In the twenty-first century, transnational relations—the movement of people, goods, and information across borders—have expanded dramatically. This interconnectedness, driven by globalization and digital connectivity, has blurred traditional boundaries between nations and enabled threats to spill across borders in unprecedented ways. States today face security challenges that are no longer confined to one nation’s territory or jurisdiction. New actors—ranging from organized criminals and smugglers to hackers, terrorist cells, and disinformation networks—operate transnationally, taking advantage of gaps between national laws and international norms.1 These diverse groups often thrive in legal and operational gray zones: spaces where their activities fall between peace and open conflict, exploiting ambiguities in international law and differences in enforcement across countries. As a result, they can destabilize societies and undermine national security without triggering conventional military responses.

Understanding how increasing transnational activity presents new dangers requires examining the rise of these non-state actors, the unconventional tactics they employ, and the complex challenges governments face in responding. In particular, smugglers, cyber hackers, disinformation campaigners, and terrorist networks have emerged as significant asymmetric threats. They flourish in the shadows of globalization, often acting as proxies or tools in broader “hybrid warfare” strategies that blur the line between war and peace2. To address these challenges, states must navigate delicate legal terrain and form coordinated international responses.

From the end of the twentieth century onward, non-state actors have gained unprecedented reach and influence in international affairs3. Global trade, migration, and digital communication—ranging from global mass media to encrypted online platforms—expanded rapidly, empowering networks that operate outside traditional state controls. Criminal syndicates, militant groups, and other illicit organizations found it easier to extend their operations across borders, linking regions and continents through well-organized networks.

This surge of transnational activity introduced a new “gray zone” into global security: an intermediate space between open peace and declared war. In this zone, hostile actions are real and harmful, yet they often remain below the threshold that would trigger a conventional military response. The actors in question deliberately exploit this ambiguity. They engage in aggression or subversive behavior that falls just short of overt armed conflict, knowing that targeted states will struggle to respond without clear legal justification or international consensus. In effect, these non-state groups chip away at the state’s monopoly on force and influence, forcing governments to contend with security threats that defy traditional categories.

The gray zone presents both legal and operational dilemmas for nation-states. Activities in this realm are difficult to classify neatly as either criminal acts or acts of war. For instance, a massive cyberattack originating abroad can cripple critical infrastructure, but it is not easily categorized as a traditional armed attack. Similarly, the spread of propaganda and disinformation across borders may destabilize societies and influence elections, yet it can be dismissed by perpetrators as merely exercising free expression4. These examples highlight how transnational actors manipulate gaps in international law and exploit jurisdictional seams. Each state’s laws end at its borders, but transnational threats treat borders as irrelevant. A group can plan in one country, operate in another, and hide assets in a third, fragmenting the enforcement efforts of any single government.

States finding their security undermined in this way are often hesitant to escalate to military force, especially when the aggression is denied or concealed behind proxies. This reluctance further encourages adversaries to remain in the gray zone, where they can press their advantage without facing a unified international response. Transnational threats manifest in various forms, each illustrating how non-state actors wage conflict by unconventional means.

Many of these actors serve as instruments in broader hybrid warfare campaigns, either by colluding with state sponsors or by taking advantage of instability for their own ends. Four prominent categories—smuggling rings, cyber hackers, disinformation networks, and terrorist organizations—demonstrate the range of challenges faced by states. In such hybrid warfare strategies, an adversary blends conventional military force with irregular tactics—covert operations, cyber attacks, subversion, and propaganda—to destabilize a target while avoiding full-scale war. All of these methods are fundamentally asymmetric: they allow weaker groups to inflict outsized damage by evading the strengths of more powerful adversaries.

Transnational smuggling networks—ranging from drug cartels and arms traffickers to human smugglers—exploit globalization for profit and power, moving illicit goods and people across borders. They coordinate complex routes through multiple countries and thrive on disparities between legal systems and enforcement capabilities, operating especially where governance is weak or corruption is rife. In conflict zones or sanctioned economies, smugglers can become lifelines for weapons and contraband, effectively arming rebel groups or circumventing international embargoes. As a result, smuggling networks sometimes act as force multipliers in hybrid conflicts.

A state adversary might covertly encourage drug or arms trafficking to destabilize a rival society by fueling violence and criminality. Even without direct state involvement, the sheer scale of transnational organized crime can undermine state authority. Smugglers weaken borders and the rule of law, straining judicial and security institutions while generating revenue that can fund further insurgent or extremist activity. For example, mass movements of people facilitated by smuggling have at times been weaponized to create political pressure, as sudden influxes of migrants can strain destination countries.

