An earlier version of this analysis was first published on my LinkedIn and prompted significant international interest and feedback. I am republishing the original analysis here, while using this opportunity to provide additional clarification on what motivated the study in the first place. The text below reproduces the original analysis as it was published on my LinkedIn on 19 June 2025. Compared to the original post, the text has been expanded to include a note on the links between the studies and Chinese military and intelligence institutions. An FAQ section addressing the main questions that emerged following publication of the study is provided at the end of the text.
June 19, 2025
Over the past several weeks, I’ve been conducting a large-scale bibliometric study on publicly available Chinese academic literature related to hacking and crashing Western power grids. In this article, I’m sharing the main findings of that study.
EDIT (24.6.2025, 10:42 CET): All of the Chinese academic articles I examined are either scientific, peer-reviewed articles published in impact-factor journals (mostly Western publishers), which go through independent review by at least three independent reviewers before being published; or conference proceedings which are also reviewed. In this case, it is not possible for something to be presented by Chinese merely to incite fear or to confuse us— impacted technical scientific literature simply does not work that way.
What I found is a vast body of technically advanced work. Across dozens of publications, Chinese researchers study how failures propagate through the Western power grids, how critical nodes or links can be identified and targeted, and how to optimize the effectiveness of these attacks. In many cases, simulations are conducted specifically to identify the minimal effort or cost required to trigger a large-scale outage or systemic collapse. Many papers simulate targeted or hybrid attacks, such as node removal, edge overload, or false data injections. Several studies explicitly focus on identifying the most effective attack vectors under constraints such as limited resources, partial system knowledge, or time sensitivity. Some publications models control algorithms that minimize the number of manipulated nodes needed to induce power grid-wide failure.
This research conducted by Chinese researchers on Western power grids models alone would already be cause for concern. But paired with what we know from real-world Chinese cyber operations like Volt, Flax and Salt Typhoon, the picture becomes much more concerning. Over the past years, U.S. officials have confirmed that Chinese hackers have infiltrated American critical infrastructure, and that they were prepositioning for future disruption. Similar concerns regarding infiltration of critical infrastructure are beginning to surface in Europe, although the confirmed intrusions remain less public.
What amplifies this threat even further is how deeply Western energy infrastructure is being built on Chinese-made technologies. From solar inverters to battery energy storage systems, critical components of the green transition increasingly rely on Chinese hardware and software solutions – often with remote access capabilities – to the point where we might as well call it the Red Deal instead of the Green Deal. This growing dependency could serve as a force multiplier for the attacks modeled in these very publications.
The warning signs are clear. Chinese scholars have built a vast body of detailed, simulation-based research on how to destabilize Western power grids, meanwhile Chinese cyber operators have already proven capable of gaining access to the very same real systems. Whether or not they plan to act, the mere existence of such capability demands serious defensive preparation.
Research That Should Raise Red Flags
My analysis started with the Scopus academic database, filtering for Chinese-authored publications that included the keyword ‘power grid’ alongside keywords pointing to foreign power grids, such as ‘U.S.’ or ‘Europe’. The numbers alone were telling: 367 publications focused on the U.S. grids, and 166 on the European grids, authored over the last two decades.
To get a clearer picture of the research themes, I used automated tool for bibliometric analysis called VOSViewer to examine the keywords used across the publications. This involved identifying which terms appeared most frequently and which ones commonly occurred together. The goal was to uncover patterns in how Chinese researchers approach the topic of foreign power grids. When I visualized the keyword map, a troubling pattern emerged: terms like “cascading failure,” “outages,” and “vulnerability” were clearly heavily present, see the screenshot below for an example.
While the keyword analysis revealed a worrying trend, the real insight came later through a closer examination of the papers themselves. To move beyond surface-level analysis, I manually reviewed the full text of publications that contained the most concerning keywords—particularly those suggesting an interest in disruption, attacks, failures and vulnerabilities.
Example of a keyword co-occurrence map based on Chinese-affiliated publications referencing the U.S. Power Grid (367 scientific papers, filtered to 167 unique keywords), notice the problematic terms like “cascading failure”, “outages” or “vulnerability” marked in red
Let the Papers Speak
The list “Selected statements from the manually reviewed Chinese academic literature (non-exhaustive)” in the chapter below presents a selection of direct statements from Chinese-authored research papers that I manually reviewed. I chose to include the original statements from these publications so readers can see for themselves what is being studied. The intent behind these studies may be debatable, but the content itself is not.
