**4. Hybrid HUMINT**

The concept of human intelligence involves a twofold dimension: to gather information from human sources that are not HUMINT operatives and to gather information from HUMINT operatives. In terms of operations, HUMINT involves [24]:


While budget restrictions, the cyberspace expansion, and the development of data science have fueled the interest in signals intelligence (SIGINT) and opensource intelligence (OSINT) and led to some divestment in HUMINT, considered, for instance, more expensive in terms of time and resources involved than OSINT, an approach that considers an opposition of HUMINT *vs* OSINT and HUMINT *vs* SIGINT is the wrong way to look at things from an *intelligence/counterintelligence* effectiveness standpoint, within the new defense and security context, characterized by the critical threat of hybrid operations.

In fact, one can robustly argue, from a technical and technological standpoint, that HUMINT is a major centerpiece driver of hybrid operations, a nexus around which SIGINT and OSINT can be leveraged, with the new agents on the ground being able to both gather strategic and tactical information, implement (cyber) subversive maneuvers, steal data, and even compromise critical systems of any organization.

In the new context of hybrid operations, a new breed of HUMINT operative is not only a spy but also a hacker and a hybrid operations specialist that can infiltrate an organization and bring it down from the inside. We call this the *hybrid agent*.

From a *counterintelligence* standpoint, the new dimensions of the threat of covert human agents need to be critically addressed. The first thing to stress is that the threat level is very high for any state; on the other hand, the operational advantage of the new breed of HUMINT operative is also very high, so that, from an *intelligence/CI* standpoint, states need to invest in both these new *hybrid agents* and to find countermeasures for them.

To fully realize the implications and measures of the concept of a *hybrid agent*, which is the main point of this section, we need to first address some conceptual dimensions from intelligence studies and strategic studies, since while the tools of the *hybrid agent* have changed and the profile and impact is new, there was an old case of a form of *spy* that fit this profile of *hybrid agent* which was employed in Japan's Warring States period (*Sengoku Jidai*) and later in the Edo period. This old *hybrid agent* fits a similar profile and role that the new *hybrid agent* may come to fit in the years to come.

During the *Sengoku Jidai*, spies were mainly employed from the Samurai and Ashigaru classes, but progressively, especially in the Iga and Koka provinces, spying was systematized, developed, and integrated in a body of knowledge and skills that were taught to warriors, a body of knowledge that was built on top of the warrior normal training.

**69**

*Cyberspace and Artificial Intelligence: The New Face of Cyber-Enhanced Hybrid Threats*

Different regions and Samurai clans also had their trained spies. It is important to stress at this point that there coexisted two types of spies in Japan: warriors who were employed as spies but that were not trained spies and warriors who, besides their normal martial training, were trained as spies. Another division that arose was between the trained spies that were a part of a Daimyo's army and thus served the

Due to their skills, Iga and Koka spies became mercenary spies, that is, spies for hire that also operated based on alliances of these regions with different groups. It is important to consider what constitutes the body of knowledge that the Japanese incorporated in what they considered to be the *art of spying*, called *shinobi no jutsu* or *ninjutsu*, erroneously addressed in popular culture as a martial art, as assassination, and/or as warriors that opposed the samurai, all incorrect

The fact that traditional scrolls on this body of knowledge are hard to track down, being, in many instances, in private collections, in some way contributed to the misconception to be perpetuated and has produced a gap in the literature on intelligence which usually cites *Sun Tzu's Art of War* but overlooks, in the study of the history of intelligence, the deep development of the theory, strategies, and tactics of intelligence that is present in the traditional texts on *shinobi no jutsu*, which, as a relevant point in dispelling the misconception, never cover any kind of

Recently, thanks to the efforts of the historian Antony Cummins and Yoshie Minami, the major texts are now translated into modern English, and Cummins has tracked down scrolls beyond the main known texts and translated them to English,

These texts allow people, researching in intelligence studies, to find new references

