In the heart of China’s bustling construction and logistics landscape, the cargo crane industry stands as a pivotal force, driving the country’s relentless pursuit of infrastructure development and global trade dominance. The China crane market, projected to reach a staggering USD 245 billion by 2027, is a testament to the sector’s immense growth and significance.

This in-depth guide delves into the intricacies of China’s cargo crane industry, exploring the rising demand for mobile, tower, and crawler cranes fueled by ambitious infrastructure projects, including railways, roads, highways, airports, and ports. Readers will gain insights into the shifting trends, such as the increasing adoption of medium-capacity tower cranes and the surge in demand for large-tonnage cranes in wind power construction.

The guide also examines the innovative technological advancements, including the integration of IoT, automated safety features, and smart crane technologies, which are transforming the industry into a more efficient and sustainable sector. Additionally, it highlights the key players, such as X

Why China’s cargo cranes at U.S. ports pose espionage risk

Chinese-Manufactured Cargo Cranes: Security Risks at U.S. Ports

Introduction

Chinese-manufactured cargo cranes, predominantly produced by Shanghai Zhenhua Heavy Industries (ZPMC), have raised significant security concerns at U.S. ports. Here is a comprehensive guide outlining the key issues and implications.

Dominance of ZPMC in Global and U.S. Markets

• ZPMC accounts for roughly 80% of the ship-to-shore (STS) port cranes operational in the U.S.[1][4][5]
• The company’s dominance in the global market adds to China’s broader maritime infrastructure influence.

Security and Cybersecurity Risks

Unauthorized Modifications and Access

• U.S. ports have multimillion-dollar contracts with ZPMC that do not prohibit or limit unauthorized modifications or access to equipment and technology. This includes the possibility of installing backdoors into the equipment[1][2][4].

Cellular Modems and Remote Access

• ZPMC has installed cellular modems on STS cranes in U.S. ports, often without the knowledge or consent of port authorities. These modems could allow access by the Chinese government due to China’s national-security laws that mandate companies cooperate with state intelligence agencies[1][2][4].

Potential for Espionage and Disruption

• The presence of these modems raises concerns about data collection on container traffic and the potential to disable the cranes. This could compromise U.S. maritime critical infrastructure and disrupt commercial and military activities[2][3][4].

National Security Implications

Links to Chinese Military and Government

• ZPMC is owned and controlled by the People’s Republic of China (PRC) and has ties to the Chinese Communist Party (CCP) and defense contracting. The company is involved in militarizing the South China Sea[1][4].

Geopolitical Concerns

• The PRC’s geopolitical ambitions, particularly regarding Taiwan, raise concerns about the security of U.S. maritime supply chains. In a potential future dispute, the PRC could restrict or manipulate the supply of critical components essential to U.S. maritime infrastructure[1][4].

Recommendations and Actions

Severing Connections and Monitoring

• The committees recommend severing connections between ZPMC cranes and cellular modems and installing operational technology monitoring software to enhance security[1].

Department of Homeland Security (DHS) and U.S. Coast Guard Involvement

• The DHS and the U.S. Coast Guard are urged to prioritize closing security gaps, especially at strategic seaports, and ensure the safety and security of DoD-designated commercial strategic seaports[1][4].

Executive Orders and Policy Responses

Biden-Harris Administration’s Executive Order

• The Biden-Harris administration has issued an Executive Order to strengthen maritime cybersecurity, fortify the supply chain, and strengthen the U.S. industrial base. This includes a $20 billion investment into U.S. port infrastructure over the next five years[1][4].

Industry and Government Collaboration

• The American Association of Port Authorities (AAPA) and other stakeholders are working with federal agencies to address evolving threat landscapes through policy solutions, such as waivers to procurement requirements and incentives for domestic manufacture of critical port equipment[4].

Conclusion

The use of Chinese-manufactured cargo cranes at U.S. ports poses significant security and cybersecurity risks. Addressing these vulnerabilities is crucial to ensuring the integrity and security of U.S. maritime infrastructure. Ongoing efforts by government agencies, congressional committees, and industry stakeholders aim to mitigate these risks and enhance national security.

Pentagon Sees Giant Cargo Cranes as Possible Chinese …

Guide to the Concerns Over Chinese-Made Cargo Cranes as Potential Spying Tools

Introduction

U.S. national security and Pentagon officials have raised significant concerns that giant cargo cranes manufactured by the Chinese company ZPMC (Zhenhua Heavy Industries) could be used as spying tools. Here is a detailed outline of the key issues and implications.