Many of these studies openly describe how to identify the most critical nodes in the power grid, simulate targeted failures, or inject malicious data to mislead control systems. Others go further, modeling how to trigger cascading blackouts to destroy the power grid. What these papers focus on, how they’re structured, and the language they use make clear that many are systematically analyzing how to crash or destabilize power grids. The most troubling thing is that they are using realistic U.S. and European power grid models as test cases.
Some might argue that these realistic Western power grid models are widely used in the scientific community as standardized benchmarks for testing. That is true. And it makes perfect sense for Western researchers to use them as benchmarks, after all, these systems reflect their own infrastructure and help evaluate how attacks or deterrence methods would perform in real-world conditions. But for Chinese researchers, the same logic doesn’t hold.
China’s power grids are fundamentally different from those in the West—in its physical architecture, grid topology, energy mix, market design, and even regulatory framework. Simulating attacks or cascading failures on Western grid models tells Chinese researchers little about how their own power grid would behave. So, the question remains: why such intense focus on our power grids?
If the intentions were purely theoretical or methodological, one would expect Chinese researchers to apply their simulations to Chinese power grid models, or at least neutral, abstract power grid models. And yes, those generic country-agnostic models exist. Instead, we see repeated use of real-world Western infrastructure.
Another thing is that while Western researchers typically simulate an attack and then propose countermeasures, many (though not all!) Chinese studies carry out the attack without subsequently suggesting any countermeasures.
Connections to Chinese universities linked to defence and intelligence institutions
Another aspect that deserves attention is who is producing this research. A closer look at author affiliations shows that many of these papers are written by researchers from institutions with documented links to China’s defence, military, or intelligence ecosystem. This includes universities identified as high or very high risk for defence involvement, as well as researchers employed by state-owned grid operators.
Several studies* are authored by researchers affiliated with the National University of Defense Technology and the Nanjing University of Science and Technology, both institutions publicly identified by ASPI China Defence Universities Tracker as closely connected to China’s military research and military-civil fusion programmes. Other papers originate for example from Tsinghua University and Dalian University of Technology, which maintain long-standing cooperation with defence-related authorities according to ASPI China Defence Universities Tracker. In addition, a number of publications are authored by staff of State Grid Corporation of China or China Southern Power Grid, state-owned enterprises that operate China’s transmission and distribution infrastructure.
The institutional context matters. When detailed research on how to destabilise Western power grids is produced within organisations that are structurally tied to national defence or intelligence, it becomes difficult to view this work as purely academic or detached from real-world application and CCP’s statecraft strategies.
* See examples from:
the National University of Defense Technology
the Nanjing University of Science and Technology
the Tsinghua University
the Dalian University of Technology
the State Grid Corporation of China
the China Southern Power Grid
Deterrence Begins with Recognizing That Capability Outweighs Intent
What makes this research body particularly concerning is not just the technical detail, but the fact that it is being conducted on a scale, over a span of years, and using real Western power grid data from publicly accessible models. It suggests a deliberate and sustained effort to build a playbook for disruption, whether or not it is ever put into practice.
It is important to stress that these are open-source publications, and no direct operational linkage to Chinese state-sponsored activity is implied. However, in the context of confirmed intrusions into Western critical infrastructure by Chinese actors, and ongoing concerns about prepositioning for future disruption, the convergence between academic research and real-world capability cannot be ignored. At the same time, the risk is amplified by the West’s growing dependence on Chinese-made technologies in the energy sector, which increases the attack surface and creates dependencies that may be strategically exploited.
The intent may remain uncertain, but the capability is now well-documented. They look prepared. Are we?
And one last point: this is just the publicly available stuff. Makes you wonder what they’re working on behind closed doors.
Full text of the study available at request:
erika.langerova [at] cvut [dot] cz
Selected statements from the manually reviewed Chinese academic literature (non-exhaustive)
“Hence, in this paper the several functions to determine the importance of nodes in a complex network were adopted to search for the destructive nodes in a power grid. The node data from Western United States power gridwas taken as an example.”