The relevant point is that these works on *shinobi no jutsu* introduce a profile of an operative, the *shinobi no mono*, which is largely a *hybrid warfare specialist*, and also constitute some of the few examples of classical works that are only devoted to intelligence, that is, these are some of the few examples of *Classical Intelligence Manuals* that form a compendium of the main strategies and tactics of intelligence in Japan's Warring States and Edo periods, some of which hold, in terms of their

If one analyzes these different classical Japanese works on what are today called intelligence studies [5–7, 25], one finds that, in Japan, the *art of spying* (*shinobi no jutsu*) included, among other specialized knowledge, a core of areas of expertise that, under close scrutiny, are generalizable to other countries and historical periods

• Unconventional warfare, including deep knowledge of subversive maneuvers

that deepen *Sun Tzu's Art of War*'s last chapter. These works, in particular [5, 26], develop in great detail a full body of knowledge in what the Japanese considered the art of spying and operationalize *Sun Tzu's Art of War*'s last chapter into a detail that

*DOI: http://dx.doi.org/10.5772/intechopen.88648*

Daimyo and the spies for hire, mercenary spies.

hand-to-hand fighting techniques [5–7, 25, 26].

making them available to the wider audience.

provides an insight into the history of intelligence.

main patterns and principles, for any period and place.

[27], and these areas include:

• Scouting

• Military strategy and tactics

• Infiltration and tactical disruption

and psychological operations

• Deep knowledge of counterintelligence

misconceptions [25].

#### *Cyberspace and Artificial Intelligence: The New Face of Cyber-Enhanced Hybrid Threats DOI: http://dx.doi.org/10.5772/intechopen.88648*

Different regions and Samurai clans also had their trained spies. It is important to stress at this point that there coexisted two types of spies in Japan: warriors who were employed as spies but that were not trained spies and warriors who, besides their normal martial training, were trained as spies. Another division that arose was between the trained spies that were a part of a Daimyo's army and thus served the Daimyo and the spies for hire, mercenary spies.

Due to their skills, Iga and Koka spies became mercenary spies, that is, spies for hire that also operated based on alliances of these regions with different groups. It is important to consider what constitutes the body of knowledge that the Japanese incorporated in what they considered to be the *art of spying*, called *shinobi no jutsu* or *ninjutsu*, erroneously addressed in popular culture as a martial art, as assassination, and/or as warriors that opposed the samurai, all incorrect misconceptions [25].

The fact that traditional scrolls on this body of knowledge are hard to track down, being, in many instances, in private collections, in some way contributed to the misconception to be perpetuated and has produced a gap in the literature on intelligence which usually cites *Sun Tzu's Art of War* but overlooks, in the study of the history of intelligence, the deep development of the theory, strategies, and tactics of intelligence that is present in the traditional texts on *shinobi no jutsu*, which, as a relevant point in dispelling the misconception, never cover any kind of hand-to-hand fighting techniques [5–7, 25, 26].

Recently, thanks to the efforts of the historian Antony Cummins and Yoshie Minami, the major texts are now translated into modern English, and Cummins has tracked down scrolls beyond the main known texts and translated them to English, making them available to the wider audience.

These texts allow people, researching in intelligence studies, to find new references that deepen *Sun Tzu's Art of War*'s last chapter. These works, in particular [5, 26], develop in great detail a full body of knowledge in what the Japanese considered the art of spying and operationalize *Sun Tzu's Art of War*'s last chapter into a detail that provides an insight into the history of intelligence.

The relevant point is that these works on *shinobi no jutsu* introduce a profile of an operative, the *shinobi no mono*, which is largely a *hybrid warfare specialist*, and also constitute some of the few examples of classical works that are only devoted to intelligence, that is, these are some of the few examples of *Classical Intelligence Manuals* that form a compendium of the main strategies and tactics of intelligence in Japan's Warring States and Edo periods, some of which hold, in terms of their main patterns and principles, for any period and place.

