US Power Grid Vulnerability Paints an Attractive Target for Beijing, Expert Says

Udumbara Udumbara
Jul 23, 2025 - 10:09 Updated: Jul 22, 2025 - 17:41
0
US Power Grid Vulnerability Paints an Attractive Target for Beijing, Expert Says
.
News Analysis

A preponderance of public information has focused attention on the glaring U.S. national security risk posed by America’s own electrical grid, especially in the face of potential sabotage by communist China.

Crippling attacks on U.S. critical infrastructure carried out physically, by hackers, or a combination of the two, are likely well within the capabilities of the Chinese regime, and Beijing appears to be studying the matter keenly.

Erika Langerová, a cybersecurity researcher with the Czech Technical University in Prague, noted in a recent study that the large amount of technical literature by Chinese researchers focuses on the potential power grid failure in the United States and Europe, often in explicit terms.

Weaknesses in the U.S. power grid have long been known, with government agencies and other organizations warning that just a small number of well-planned attacks could rapidly cut off electricity nationwide. In recent years, hacker groups affiliated with the Chinese Communist Party (CCP) have been discovered repeatedly infiltrating U.S. utility companies’ networks.

Langerová’s study found more than 500 academic papers by Chinese authors on the topic, including 367 papers concerning the U.S. electrical grid and 166 about European systems.

“Terms like ‘cascading failure,’ ‘outages,’ and ‘vulnerability’ were clearly heavily present” in the Chinese academic papers, which over the years has formed a “vast body of detailed, simulation-based research on how to destabilize Western power grids,” according to the report, published by U.S.-based nonprofit Homeland Security Today on July 9.

Simulation-Based Research on Destabilizing Western Grids

Late in April, a voltage surge led to a massive blackout that affected more than 50 million people across most of Spain and Portugal for approximately 10 hours. The event highlighted the vulnerability of modern electrical infrastructure, especially in an age of increased digitization and accommodation of new energy sources.

In her study, Langerová expressed concern about the nature of the Chinese-authored studies, which she said suggest a “deliberate and sustained effort to build a playbook for disruption.”

“Across dozens of publications, Chinese researchers study how failures propagate through the Western power grids, how critical nodes or links can be identified and targeted, and how to optimize the effectiveness of these attacks,” she wrote.

Langerová observed that all of the Chinese-authored papers she examined were either published in prestigious academic journals or conference proceedings, meaning that these were serious technical studies that underwent rigorous peer review.

.

Fans walk through the dark gangways during a general power blackout during Day Seven of the Mutua Madrid Open at La Caja Magica, in Madrid, Spain, on April 28, 2025. Clive Brunskill/Getty Images
.
In one representative example—a 2014 paper, titled Cascading Failures in Power Grid Under Three Node Attack Strategies—researchers at Zhengzhou Normal University in central China came to the “counterintuitive finding” that in a hypothetical attack on the U.S. power grid, sabotaging the “nodes with the lowest loads is more harmful than the attack on the ones with the highest loads.”
Another study, published online in 2019 and titled Electric Power Grid Invulnerability Under Intentional Edge-Based Attacks, found that “the US power grid is inferior in invulnerability.”

“The methods used in this paper could be used to identify the vulnerable edges of complex networks, especially for the key infrastructures,” the authors, researchers at southern China’s Guangzhou University, wrote.

A 2018 publication titled “Structural Vulnerability of Complex Networks Under Multiple Edge-Based Attacks,” by researchers at multiple Chinese colleges, further discusses various hypothetical “edge-based attacks” on the Italian power grid and U.S. airport networks.
In early April, The Wall Street Journal reported that at an alleged secret meeting between Chinese and U.S. officials last year in Geneva, a Chinese official indirectly admitted that the CCP was behind “years of intrusions into computer networks at U.S. ports, water utilities, airports and other targets.”

The Chinese official allegedly implied that the escalating hacking activity was due to Washington’s growing support for Taiwan, the democratically governed island that Beijing claims as a part of communist China.

.

Deputy Attorney General Rod Rosenstein speaks at a press conference about Chinese hacking at the Justice Department in Washington on Dec. 20, 2018. Nicholas Kamm/AFP/Getty Images
.

Prepositioned Infiltration by Chinese Hackers

Though none of the research projects Langerová scrutinized were directly linked to CCP-sponsored activity, “the convergence between academic research and real-world capability cannot be ignored,” she wrote.

“Chinese cyber operators have already proven capable of gaining access to the very same real systems,“ she noted. ”Whether or not they plan to act, the mere existence of such capability demands serious defensive preparation.”

Hacker groups affiliated with the CCP have repeatedly infiltrated U.S. critical infrastructure in recent years, according to various security reports.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) wrote in a Feb. 7, 2024, advisory that Chinese “state-sponsored cyber actors are seeking to pre-position themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States.”

The intensifying activities of these and multiple other Chinese hacker organizations have prompted efforts by the U.S. government to beef up defenses. In May 2020, President Donald Trump, then in his first term, issued an executive order aimed at curbing foreign influence in the U.S. power grid.

In March this year, Dragos, an industrial cybersecurity company, released a report describing how one Chinese hacking organization, dubbed “Volt Typhoon,” gained access to a local utility provider in Massachusetts in early 2023 and retained access for 10 months.
That year, Volt Typhoon was also found to have compromised critical infrastructure organizations on the island of Guam, which hosts a major U.S. military presence. The hackers aimed to exfiltrate security data while learning more about the targeted networks, according to a May 2023 Microsoft report on the incident.

In its 2024 advisory, the CISA noted “indications of Volt Typhoon actors maintaining access and footholds within some victim IT environments for at least five years.”

Eric Goldstein, CISA executive assistant director, told Reuters in 2023 that in many cases, “the adversary is often using legitimate credentials and legitimate network administration tools to gain access to execute their objectives on a target network,” making it difficult to find the intruders via conventional methods such as antivirus software.
Another Chinese hacking unit, known as “Salt Typhoon,” has similarly gained access to U.S. mobile carriers’ networks, as described on the website of infrastructure security company Eclypsium.
.
Read More