Background

• ZPMC, a China-based manufacturer, produces a substantial majority (around 70-80%) of the world’s ship-to-shore cranes, many of which are deployed in U.S. ports, including those used by the U.S. military[1][4][5].

Security Concerns

Potential for Surveillance

• The cranes are equipped with sophisticated sensors and software that can track the provenance and destination of containers. This capability has raised fears that China could capture information about materials being shipped in or out of the country, potentially compromising U.S. military operations[1][3][4].

Remote Access and Disruption

• The advanced technology in these cranes allows for remote monitoring and control, which could be exploited to disrupt the flow of goods. Former top U.S. counterintelligence official Bill Evanina highlighted that these cranes could provide remote access, similar to the concerns raised about Huawei’s telecom equipment[1][3][4].

Official Responses and Investigations

Pentagon and National Security Officials

• Pentagon officials and national security experts have compared these cranes to a Trojan horse, suggesting they could be used for clandestine intelligence collection. There are ongoing investigations into the cybersecurity and national-security threats posed by these foreign-manufactured cranes[1][3][4].

Legislative Actions

• U.S. lawmakers have inserted a clause into the December 2022 defense authorization act requiring the Transportation Department to consult with the defense secretary to produce a study on whether foreign-manufactured cranes pose cybersecurity or national-security threats at American ports[2][5].

Reactions from Ports and Industry

American Association of Port Authorities (AAPA)

• The AAPA has dismissed the media reports as “alarmist” and “sensationalized,” arguing that modern cranes cannot track the origin, destination, or nature of the cargo. However, the AAPA supports legislative efforts to restore U.S. manufacturing capabilities for cranes and other heavy port equipment to enhance security and reduce dependence on foreign suppliers[2].

Chinese Response

Chinese Embassy and Government Officials

• The Chinese Embassy in Washington has labeled the U.S. concerns as “paranoia-driven” and an attempt to obstruct trade and economic cooperation. Chinese officials argue that these concerns hinder trade and cooperation between China and the U.S.[1][2][4].

Implications and Future Actions

Cyber Risk Management

• The U.S. Coast Guard, on behalf of the Department of Homeland Security, has announced new cyber-risk management requirements for owners and operators of Chinese-made container cranes at U.S. ports. This includes contacting local Coast Guard Captain of the Port (COTP) to obtain copies of Maritime Security Directive 105-4[5].

Reshoring Manufacturing

• There is a push to bring port crane manufacturing capabilities back to the U.S. through legislative efforts such as the “Crane Reshoring and National Enforcement of Supply Chain Security Act.” This initiative aims to reduce U.S. dependence on foreign suppliers and enhance national security[2][5].

Broader Security Context

• The concerns over Chinese-made cranes are part of a broader context of U.S.-China relations, including issues with Chinese surveillance flights, spy balloons, and the general perception of comprehensive Chinese penetration into U.S. infrastructure and technology[4].

Conclusion

The debate over Chinese-made cargo cranes highlights the complex interplay between national security, economic cooperation, and technological advancements. While the U.S. is taking steps to address potential security risks, the issue remains a contentious point in U.S.-China relations. Ensuring the security of U.S. ports and supply chains while maintaining economic viability is a critical challenge moving forward.

US warns of cyberthreat from China container cranes

Guide to Cyber Threats from Chinese-Made Container Cranes in U.S. Ports

Introduction

The use of Chinese-manufactured ship-to-shore (STS) cranes in U.S. ports has raised significant cybersecurity and national security concerns. This guide provides an in-depth look at the issues, the measures being taken, and the implications for U.S. port security.

Prevalence of Chinese-Made STS Cranes

• Chinese-made STS cranes, predominantly supplied by Shanghai Zhenhua Heavy Industries (ZPMC), account for nearly 80% of the STS cranes in U.S. ports[2][3][4].
• ZPMC, a subsidiary of China Communications Construction Company (CCCC), has strong ties to the Chinese Communist Party and defense contracting[2].

Cybersecurity Risks

Remote Access and Control

• These cranes are designed to be controlled, serviced, and programmed from remote locations, which introduces significant vulnerabilities to cyber exploitation[1][3][4].

Unauthorized Installations

• There have been instances of unauthorized installations of cellular modems on these cranes, further increasing the risk of unauthorized access[2].

Potential for Espionage

• The presence of these cranes raises concerns that they could be used as a “Trojan horse” for the Chinese government to exploit and manipulate U.S. maritime equipment and technology[2].

National Security Implications

Threat to Critical Infrastructure

• The dominance of Chinese-made cranes in U.S. ports poses a threat to the nation’s critical infrastructure, particularly given the potential for disruption in the event of a conflict, such as over Taiwan[2].