Source: Selection of the Disruptive Nodes to Destroy Power Grid
“In this paper, US power gridwith 4941 nodes and 6594 edges is taken as examples. The network is attackedby deleting some percent nodes … The simulation results show that, in view of the largest connected component G and efficiency E, Betweenness Centrality-based attack is most destructive to the network structure than other attacks, and the attack based on Aggregation coefficient is the least destructive.”
Source: Structural Vulnerability of Power Grid Under Malicious Node-Based Attacks
“In this paper, taking the US power gridas an example, by deliberately deleting some percent of edges according to different strategies which represents different attacks apparently,we calculate the collapse degree of the attacked network by three metrics. We found that, under intentional attackon the edges with higher betweenness centrality and the ones with larger multiplication of node betweenness centrality, the US power grid is inferior in invulnerability. The methods used in this paper could be used to identify the vulnerable edgesof complex networks, especially for the key infrastructures.“
Source: Electric Power Grid Invulnerability Under Intentional Edge-Based Attacks
“Applying the real data of the US power grid, we compare the effects of two different attacksfor the network robustness against cascading failures, i.e., removal by either the descending or ascending orders of the loads. … In the case of α < 0.7, our investigation by the numerical simulations leads to a counterintuitive finding on the US power grid that the attack on the nodes with the lowest loads is more harmfulthan the attack on the ones with the highest loads.”
Source: Cascading failures of power grids under three attack strategies
“We investigate the performance of the power grid of the western United Statessubject to three intentional attacks. Simulation results show that the effects of different attacks for the network robustness against cascading failures have close relations with the tunable parameter θ. Particularly, the attack on the edges with the lower load in the case of θ<1.4 can result in larger cascading failuresthan the one on the edges with the higher load. In addition, compared with the other two attacks, a new attack, i.e., removing the edges with the smallest proportion between the total capacities of the neighboring edges of and the capacity of the attacked edge, usually are prone to trigger cascading failures over the US power grid. “
Source: Robustness of the western United States power grid under edge attack strategies due to cascading failures
“Liu et al. first proposed a state attack under the DC model in 2009.The implementation of this attack requires the attacker to obtain the topology and location information of the entire power gridand successfully avoids traditional bad data detection through simulation attacks. The mechanism achieves the purpose of covert attacks. Later, Hug et al. proposed an attack modeling method under the communication model. Due to the difficult conditions for the implementation of this attack, a method based on local area topology and line parameter information is proposed on this basis. In recent years, researchers have further relaxed the degree of information that attackers need to obtain and proposed a method to construct malicious data injection attackswithout knowing topologyand line parameter information. The core idea is to use the historical measurement constructs an estimated measurement matrix that is equivalent to the real system measurement matrix. The construction method uses principal component analysis. This type of attack is also called a blind online vicious data injection attack[7-9]. In addition, on the basis of state attacks, malicious data injection attack methodsfor other attack targets are also derived. Based on the characteristics of the power grid, Yuan et al. added reasonable constraints to the attack on the basis of Liu to meet the real scenario, that is, it cannot attack the measurement of the power generation end; the attacker cannot modify the measurement of the zero injection node in the system to ensure concealment; the attacker, the load measurement and the power flow of the transmission line can be modified. Based on this theory, Yuan et al. proposed an attack to increase the load of some load nodes while reducing the load of other nodes without changing the total load of the system, namely load redistribution vicious data injection attack. On this basis, Liu et al. also proposed a load redistribution attack implementation scheme under local information; Kim et al. changed the attack target from an incorrect estimation of the system state to an incorrect estimation of the topology. After the whole network topology and line parameter information, the current system topology is changed through physical attacks, and the state of It is called cyber-physical coordinated attack. “
Source: Research on power grid planning based on vicious data
“Power grids, due to their lack of network redundancy and structural interdependence, are particularly vulnerable to cascading failures, a phenomenon where a few failed nodes-having their loads exceeding their capacities – can trigger a widespread collapse of all nodes. Our analysis encompasses a range of synthetic networks featuring small-world or scale-free properties, as well as real-world network configurations like the IEEE bus systems and the US power grid.”