If one analyzes these different classical Japanese works on what are today called intelligence studies [5–7, 25], one finds that, in Japan, the *art of spying* (*shinobi no jutsu*) included, among other specialized knowledge, a core of areas of expertise that, under close scrutiny, are generalizable to other countries and historical periods [27], and these areas include:


*Cyberspace*

**4. Hybrid HUMINT**

is another level of hybrid operations which also increases the threat of these types of operations for any country; this is the new *hybrid human intelligence/counterintelligence* 

The concept of human intelligence involves a twofold dimension: to gather information from human sources that are not HUMINT operatives and to gather information from HUMINT operatives. In terms of operations, HUMINT involves [24]:

While budget restrictions, the cyberspace expansion, and the development of data science have fueled the interest in signals intelligence (SIGINT) and opensource intelligence (OSINT) and led to some divestment in HUMINT, considered, for instance, more expensive in terms of time and resources involved than OSINT, an approach that considers an opposition of HUMINT *vs* OSINT and HUMINT *vs* SIGINT is the wrong way to look at things from an *intelligence/counterintelligence* effectiveness standpoint, within the new defense and security context, character-

In fact, one can robustly argue, from a technical and technological standpoint, that HUMINT is a major centerpiece driver of hybrid operations, a nexus around which SIGINT and OSINT can be leveraged, with the new agents on the ground being able to both gather strategic and tactical information, implement (cyber) subversive maneuvers, steal data, and even compromise critical systems of any organization. In the new context of hybrid operations, a new breed of HUMINT operative is not only a spy but also a hacker and a hybrid operations specialist that can infiltrate an organization and bring it down from the inside. We call this the *hybrid agent*.

From a *counterintelligence* standpoint, the new dimensions of the threat of covert

human agents need to be critically addressed. The first thing to stress is that the threat level is very high for any state; on the other hand, the operational advantage of the new breed of HUMINT operative is also very high, so that, from an *intelligence/CI* standpoint, states need to invest in both these new *hybrid agents* and to find

To fully realize the implications and measures of the concept of a *hybrid agent*, which is the main point of this section, we need to first address some conceptual dimensions from intelligence studies and strategic studies, since while the tools of the *hybrid agent* have changed and the profile and impact is new, there was an old case of a form of *spy* that fit this profile of *hybrid agent* which was employed in Japan's Warring States period (*Sengoku Jidai*) and later in the Edo period. This old *hybrid agent* fits a similar profile and role that the new *hybrid agent* may come to fit in the years to come. During the *Sengoku Jidai*, spies were mainly employed from the Samurai and Ashigaru classes, but progressively, especially in the Iga and Koka provinces, spying was systematized, developed, and integrated in a body of knowledge and skills that were taught to warriors, a body of knowledge that was built on top of the warrior

*(CI)* context, in which the concept of a new field agent is a key factor.

• The overt collection of relevant information by people overseas

• The debriefing of foreign nationals and citizens who travel abroad

• The clandestine acquisition of relevant data

• Official contacts with foreign governments

ized by the critical threat of hybrid operations.

countermeasures for them.

**68**

normal training.

Infiltration came in two ways [5]:


*In jutsu* was largely employed during the *Sengoku Jidai* and already included the conventional and unconventional, where the trained agents infiltrated the enemy ranks, usually at night and used fire and unconventional tactics to disrupt the enemy in a way that allowed for a well-timed conventional open attack to ensue. These were the precursors of battlefield hybrid operations and are documented in detail in the *Bansenshukai* [5].

*Yo jutsu* usually needed someone with some level of scholarship, namely, from the Samurai class. This was the long-term undercover operative, which not only gathered information just like any HUMINT specialist but also employed subversive maneuvers, disinformation, counterintelligence, and political manipulation. One finds an example of this in the *Bansenshukai* [5], which reportedly is an Iga manual, but that may also contain a synthesis of Iga and Koka knowledge, where it is stated that an agent needed to obtain and keep copies of the marks and seals of the lords of various castles so that these could be used to forge letters in order to incriminate a target for conspiracy. Using agents to frame key people sow discord among the enemy's ranks and even for assassination (in particular, through poisoning).