Military and Commercial Disruptions

• These vulnerabilities could disrupt both commercial activities and military deployments, highlighting the urgent need to address these security gaps[2].

Regulatory and Administrative Responses

U.S. Coast Guard Directives

• The U.S. Coast Guard has issued MARSEC Directive 105-5, which outlines specific cybersecurity measures for owners and operators of STS cranes manufactured by Chinese companies. This directive is in addition to previous directives and contains security-sensitive information not available to the general public[1][3].

Interagency Collaboration

• The U.S. Coast Guard has consulted with various federal agencies, including the Department of State, Department of Defense, Department of Transportation, Department of Homeland Security, Transportation Security Administration, Cybersecurity and Infrastructure Security Agency, and the National Maritime Intelligence-Integration Office, to address these threats[1].

Executive Orders

• The White House has issued an Executive Order granting the Department of Homeland Security expanded authority to deal with maritime cyber threats, including setting cybersecurity standards for American port networks and systems[2].

Recommendations and Future Actions

Reducing Dependence on Chinese Technology

• There is a strong recommendation to reduce U.S. dependence on potentially compromised technology by promoting the domestic manufacture of critical port equipment[2].

Policy Solutions

• The American Association of Port Authorities (AAPA) is working with federal agencies to implement policy solutions such as waivers to burdensome procurement requirements and incentives for domestic manufacturing[2].

Continuous Monitoring and Collaboration

• Ongoing collaboration between the U.S. Coast Guard, other federal law enforcement agencies, and private sector experts is crucial to respond to evolving threat landscapes and prevent security breaches[2].

Conclusion

The presence of Chinese-made STS cranes in U.S. ports presents significant cybersecurity and national security risks. Addressing these vulnerabilities requires immediate and coordinated action from both the federal government and the maritime sector to ensure the security and integrity of the nation’s critical infrastructure.

Chinese Cargo Cranes at U.S. Ports Pose Espionage Risk …

Chinese Cargo Cranes at U.S. Ports: A Potential Espionage Risk

Overview

A comprehensive congressional investigation has uncovered significant security risks associated with Chinese-made cargo cranes used at U.S. seaports. Here is a detailed guide to the findings and implications of this investigation.

Key Findings of the Congressional Investigation

Dominance of Chinese-Manufactured Cranes

• Chinese company Shanghai Zhenhua Heavy Industries (ZPMC) dominates the market, accounting for roughly 80% of the ship-to-shore (STS) cranes operational in U.S. ports[2][5].

Embedded Technology and Remote Access

• ZPMC has installed cellular modems in these cranes, which could allow remote access. This access was often requested by ZPMC under the pretext of maintenance, but it poses a significant security risk[2][3][5].
• In some cases, these modems were installed without the knowledge or consent of port authorities, and they are not within the scope of existing contracts[3][5].

Potential for Espionage and Disruption

• The modems could be used by the Chinese government to covertly collect sensitive information and disrupt U.S. port operations. This is particularly concerning due to China’s national security laws that mandate companies to cooperate with state intelligence agencies[2][3][5].

Security Risks and Vulnerabilities

National Security Implications

• The ability to access and control these cranes remotely could give China leverage over the global supply chain, especially in future economic and military confrontations. This vulnerability is exacerbated by the critical role these cranes play in U.S. maritime infrastructure[1][2][5].

Cybersecurity Threats

• The investigation highlighted broader cybersecurity vulnerabilities in U.S. critical infrastructure. Old-school hacking techniques, such as email phishing, remain effective due to poor cyber hygiene practices. This underscores the need for enhanced cybersecurity measures to protect against increasingly sophisticated cyber attacks[1].

Geopolitical Consequences

• The PRC’s geopolitical ambitions, particularly regarding Taiwan, raise concerns about the security of U.S. maritime supply chains. In a potential future dispute, China could restrict or manipulate the supply of critical components essential to U.S. maritime infrastructure[5].

Recommendations and Actions

Mitigating Risks

• The committees recommend severing the connections between ZPMC cranes and cellular modems, and installing operational technology monitoring software to enhance security[5].

Strengthening Maritime Cybersecurity

• The Department of Homeland Security (DHS) and the U.S. Coast Guard are advised to prioritize closing security gaps at strategic seaports, including those designated as critical by the Department of Defense[5].

Executive and Legislative Actions

• The Biden-Harris administration has announced plans to replace foreign-made cranes with American-manufactured ones and imposed a 25% tariff on cranes made in China. Additionally, an Executive Order aims to strengthen maritime cybersecurity, fortify the supply chain, and invest $20 billion in U.S. port infrastructure over the next five years[1][5].