Source: Cascading Failures in Power Grids: A Load Capacity Model with Node Centrality
“In this brief, we formulate a cost-constrained hybrid attack in power grids, where both nodes and links are targeted with a limited total attack cost. Based on the consequence and cost of removing a component (node or link), we propose an attack centrality metric for components, which can be either local or global depending on the depth of cascading failures. We further propose a greedy hybrid attackand another optimal hybrid attack by applying the attack centrality. Simulation results on IEEE bus test data demonstrate that the optimal attack is more efficient than the greedy one. Furthermore, we find, counterintuitively, that the local centrality-based attack algorithms perform better than the global centrality-based ones when attack cost is a concern.”
Source: Vulnerability Assessment of Power Grids against Cost-Constrained Hybrid Attacks
“Finding the key nodes in the network plays a decisive role in network cascading failureand fault repair. This paper aims to establish a method for controlling cascade failures driven by nonlinear data in complex power grids. The focus is on minimizing the input nodes of the control system. The model is applied to the simulation network ER, SF and the real network topology of the US Powergrid to verify that it achieves the largest cascading failure of the network under the least node control, so as to effectively predict the cascading failure of the reverse protection network, and effectively quickly repair cascading failures before the system completely crashes.”
Source: A Nonlinear Model Based on Data-Driven Control for Cascading Failure in Power Grids
“This paper proposes a novel nonlinear model of cascade failure in weighted complex networks considering overloaded edgesto describe the redundant capacity for edges and capture the interaction strength of nodes …. Finally, the cascading invulnerability is simulated in several typical network models and the US power grid. The results show that the model is a feasible and reasonable change of weight parameters, capacity coefficient, distribution coefficient, and overload coefficient can significantly improve the destructiveness of complex networks against cascade failure.”
Source: Nonlinear model of cascade failure in weighted complex networks considering overloaded edges
“The iterative process of a cascading failure on scale-free networks is analysed by removing one edge. We find that the proposed new model can control the spread of cascading failure more significantly. To make our conclusions more convincing, we have explored the performance of new models in real network by the power grid of the western United States.”
Source: Cascading failure model for the mitigating edge failure of scale-free networks
“Functionally identical coupled networks are derived from the power grid of the United States,which consists of many independent grids. Many power transmission lines are planned to interconnect those grids and, therefore, the study of the robustness of functionally identical coupled networks becomes important. In this paper, we find that functionally identical coupled networks are more robust than single networks under random attack.”
Source: Study of robustness in functionally identical coupled networks against cascading failures
“In this paper we try to analyze the measures of importance of the nodes in a power grid under cascading failure. Moreover, we introduce the notion of degree correlation for the case where only the statistical information of a power grid is known. Mean field theory is used for our analysis. With these efforts, we can distinguish the most vulnerable nodesand protect them, improving the safety of the power grid.”
Source: An efficient method of robustness analysis for power grid under cascading failure
“Applying the real data of the US power grid, we compare the effects of two different attacksfor the network robustness against cascading failures.”
Source: Cascade-based attack vulnerability on the US power grid
“The proposed CFG is able to effectively reveal the mechanism of fault propagationin a transmission network by transforming an electrical network with spatial information into a fault propagation graphwith temporal information, thus providing a better way for transmission network vulnerability assessment. Numerical results on IEEE 39-, 118-bus systems and French griddemonstrate the effectiveness of the proposed method.”
Source: A Novel Cascading Faults Graph Based Transmission Network Vulnerability Assessment Method
“We investigate the structural vulnerability of complex networks under different edge-based attacks. The simulations demonstrate that, the edges with higher product of betweenness centrality of the two endpoints of one edge connected are more important for SF network, ER random network, autonomous system network (AS), Italy power gridand US airport networks, but the edges with higher edge betweenness centrality are more important for WS networks.”
Source: Structural vulnerability of complex networks under multiple edge-based attacks
“We investigate the vulnerabilityof complex networks under different node-based attacks. The networks considered include scale-free network (SF), WS small-world network model, ER network and two real-world networks(autonomous system network and Italy power grid). The attacks are induced by removing the nodes in the descending order of the four kinds of weights defined in this paper.”
