A hybrid threat is a coordinated mix of military and non-military pressure used to influence or destabilize a target. It can combine cyberattacks, espionage, disinformation, economic coercion, sabotage, and other actions so the impact is wider than any single tactic.
In cyber security, hybrid threats matter because the digital part is often only one layer of the campaign. An attacker may use phishing, credential theft, DNS manipulation, or compromise of internet-facing devices to support propaganda, disrupt services, or gather intelligence. Defenders should treat these campaigns as both technical and operational problems: monitor identity abuse, harden exposed systems, verify logs and network settings, and prepare incident plans that include communication and misinformation handling. The goal is resilience, not just malware cleanup.