The ever-increasing coupling relationship between cyber and physical systems makes cyber-attacks become an important factor affecting the reliability of power system operations. First, this article conducts the analysis of the network security risk from the attacker’s perspective, infers the available resources of the attacker based on the identity of the attacker, analyzes the purpose of the attack to be achieved, and infers the possible penetration and intrusion path and damage modes. The guidance can be provided to develop the specific protection methods based on the above analysis. Then this paper analyzes the deficiencies of the trusted computing, hierarchical protection, security situation awareness and other defense mechanisms being implemented in the power industry, and this paper points out the potential supply chain security threats in the security detection of software and hardware systems. Considering the difference of the risk levels and the harmful consequences caused by attacks on different power monitoring systems, the power system risk matrix is constructed from the aspect of the possibility of successful attack and the harmful consequences, and it is pointed out that the multi-target coordinated attack will increase the risk compared to the single-point attack. Finally, from the available resources of the state-supported cyber-attacks and the purpose of the attack, two high-risk potential cyber-attack damage modes are proposed, and the attack realization process and damage mechanism are summarized.