Likewise, the international drug trade not only enriches cartels but also fuels violence and addiction in far-off communities. Illicit arms flows brokered by these networks have prolonged conflicts in various regions, illustrating how criminal smuggling operations can magnify instability. The actions of these profit-driven groups exemplify how a non-state actor can inadvertently become an asymmetric threat to nations, eroding stability from within.

Cyber attackers represent another critical transnational threat, often acting as both criminals and potential instruments of state-driven conflict. Skilled hackers can penetrate financial systems, government databases, power grids, and other critical infrastructure from thousands of miles away. Because the internet is borderless, a small team of hackers—or even a lone individual—can cause damage disproportionate to their size. A single breach can, for instance, compromise the personal data of millions or force critical services offline—outcomes once achievable only by a large military or intelligence operation5. This makes cyberattacks a quintessential asymmetric tactic. Some hacker collectives operate purely for financial gain, stealing data or ransoming systems worldwide.

Others align with political or ideological causes, launching attacks to make a statement or to advance the agenda of a terrorist or activist group. Perhaps most concerning are state-sponsored hackers: operatives working indirectly for governments to spy, disrupt, or sabotage adversaries under a veil of deniability. Indeed, some governments have been accused of quietly tolerating or even contracting private hacker gangs to attack their adversaries, blurring the line between financially motivated cybercrime and strategic espionage. In a hybrid warfare scenario, cyber operations might precede or accompany physical aggression, softening targets by paralyzing communications or sowing confusion. Yet attribution of cyberattacks is notoriously difficult.

Attackers route through multiple countries and exploit anonymous networks, making it hard for victims to conclusively identify the perpetrator. This ambiguity hampers retaliation and enables cyber hackers to continually harass and weaken more powerful states without provoking a full-scale armed response.

Alongside physical and cyber attacks, information itself has become a weapon for transnational actors: disinformation networks spread false or misleading content across borders to influence public opinion, exacerbate social divisions, and undermine trust in institutions. These networks may consist of state-run media outlets pushing propaganda, as well as armies of automated social media accounts (“bots”) and paid trolls that amplify specific narratives. Misleading news stories or doctored images can be disseminated globally within hours, eroding the line between truth and falsehood in target populations. Disinformation campaigns are a core component of modern hybrid warfare, allowing aggressors to weaken an adversary internally without firing a shot.

A foreign power might use covert outlets to sway election outcomes in another country, as seen in several high-profile foreign election meddling incidents, or to create confusion and discord. Major democracies in recent years have grappled with evidence of such interference in their political processes, highlighting that disinformation campaigns are not mere propaganda—they constitute a national security concern. Terrorist groups have also leveraged online platforms to spread their ideology, recruit fighters internationally, and incite lone-wolf attacks abroad.

What makes disinformation especially challenging is its intangible nature. Lies and rumors cannot be confronted with force; countering them requires time-consuming efforts in public education, media literacy, and international cooperation among tech companies and governments. Meanwhile, the rapid spread of disinformation strains the open information environment that democracies depend on, turning freedom of speech into a vulnerability that hostile actors eagerly exploit.

In addition to these clandestine tactics, transnational terrorism remains one of the most visible and violent gray-zone threats. A watershed moment underscoring this threat was the September 11, 2001 attacks against the United States, where the Al-Qaeda network managed to kill thousands and shock the world with an operation directed from abroad6. Terrorist organizations like Al-Qaeda, the so-called Islamic State (ISIS), and their offshoots have since demonstrated the ability to strike far from their base of operations, drawing recruits and resources from around the world. These groups flourish in ungoverned or weakly governed spaces—failed states, remote regions, or active war zones—where they establish training camps, safe havens, and illicit funding streams.

Often, these groups finance their operations through a global web of criminal enterprises—trafficking narcotics, smuggling oil, or trading in looted antiquities—and they exploit modern financial channels to move money. Front charities, informal cash transfer networks, and even cryptocurrencies enable terrorists to launder funds and purchase arms with less risk of detection, complicating international efforts to cut off their resources. From these hubs, they project fear globally: coordinated attacks have hit major cities on multiple continents—London, Madrid, Mumbai, Nairobi, and beyond—proving that no country is beyond their reach.