Source: Vulnerability of complex networks under multiple node-based attacks
“This paper defines, starting from the extended metric for efficiency named as net-ability, an extended betweenness and proposes a joint method of extended betweenness and net-ability to rank the most critical lines and busesin an electrical power grid. The method is illustrated in the IEEE-118-bus, IEEE-300-bus test systems as well as the Italian power grid.“
Source: Structural vulnerability of power systems: A topological approach
Answering the most common questions I received after publishing this
Where did you get the idea to start looking into this?
The idea emerged partly out of necessity and partly by coincidence. In discussions on power grid security in which I was involved, Chinese risks were often downplayed due to the absence of evidence of destructive capabilities comparable to that attributed to Russian or Iranian actors. Documented cases of Chinese cyber espionage were considered insufficient grounds for stricter regulation of Chinese technologies in power systems. I did not agree with this assessment. On the contrary, various indicators suggested to me that Chinese actors are fully capable of destructive activity, which led me to look for concrete evidence across available sources.
At the same time, I was conducting background research on major blackouts and the factors that contributed to them. As part of this work, I examined the recent Venezuelan blackout. During this research, I came across a brief reference on WikiLeaks to a 2010 New York Times article about a Chinese grid hacking academic study that reportedly raised concerns in the United States at the time. As this appeared to be a single case published, the issue was largely downplayed, treated as a misunderstanding or dismissed outright as unfounded accusations against China and gradually faded from attention at that time.
But all of this raised a broader question for me: what happened after that? Did research focused on identifying vulnerabilities in Western power grids continue? And did it expand beyond the United States to include Europe?
This line of reasoning ultimately led to my study. To back it up with some evidence, the screenshot below captures message exchange with my friend in Tel Aviv, with whom I am working on power grid security issues, at the point when it became clear that the publication I had encountered was not an isolated case but part of a broader and more systematic research effort warranting closer examination (03/2025).
Some publications are conference papers, I find it difficult to assess the importance of these papers, although I know that in some academic fields conference papers are as important as journal papers.
It’s true that some of the publications are conference papers, and I understand that their importance can vary a lot depending on the field, in some areas they are highly regarded, in others less so. But in the context of my research, the academic quality or prestige of the outlet is not what I am trying to measure.
My focus is entirely different: I am looking for indicators that certain topics are being studied at all. From a national security perspective, the fact that a research stream exists, even if it appears only in a conference paper of modest quality, already signals institutional or even state-level support for that line of research. That is what matters in this study.
In other words, I am not asking ‘How good is this research?’, but rather ‘What capabilities are being developed, and where?’ The mere presence of publications, regardless of their quality, is itself a red flag, because it shows attention and resources are being directed to those areas by actors such as defense universities like NUDT or state-linked corporation like China State Grid Corporation.
And again, it is important to keep two things in mind: I manually reviewed the ‘sensitive’ papers to avoid any mistakes, and at the same time, what I found still comes only from open sources. Given that many of the authors come from defense universities or state-owned enterprises, I believe there is also a risk that far more catastrophic scenarios are being simulated secretly, with the support of intelligence information gathered over many years of espionage conducted by China in the EU and the US.
You focused on Chinese research publications, but did you have some sort of control group, such as US or European researchers focusing on cyber security and using keywords such as cascading failures (in the Chinese grid)? This to have a benchmark comparing Chinese and Western publications.
This question goes in a different direction from the original purpose of my research, which was focused on what our adversary is doing. Still, I had similar concern when I did the research, so I specifically checked whether there were any Western studies that tested attacks or similar scenarios on the Chinese grid. I did not find a single one. The reason, I believe, is that China heavily censors any information related to its critical infrastructure. I do not think Western researchers could ever realistically obtain Chinese grid data or simulate it, given the restrictions in China.
In section 4.2 you present the evolution of research priorities. The conclusion is that priorities shift. But do the findings from all designated periods still apply (e.g. as risks or threats)? What about the older papers (before 2016)? Do the findings still apply (and pose a threat to the grid)?
Yes, they only evolve over time. For example, a cross-cutting theme across publications has been cascading failures, but false data injection attacks are a relatively new issue of just the last 2–3 years. So yes, the threat remains, but the specific techniques are changing. And in general, yes, most of them are still valid because we have not yet fully transformed power grids from the old model we used in the past to the new digitalized one. We are in a kind of transitional phase of an incompletely transformed grid, which means that we are currently exposed both to old threats and to new emerging threats.