Creeping Shadows on Sleeping Currents Chinese Intrusion and the U.S. Power Grid Decade 2009-2023

Creeping Shadows on Sleeping Currents Chinese Intrusion and the U.S. Power Grid Decade 2009-2023

There have indeed been several reported cases of intrusion into the U.S. power grid by China. The most high-profile case came in 2009, when the Wall Street Journal reported that foreign hackers had infiltrated the U.S. power grid and found traces of a jamming program in the system. Intelligence officials believed that state-sponsored groups from China and Russia were involved, and although no immediate damage was done, the incident was highly alarming as a stepping stone to future cyber attacks.

In 2012, phishing and network traversal attempts were made against several electric utilities, including those in the Rayleigh, NC area, and access from IP addresses that appeared to originate in China was reported. Again, no direct damage was observed, but there were traces of a secure and monitored intrusion route.

Furthermore, the SolarWinds incident, which came to light at the end of 2020, talked about a large-scale intrusion by hackers mainly of Russian origin, but Chinese hacker groups were also found to have been active in parallel. Although power infrastructure was not a direct target, power-related companies were included in the scope of damage, highlighting the reality of widespread state-sponsored cyber activities.

Then, in 2023, Operation Volt Typhoon, announced by the US National Security Agency and the FBI, garnered much attention. This involved Chinese government-sponsored hackers who were preparing to sabotage critical infrastructure such as telecommunications, power, and water systems in the continental United States in the event of an emergency by conducting surreptitious intrusions. The group did not use malware, but instead used living off the land tactics that utilized existing administrator software, making them difficult to detect. The Pacific region, including Hawaii, was reportedly the primary target, and the group was reportedly building a foothold in the network that would allow for immediate sabotage in the event of an emergency.

From these examples, it is clear that the U.S. power grid and infrastructure are being strategically targeted by state-sponsored hacker groups, including China. To date, there have been no reported cases of damage that actually caused power outages, but the U.S. government is responding to this threat as one of its top national security priorities, with cyber reconnaissance and wartime blitzes in mind as it continues its incubation.