Undercover operatives (using *yo jutsu*) were employed for disrupting the enemy's intelligence and decision-making process (disinformation), making false charges, spreading rumors (the dispersal of fake contents was already present in this period), and sowing domestic conflicts, discord, and doubts among the enemy's vassalage, as well as for setting fires or causing confusion among the enemy's castle in order for an open strike to occur. These are documented in the *Bansenshukai* [5] and are all parts of hybrid operations. Indeed, the play between the conventional and unconventional which is a key characteristic of *shinobi no jutsu* is strongly convergent with the two the major Chinese classics of strategy: *Sun Tzu's Art of War* and *T'ai Kung's Six Secret Teachings* [4], the latter which is considered in [5, 7] a Chinese reference on what the Japanese called *shinobi no jutsu*.

The Japanese knew of both works, and they are referenced in the different Japanese classical texts on *shinobi no jutsu* [5–7, 25, 26]. In particular, Sun Tzu's five types of agents were employed and elaborated upon in terms of intelligence strategies and tactics in the context of the Japanese classics, and these five types are [4]:


**71**

businesses.

confidence.

*Cyberspace and Artificial Intelligence: The New Face of Cyber-Enhanced Hybrid Threats*

on the strategies and tactics that are involved in their usage.

In [26] these five types of spies are explicitly addressed with an in-depth analysis

To these five types, one can add another type, which holds a key value for the new hybrid operations' context: the unwitting agent, who is supplying information for the enemy but is unaware of this fact. One can already find this type of agent in

Now, taking into account this historical context, let us consider what we called the twenty-first century *hybrid agent*, which, in terms of operational profile, is used in the same manner as the *shinobi no mono*, namely, we have an expert in strategy and tactics that can be infiltrated in an organization (*yo jutsu*) and who will be used to both gather critical information (the standard classical HUMINT aspect) and find the main vulnerabilities of the target organization and, if given the activation order, is capable of disrupting the organization from the inside using cyberattacks, compromising key employees, releasing compromising data, and/or launching a

Mirroring the setting of fire and the compromising of the intelligence cycle used in Medieval Japan, we now have the possibility of a long-term undercover operative to physically install malware and cyberweapons and hack critical systems to corrupt

Business, banking, healthcare, and government are particularly vulnerable sectors that can be hacked in this way. The businesses' use of ML-supported OSINT can be compromised by malware aimed at attacking the ML infrastructure and thus corrupt strategic decisions, business secrets, and strategically sensitive data which can be stolen to undermine a target country's business (state-sponsored corporate espionage) either by using these data for gaining a negotiation leverage, an R&D and competitive advantage or, simply, to disclose it, bringing losses to these

Companies and banking that employ platforms, in the new 4.0 paradigm, can have their platforms compromised by a *hybrid agent*, undermining the stakeholder

If there are corruption practices or any key figures in key business, banking and/ or political sectors fall prey to entrapment (even digital entrapment); then, this can be used to disrupt a country's business, banking, and even political sectors, even to turn the people against these sectors in well-orchestrated hybrid campaigns that use social networks to amplify the disruption effect. The principles behind this *economic and political warfare*, which is a key dimension of hybrid strategies, are expanded in

Our main point is that the new *hybrid agent* is a key player in making this type of hybrid operations effective. The reason for this is that while remote hacking, SIGINT, OSINT, and even *cyber intelligence* (CYBERINT) can be effective, the *hybrid operative* is more disruptive and may greatly enhance SIGINT, OSINT, and

Hacking an organization becomes exponentially more effective if it is done by someone who is undercover inside the organization, and this person can have direct access to an organization's critical systems and compromise them by physically installing malware. Social engineering also becomes easier and more effective if combined with direct personal interaction with human targets that can be hacked. Hacking colleagues' smartphones, for instance, and other IoT devices can lead to a new form of *unwitting agent*: the person who takes his/her devices everywhere, devices that can be accessed by the *hybrid operative* and used to record audio, video, geographical data, and other personal data. This means that conversations can be recorded, video can be recorded, and even personal data can be gathered and used

*DOI: http://dx.doi.org/10.5772/intechopen.88648*

some passages of the *Bansenshukai* [5].

fake content campaign against the organization.

detail in *T'ai Kung's Six Secret Teachings*.