Terrorist networks exemplify asymmetric warfare. They know they cannot defeat national militaries in open battle, so they resort to spectacular acts of violence targeting civilians, symbolic landmarks, or vulnerable public spaces. The aim is psychological impact: to terrorize populations, grab international headlines, and coerce governments into political concessions or overreactions. Modern terrorist groups are highly adaptive, using encrypted communication, online fund transfers, and social media for both operational coordination and propaganda.

This adaptability, combined with their transnational reach, often puts them beyond the full grasp of any single state’s law enforcement. International counterterrorism efforts have had successes—leadership decapitations, financial disruptions, territorial gains against insurgents—but these can scatter the threat rather than eliminate it. Major cities across Europe and Asia have hardened their defenses and improved intelligence-sharing, yet as long as underlying grievances and ideological motivations persist, terrorist networks can regroup or inspire new extremist movements. This means states must remain vigilant and cooperate in intelligence sharing and other counterterrorism measures.

Collectively, the activities of smugglers, hackers, propagandists, and terrorists amount to a multi-front assault on national and international stability. Recent conflicts have illustrated this convergence. In Eastern Europe, for example, state-sponsored hackers and propaganda outlets have operated in tandem with covert military incursions, creating confusion and paralysis in the targeted country. In the Middle East, proxy militias have been armed via international smuggling routes and bolstered by online extremist propaganda, blurring the lines between local insurgency and broader ideological war.

A government today might simultaneously confront an influx of illicit drugs, a crippling cyber sabotage of its power grid, a barrage of false narratives eroding public trust, and the threat of terrorist violence. This overwhelming combination can stretch even well-prepared states to the breaking point, which is precisely the aim of hybrid warfare when these elements are deliberately synchronized. Even when not explicitly coordinated by a single hand, the convergence of disparate threats tests the limits of traditional defense mechanisms. It underscores the urgency for states to innovate and to work together across borders, because no nation can handle such a broad spectrum of dangers entirely on its own.

Faced with threats that ignore borders and traditional rules, states have been forced to adapt their security strategies and seek stronger international cooperation. No single country, however powerful, can single-handedly eliminate transnational networks of smugglers, hackers, propagandists, or terrorists. As a first step, many governments have updated domestic laws and restructured agencies to better address these unconventional dangers. Several countries have established special cyber defense units or fusion centers to streamline coordination, and new legislation has been enacted to criminalize emerging threats—such as online hate propaganda, foreign fighter travel, or cyber sabotage—with stronger penalties.

Intelligence services, law enforcement, and even military units now coordinate more closely to track and counter non-state actors operating in the shadows. Cybersecurity teams work alongside traditional defense departments, and financial regulators monitor money flows to disrupt criminal and terrorist financing. Governments are also investing in educating the public—teaching citizens to recognize false news, to practice good cyber hygiene, and to remain vigilant against extremist recruitment—because an informed and resilient society is an important line of defense against unconventional threats. Such measures reflect a recognition that rigid distinctions between crime and war no longer hold in an era of hybrid threats.

However, even the best domestic preparation means little without international collaboration, because transnational adversaries can always exploit the weakest link in the chain of nations. To combat this, states have formed alliances and cooperative bodies targeting specific threats. Multilateral initiatives have arisen to share intelligence on terror cells, coordinate sting operations against trafficking rings, and jointly improve cybersecurity standards. For example, cross-border task forces and institutions like Interpol, Europol, or regional security partnerships facilitate the exchange of information and align strategies against common enemies.

The private sector is also being mobilized: banks and financial institutions now work with governments to trace illicit money flows across borders, while major tech and social media companies coordinate with authorities to curb terrorist propaganda and disinformation on their platforms. Diplomatically, countries are negotiating treaties and agreements to address gaps in jurisdiction. These include extradition treaties for cybercriminals, accords on suppressing online hate speech and extremist content, and collective commitments to penalize states that harbor or sponsor malicious actors. Still, enforcement of such commitments is difficult. Countries accused of harboring hackers or militants typically deny involvement, and political alliances often prevent unanimous action against them. The idea is to deny safe havens to transnational criminals and ensure that no actor can escape accountability by simply moving operations to a friendlier jurisdiction.

Yet significant challenges hamper a unified response. One major obstacle is the lack of consensus on norms and definitions. Nations do not always agree on what constitutes acceptable behavior in the gray zone; for instance, one government’s propaganda channel might be another’s legitimate media outlet, or a hacker group condemned by some states might be covertly employed by others. They may not even agree on who the enemy is: a group regarded as a terrorist organization by one nation might be seen as a legitimate resistance movement—or a convenient proxy—by another, complicating joint action.

