The People's Republic of China's (PRC) state-owned grid operators, State Grid Corporation of China (SGCC) and China Southern Power Grid (CSG), maintain standing "red and blue team special forces" for offensive cyber programs. These teams are part of a broader PRC ecosystem that develops national cybersecurity standards, runs grid attack simulation facilities, and publishes research on tools to attack Western power grid industrial control systems.
Simulated attacks have included testing against Western systems, with results potentially supporting state-backed attacks. The PRC's military-civil fusion doctrine ensures government organs like the Ministry of State Security and Ministry of Industry and Information Technology access these vulnerabilities. SGCC and CSG institutionalize adversary techniques, participate in national cyber exercises, procure red and blue team services, draft industry standards, and develop wargaming platforms. Their activities, including developing attack data methods against Modbus, a protocol dominating U.S. and European SCADA systems, suggest offensive intentions beyond baseline defensive capabilities. Procurement records show systemic budgeting for "cybersecurity offensive and defensive capability enhancement technical support" and CSG developed a grid cyber range platform for offensive/defensive wargaming. The PLA Cyberspace Force could leverage these teams for operations against foreign critical infrastructure.
No comments:
Post a Comment