CYBERINT; there are a few reasons for this.

to compromise a target individual.

key data and disrupt the organization's normal functioning.

• Living spies (who returned with their reports)

#### *Cyberspace and Artificial Intelligence: The New Face of Cyber-Enhanced Hybrid Threats DOI: http://dx.doi.org/10.5772/intechopen.88648*

In [26] these five types of spies are explicitly addressed with an in-depth analysis on the strategies and tactics that are involved in their usage.

To these five types, one can add another type, which holds a key value for the new hybrid operations' context: the unwitting agent, who is supplying information for the enemy but is unaware of this fact. One can already find this type of agent in some passages of the *Bansenshukai* [5].

Now, taking into account this historical context, let us consider what we called the twenty-first century *hybrid agent*, which, in terms of operational profile, is used in the same manner as the *shinobi no mono*, namely, we have an expert in strategy and tactics that can be infiltrated in an organization (*yo jutsu*) and who will be used to both gather critical information (the standard classical HUMINT aspect) and find the main vulnerabilities of the target organization and, if given the activation order, is capable of disrupting the organization from the inside using cyberattacks, compromising key employees, releasing compromising data, and/or launching a fake content campaign against the organization.

Mirroring the setting of fire and the compromising of the intelligence cycle used in Medieval Japan, we now have the possibility of a long-term undercover operative to physically install malware and cyberweapons and hack critical systems to corrupt key data and disrupt the organization's normal functioning.

Business, banking, healthcare, and government are particularly vulnerable sectors that can be hacked in this way. The businesses' use of ML-supported OSINT can be compromised by malware aimed at attacking the ML infrastructure and thus corrupt strategic decisions, business secrets, and strategically sensitive data which can be stolen to undermine a target country's business (state-sponsored corporate espionage) either by using these data for gaining a negotiation leverage, an R&D and competitive advantage or, simply, to disclose it, bringing losses to these businesses.

Companies and banking that employ platforms, in the new 4.0 paradigm, can have their platforms compromised by a *hybrid agent*, undermining the stakeholder confidence.

If there are corruption practices or any key figures in key business, banking and/ or political sectors fall prey to entrapment (even digital entrapment); then, this can be used to disrupt a country's business, banking, and even political sectors, even to turn the people against these sectors in well-orchestrated hybrid campaigns that use social networks to amplify the disruption effect. The principles behind this *economic and political warfare*, which is a key dimension of hybrid strategies, are expanded in detail in *T'ai Kung's Six Secret Teachings*.

Our main point is that the new *hybrid agent* is a key player in making this type of hybrid operations effective. The reason for this is that while remote hacking, SIGINT, OSINT, and even *cyber intelligence* (CYBERINT) can be effective, the *hybrid operative* is more disruptive and may greatly enhance SIGINT, OSINT, and CYBERINT; there are a few reasons for this.

Hacking an organization becomes exponentially more effective if it is done by someone who is undercover inside the organization, and this person can have direct access to an organization's critical systems and compromise them by physically installing malware. Social engineering also becomes easier and more effective if combined with direct personal interaction with human targets that can be hacked. Hacking colleagues' smartphones, for instance, and other IoT devices can lead to a new form of *unwitting agent*: the person who takes his/her devices everywhere, devices that can be accessed by the *hybrid operative* and used to record audio, video, geographical data, and other personal data. This means that conversations can be recorded, video can be recorded, and even personal data can be gathered and used to compromise a target individual.

