Critical Infrastructure Security
Federal Cuts Threaten Grid Security as Nation-State Hackings Escalate, Analysts Say
Utility executives and grid security analysts warned Congress that U.S. federal funding for cybersecurity isn’t keeping pace with a surge in nation-state intrusions, leaving U.S. energy systems exposed.
See Also: Going Beyond the Copilot Pilot – A CISO’s Perspective
Leaders from investor-owned utilities, rural cooperatives and the national labs told the House Energy and Commerce subcommittee Tuesday that Chinese hackers are embedded across energy infrastructure in the U.S. and that the next wave of attacks will exploit longstanding resource gaps – especially in rural systems and aging operational technology.
The warnings come as researchers describe a threat environment shaped by pre-positioning campaigns from nation-state adversaries – with hackers increasingly embedding themselves quietly into operational technology networks. Officials have warned for years that China in particular is preparing “destructive” attacks against critical infrastructure sectors (see: Chinese Hackers Preparing ‘Destructive Attacks,’ CISA Warns).
Tim Lindahl, CEO of Kenergy who testified on behalf of the National Rural Electric Cooperative Association, said thousands of co-ops have limited resources for cybersecurity. Modern defenses “often require high upfront costs and persistent funding to maintain capabilities.” He added that those constraints are already undermining readiness. Department of Energy grants for rural and municipal utility cybersecurity have “yet to be released to the award winners,” he said.
Congressional authorization of the grant program “and the timely release of remaining funds from this program are critical steps to ensure rural communities are not left behind,” he told lawmakers. The $250 million grant program is authorized through fiscal year 2026.
Investor-owned utilities made a similar case. Sharla Artz, vice president of security and resilience policy for Xcel Energy who testified for the Edison Electric Institute, said public-private cyber partnerships are essential but are under strain from the volume and sophistication of threats. Programs like the Energy Threat Analysis Center and other federally-funded grid security initiatives “need additional government funding to accomplish that expansion,” she said.
The administration’s fiscal 2026 budget request reflects a significant pullback in federal cyber spending at DOE. The Office of Cybersecurity, Energy Security and Emergency Response would drop from $200 million in fiscal 2025 to $150 million in 2026, a 25% reduction. The cuts fall heavily on CESER, including risk-management tool development and emergency response operations.
The administration is also proposing a sharp reduction to the DOE’s grid modernization and resilience accounts. Funding for the Grid Deployment Office would fall from roughly $60 million to $15 million in fiscal 2026, a 75% decrease that would reduce federal support for transmission resilience, grid-hardening initiatives and technical assistance programs that utilities rely on to secure aging operational-technology systems.
Witnesses voiced support for the Cybersecurity Risk Information Sharing Program, or CRISP, a public-private partnership funded by the DOE and industry and managed by the Electricity Information Sharing and Analysis Center that facilitates unclassified and classified threat data sharing between grid operators and the federal government.
Zachary Tudor, associate laboratory director for national and homeland security at Idaho National Laboratory, said the funding debate comes amid “an unprecedented wave of cyberthreats directed at our critical infrastructure.” He warned that adversaries are increasingly exploiting trusted relationships and vendor connections to gain “persistent access that bypasses traditional defenses,” citing recent supply-chain compromises as a model for future energy-sector attacks.