The paper aims to assess the impact of hybrid threats on the performance of the business environment of the European Union countries. Hybrid threats were represented by six threats and their consequences, namely unavailability of ICT services due to hardware or software failure, unavailability of ICT services, unavailability of ICT services due to external attack, destruction or corruption of data due to malware infection or unauthorised intrusion, disclosure of confidential data due to intrusion, pharming, phishing attack or deliberate action of own employees, disclosure of confidential data due to negligent action of own employees. The performance of the business environment was assessed through the Country Competitiveness Index. The results showed that our selected threats and their consequences had a statistically significant impact on the performance of the business environment. We observed an adverse effect for unavailability of ICT services due to hardware or software failure, destruction, or corruption of data due to mal-ware infection or unauthorised intrusion, and disclosure of confidential data due to intrusion, pharming, phishing attack, or deliberate actions of own employees. Positive impacts on business environment performance were observed for unavailability of ICT services (insider attack), unavailability of ICT services due to external attacks and disclosure of confidential data due to negligent actions of own employees.