*Cyberspace*

Infiltration came in two ways [5]:

term undercover agents

detail in the *Bansenshukai* [5].

• *Yojutsu*: which involved infiltrating the enemy in plain sight, that is, using long-

*In jutsu* was largely employed during the *Sengoku Jidai* and already included the conventional and unconventional, where the trained agents infiltrated the enemy ranks, usually at night and used fire and unconventional tactics to disrupt the enemy in a way that allowed for a well-timed conventional open attack to ensue. These were the precursors of battlefield hybrid operations and are documented in

*Yo jutsu* usually needed someone with some level of scholarship, namely, from the Samurai class. This was the long-term undercover operative, which not only gathered information just like any HUMINT specialist but also employed subversive maneuvers, disinformation, counterintelligence, and political manipulation. One finds an example of this in the *Bansenshukai* [5], which reportedly is an Iga manual, but that may also contain a synthesis of Iga and Koka knowledge, where it is stated that an agent needed to obtain and keep copies of the marks and seals of the lords of various castles so that these could be used to forge letters in order to incriminate a target for conspiracy. Using agents to frame key people sow discord among the enemy's ranks and even for assassination (in particular, through poisoning). Undercover operatives (using *yo jutsu*) were employed for disrupting the enemy's intelligence and decision-making process (disinformation), making false charges, spreading rumors (the dispersal of fake contents was already present in this period), and sowing domestic conflicts, discord, and doubts among the enemy's vassalage, as well as for setting fires or causing confusion among the enemy's castle in order for an open strike to occur. These are documented in the *Bansenshukai* [5] and are all parts of hybrid operations. Indeed, the play between the conventional and unconventional which is a key characteristic of *shinobi no jutsu* is strongly convergent with the two the major Chinese classics of strategy: *Sun Tzu's Art of War* and *T'ai Kung's Six Secret Teachings* [4], the latter which is considered in

• *In jutsu*: which involved stealing in, hiding from the enemy

[5, 7] a Chinese reference on what the Japanese called *shinobi no jutsu*.

• Local spies (employing of locals to gather information)

• Double agents (employing the enemy's agents)

• Living spies (who returned with their reports)

• Internal spies (employing people who hold government positions)

• Expendable spies (employed to spread disinformation outside the state; in the Japanese case, they used these in conjunction with the highly trained undercover operatives, which, due to their training, were not considered expendable but were, rather, high-valued assets that were used for what are today considered the core of hybrid warfare: disinformation, psyops, fake content and rumor spreading, sowing discord and unconventional strategies and tactics, besides spying per se)

The Japanese knew of both works, and they are referenced in the different Japanese classical texts on *shinobi no jutsu* [5–7, 25, 26]. In particular, Sun Tzu's five types of agents were employed and elaborated upon in terms of intelligence strategies and tactics in the context of the Japanese classics, and these five types are [4]:

**70**

With increasing sensorization of organizations, a successful *hybrid operative* can turn the organization's *sensorization* systems into his/her own listening devices. Furthermore, standard HUMINT can be combined with OSINT and SIGINT, where the *hybrid operative* can directly interact with a human target, hacking the target's devices, employing social engineering tactics, and then combining the cyber intrusion with fake social network accounts, managed by a remote team that may follow the target on such places as Facebook, Twitter, Instagram, and so on, further interacting with this human target, using the social media, private chat systems, and even video chat sessions with remote support team operatives, in order to manipulate the target and find the target's weaknesses, gaining the target's confidence and possibly compromising the target or using that target as an (unwitting) source of information.

The trained *hybrid operative* must then be:


From a CI standpoint this is a major threat on two fronts:


The second front is a major problem, since it opens up the way for new *hybrid warfare mercenarism*; just as the Iga and Koka *shinobi no mono* were employed as mercenaries, it also opens up the way for non-state-sponsored hybrid attacks from individuals or groups that have a cause or even just a grudge against a target, individuals, and groups who are skilled hackers that can perform similar operations as a *hybrid agent*.