Disagreements over internet governance, data privacy, and the limits of sovereignty in cyberspace prevent the establishment of clear international rules for cyber warfare or information operations7. Democratic societies often struggle to reconcile a free, open internet with security needs, while authoritarian regimes push for state control in the name of combating these threats. These differing philosophies make it even harder to establish common rules. Geopolitical rivalries further undermine cooperation: great powers are often reluctant to constrain tools like cyber espionage or online influence campaigns that they themselves use. This dynamic creates a clear trust deficit. Nations can be quick to accuse one another of hypocrisy—for instance, covertly supporting certain hackers or militias while decrying them in public forums—which fractures the unity of effort.

Even when states do agree on taking action, legal and ethical dilemmas arise. Democracy and rule-of-law values can clash with the urgency of neutralizing threats. How far should governments go in the surveillance of communications to catch terrorists or stop disinformation? Measures like mass data collection, aggressive online censorship, or undercover operations test the balance between security and civil liberties. Responding to a gray-zone attack also risks escalation.

Complicating matters further, international law has not yet clearly defined when a cyber or information operation constitutes an “armed attack” worthy of self-defense, leaving governments unsure how far they can lawfully go in retaliation8. Thus, national leaders must carefully calibrate responses—using sanctions, indictments, diplomatic pressure, and targeted cyber counter-operations—trying to punish bad actors without tipping into open war. It is a delicate balancing act, requiring both resolve and restraint.

In the face of these difficulties, some progress has been made. International coalitions have achieved notable victories, from coordinated crackdowns on global drug cartels (in one case involving law enforcement agencies from dozens of countries) to joint cyber defense exercises that bolster collective preparedness. Information-sharing networks have foiled terrorist plots that no single agency could have uncovered alone. Over time, states are also learning from each other’s experiences; best practices in countering radicalization, securing critical infrastructure, or debunking false narratives are gradually being adopted across borders9.

Equally important, international forums and research collaborations have intensified focus on these issues. Military alliances, academic institutions, and think tanks regularly convene to study hybrid warfare and transnational crime, fostering a shared understanding and developing innovative countermeasures. Yet for every success, new adaptations by adversaries emerge. The transnational threat landscape is dynamic: as soon as one method is contained, another can rise, often enabled by evolving technology or political shifts. This reality keeps pressure on states to remain agile and united in their approach.

In short, security in the contemporary world is an inherently transnational affair: no nation is truly isolated from the ripple effects of conflicts and covert assaults beyond its borders. Ultimately, the struggle to manage transnational threats is a test of the international community’s ability to uphold order in a borderless world. It demands innovation in policy and persistence in cooperation10. This challenge is unlikely to fade; if anything, as global connectivity deepens, these gray-zone threats may grow even more sophisticated. States must continue to bridge gaps in law and strategy, strengthening both their internal defenses and their willingness to work together. Only by combining resources, sharing knowledge, and standing firm on common principles can nations hope to mitigate the dangers posed by those who exploit the gray areas of globalization for destructive ends.

Bibliography

1 United Nations Office on Drugs and Crime (UNODC), "Organized Crime".
2 Tarık Özcan, “NATO’s Battle Against Hybrid Threats and AI-Driven Terrorism,” Meer, 13 April, 2025.
3 Magdalena Bexell, Jonas Tallberg, and Anders Uhlin, “Democracy in Global Governance: The Promises and Pitfalls of Transnational Actors,” Global Governance 16, no. 1 (2010): 81-90.
4 Tomasz Chłoń, Robert Kupiecki, and Filip Bryjka, International Disinformation: A Handbook for Analysis and Response (Leiden: Brill Nijhoff, 2024), 99–130.
5 Chłoń, Kupiecki, and Bryjka, International Disinformation, 107-110.
6 Tarık Özcan, “NATO’s Battle Against Hybrid Threats and AI-Driven Terrorism,” Meer, 13 April, 2025.
7 Chłoń, Kupiecki, and Bryjka, International Disinformation, 111-125.
8 Brookings Institution, “As Criminals Adapt to New Technology, So Must International Law,” 2017.
9 Chłoń, Kupiecki, and Bryjka, International Disinformation, 124.
10 Critical Inquiry, “Is This a Dress Rehearsal?” March 26, 2020.