Executive summary
The importance of China’s electrical grid is growing in scale and complexity as it supports economic growth, integration of renewable energy sources, and the geostrategic goals of the Belt and Road Initiative (BRI). China’s planned shift from electricity production largely based on coal-fired generators to a combination of hydropower, wind, solar photovoltaic, and gas generators is occurring in tandem with a shift to a market-driven electricity system. These changes introduce enormous technical complexities to what is in effect the largest interconnected machine on Earth. Complex electrical networks require continuous automated monitoring and control. The use of devices connected between the grid and the internet has proven to be a very cost-effective means of providing that control, but those internet connections expose physical electric power equipment to risks of cyberattacks like the ones executed in 2015 and 2016 against Ukraine. China is trying to build resilience into its electrical grid through a combination of training, management, and technology.
The second of these two cyberattacks on Ukraine’s electrical grid, in 2016, demonstrated how a malevolent actor in cyberspace could destroy physical components of the grid, thereby disrupting water supplies, hospitals, and food distribution. Since many of these physical devices that enable electricity flows are massive, difficult to replace, and expensive, their destruction can lead to extended power outages and widespread human suffering. Both the U.S. and China are deeply concerned about the resilience of their grids against such attacks. China’s approaches to securing their grid, like those of the United States, involves a mix of guidance, regulation, personnel training, and technology. A review of two of the most widely discussed emerging technologies — quantum communications and artificial intelligence — suggests that neither of these will provide robust solutions to grid protection in the next 10 to 15 years.
China’s efforts in cyberspace to steal information from U.S. companies and conduct espionage against U.S. military networks are being met by a more forward-leaning U.S. defense that may include defensive operations within Chinese hacker networks. This forward defense posture has been articulated in several U.S. strategy documents. However, the U.S. makes clear that peacetime attacks on civilian infrastructure is not part of the strategy. This important distinction between networks hosting malicious hacking, and networks used to control civilian infrastructure must be clearly understood as cyber policy evolves.
Given the mutual concerns of the U.S. and China over the security of their electrical grids, there may be an opening for mutual agreement for restraint from potentially-threatening behaviors within each other’s grid networks. Such an agreement could build on a broader set of principles discussed several years ago with the Chinese, regarding potential restraints from certain behaviors in civilian infrastructure more broadly. Furthermore, an agreement could be crafted that does not logically interfere with the U.S. forward strategy in cyberspace. Such an agreement could provide a useful component of U.S. and Chinese grid security, and a basis for stable interaction in the event of a crisis.