In this sense, there can be three operational profiles for *hybrid agents* which mirror the three operational profiles for hybrid threats addressed in Section 2:


The three types of agents may coexist and constitute a major threat for countries' national security and defense; on the other hand, one may also recognize that, while constituting a threat, any state may take advantage of these three types of agents in its own operations, with particular relevance to types 1 and 3 as well as the

**73**

namely:

people's behaviors.

well-orchestrated *hybrid campaigns*.

*Cyberspace and Artificial Intelligence: The New Face of Cyber-Enhanced Hybrid Threats*

relevance of the tactical openings provided by the actions of type 2 agents. There is a fluid border between the three types, where agents can change their profile along

The question that can be raised is: *what responses need to be implemented in terms of CI to deal with the twenty-first century hybrid agent?* The answer is somewhat complex, in the sense that the threat landscape is changing with the exponential technological revolution that greatly enhances the disruptive power of the new hybrid HUMINT, which can synergistically combine traditional with high-tech methods to become one of the most disruptive forces in the new defense and security context, but, given an identification of major targets, in particular economic and financial targets (that may become key parts of economic, financial and political warfare), there are specific responses that need to come into play with some urgency. This forms part of our final reflection on the whole chapter and is integrated in the next

Throughout the chapter we laid out the profile as well as the current and foreseeable evolution of hybrid operations and hybrid threats (Section 2). We also addressed the issue of weaponization of cyberspace, the use of AI and data science, and the threat patterns of *cyber psychological operations* in the context of hybrid operations (Section 3), and, in Section 4, we introduced the concept of *hybrid agent*, evaluating its overall pattern of activity and threat to countries' defense and security. Some major points need to be highlighted, when dealing with *hybrid threats*,

• Operations on the virtual space can have physical consequences, even in the cases where the operation does not directly disrupt physical systems.

• Related to the previous point, behavioral hacking is a major component of *cyops* and can take advantage of the impact of fake contents, propaganda, disinformation, as well as strategic leaks of critical data, in order to affect

• *Gamification* and implementation of viral online *challenges* can support *terror games* that may gain a form of digital continuity, such that the game can be recovered anytime, even after the arrest of key individuals and groups, being perpetuated independently of what happens to the initiators of these *terror games*, and can be kept going by *bots* as well as by people willing to play the game, taking advantage of the dynamics between AIs and social media.

• A new form of operative, the *hybrid agent*, leads to an amplification of the synergy between HUMINT, SIGINT, and OSINT with HUMINT playing the nexus role, in which an undercover agent takes advantage of the physical presence on any given organization and employs classical HUMINT strategies and tactics along with hacking and *cyops* to enable and enhance the disruptive potential of

These are some major points that were addressed in detail in the previous sections. Now, as part of a final reflection, the question may be raised: *what to do about all this?* From the work developed throughout the sections, one thing becomes clear:

there is an urgent need for the strategic integration in key state and private

*DOI: http://dx.doi.org/10.5772/intechopen.88648*

section, which concludes the chapter.

**5. A final reflection and possible responses**

the course of their activities.

*Cyberspace and Artificial Intelligence: The New Face of Cyber-Enhanced Hybrid Threats DOI: http://dx.doi.org/10.5772/intechopen.88648*

relevance of the tactical openings provided by the actions of type 2 agents. There is a fluid border between the three types, where agents can change their profile along the course of their activities.

The question that can be raised is: *what responses need to be implemented in terms of CI to deal with the twenty-first century hybrid agent?* The answer is somewhat complex, in the sense that the threat landscape is changing with the exponential technological revolution that greatly enhances the disruptive power of the new hybrid HUMINT, which can synergistically combine traditional with high-tech methods to become one of the most disruptive forces in the new defense and security context, but, given an identification of major targets, in particular economic and financial targets (that may become key parts of economic, financial and political warfare), there are specific responses that need to come into play with some urgency. This forms part of our final reflection on the whole chapter and is integrated in the next section, which concludes the chapter.
