal horizons, and preparatory dynamics. The following recommendations outline specific adaptations for EU institutions:
1. Expand response thresholds. The Cyber Diplomacy Toolbox and Hybrid Toolbox must recognize sustained cognitive infrastructure operations—not just discrete incidents—as actionable threats. Develop attribution protocols for coordinated networks that syndicate sanctioned state media through ostensibly legitimate sources.
2. Integrate cognitive threat indicators into existing mechanisms. The EU Hybrid Fusion Cell and EEAS StratCom Task Forces should incorporate DISARM-based detection of narrative pre-positioning, coordinated amplification, and temporal alignment with physical events into threat assessment protocols, with cross-jurisdiction information-sharing calibrated to the languages, platforms, and grey-space ecosystems where these operations originate.
3. Enable upstream detection.
Fund detection capabilities calibrated to the point of origin, not the point of saturation. This means continuous mapping of proxy infrastructure and coordination signatures across grey-space ecosystems, with baselines established around critical infrastructure to surface activation before narratives reach scale.
4. Protect analytical integrity.
The same proxy infrastructure that shapes immediate perception also contaminates the training data and retrieval sources institutions increasingly rely on. Data provenance standards, source authentication for institutional AI pipelines, and detection of coordinated content laundering into machine-indexed environments should be treated as core analytical security, not peripheral hygiene.
5. Update legal frameworks. Existing hybrid threat definitions do not adequately capture preparatory cognitive operations. Update Digital Services Act enforcement to address coordinated inauthenticity operating through media infrastructure, and strengthen sanctions enforcement against state-media content laundering through syndication networks.
6. Disrupt the infrastructure that sustains cognitive operations. Detection enables disruption. Coordinated narrative campaigns depend on financial flows, syndication networks, and commercial amplification services that can be mapped and constrained. As argued in recent ECFR analysis, European hybrid strategy needs to extend from defensive postures to disruptive ones — applying sanctions enforcement, financial investigation, and platform accountability mechanisms to the operational economics of cognitive infrastructure, not only the content it produces.
Cognitive operations shape decision-making environments, erode institutional trust, and constrain sense-making continuously—effects that persist independent of kinetic or cyber action. These operations are intentionally linked to physical events or triggers, and narrative infrastructure activates within minutes, conditioning interpretation before institutional response cycles can engage. The challenge is temporal and architectural: cognitive defence requires building resilient preemptive and countermeasure strategies to identify hostile manipulation while it remains ambient, before it reaches critical mass.
Europe's cyber and hybrid defence architecture represents a decade of institutional learning. Cognitive warfare does not render it obsolete—it reveals where mechanisms must be repositioned: earlier in the cognitive cycle, attuned to preparatory dynamics rather than discrete incidents, capable of surfacing and adequately responding to threats that operate continuously below traditional crisis thresholds.