Broader Implications and Future Steps

Economic and Supply Chain Impact

• The reliance on Chinese-made cranes poses a significant risk to the U.S. economy, as disruptions to port operations could devastate supply chains and the movement of cargo[4].

Global Digital Diplomacy

• The need for more comprehensive digital diplomacy between the U.S. and China is underscored, given the broader pattern of China-backed cyber threats targeting key U.S. infrastructure, including water, electricity, and transportation networks[1].

Training and Preparedness

• There is an emphasis on training U.S. diplomats in cybersecurity to address the growing digital threats. Future foreign policy should focus heavily on securing digital fronts as well as physical ones[1].

By understanding these findings and recommendations, the U.S. can take proactive steps to mitigate the security risks associated with Chinese-made cargo cranes and strengthen the resilience of its critical infrastructure.

Are Cranes at U.S. Ports Chinese Spy Tools?

Overview of the Issue: Chinese Cranes at U.S. Ports

Introduction

The presence of Chinese-made cranes at U.S. ports has raised significant concerns regarding national security, espionage, and the integrity of critical infrastructure. Here is a comprehensive guide to the issue.

Background and Key Findings

Chinese Manufacturer and Market Dominance

The cranes in question are primarily manufactured by Shanghai Zhenhua Heavy Industries (ZPMC), a state-owned Chinese company that dominates the global market for ship-to-shore (STS) cranes, accounting for roughly 80% of such cranes operational in the U.S.[3][4][5].

Discovery of Unauthorized Communication Equipment

A joint investigation by the House Homeland Security Committee and the House Select Committee on China revealed that these Chinese-made cranes were equipped with unauthorized cellular modems. These modems, not requested by U.S. ports or included in contracts, were found to be capable of remote access and data collection[1][2][3].

Security Vulnerabilities and Risks

Espionage and Data Collection

The installed modems could be used for espionage, allowing the Chinese Communist Party (CCP) to collect valuable intelligence on U.S. port operations, including the monitoring of cargo movements and the disruption of supply chains. This poses a significant threat to national security and the economy[1][3][4].

Potential for Disruption of Port Operations

The ability to remotely access and control these cranes could enable the CCP to disrupt or even shut down U.S. port operations, which would have catastrophic economic and security consequences. This includes the potential to suspend commercial activity and impact military supply chains[4].

Backdoor Access and Cybersecurity Threats

The modems create a backdoor security vulnerability, allowing for the bypass of firewalls and the collection of usage data on the equipment. This undermines the integrity of port operations and increases the risk of cyber attacks[2][3].

Contractual and Oversight Issues

Lack of Contractual Prohibitions

Contracts between U.S. ports and ZPMC do not prohibit or limit unauthorized modifications or access to the equipment. This lack of oversight allows for the installation of backdoors and other security risks without detection[3].

Third-Party Components and Assembly

Critical components from other countries are often shipped to China for assembly by ZPMC, which installs them without oversight from the original manufacturers. This further complicates the security landscape[3].

Recommendations and Actions

Severing Connections and Implementing Monitoring

The House committees recommend severing the connections between ZPMC cranes and the unauthorized cellular modems and installing operational technology monitoring software to enhance cybersecurity[3].

Strengthening Cybersecurity and Supply Chain Resilience

The Biden administration has called for significant investments in U.S. port infrastructure and cybersecurity measures. This includes working with other countries, such as Japan, to start domestic production of critical hardware like STS cranes[2][3].

Regulatory and Compliance Measures

The U.S. Coast Guard has been ordered to implement better cybersecurity measures at ports, and there is a push for stricter regulations to ensure the safety and security of critical infrastructure[2][4].

Conclusion

The presence of Chinese-made cranes at U.S. ports, equipped with unauthorized communication equipment, poses a significant threat to national security, economic stability, and the integrity of critical infrastructure. Addressing these vulnerabilities through stringent cybersecurity measures, contractual reforms, and domestic production of critical hardware is crucial to mitigating these risks.

Suspicious tech found in Chinese-made cargo cranes …

Guide to the National Security Risks Posed by Chinese-Made Cargo Cranes in U.S. Ports

Introduction

A recent congressional investigation has uncovered significant national security concerns related to Chinese-made cargo cranes deployed at various U.S. ports. This guide provides an in-depth look at the findings, implications, and measures being taken to address these risks.

Findings of the Congressional Investigation

Presence of Unidentified Communications Equipment

• The investigation revealed that Chinese-built cargo cranes, primarily manufactured by Shanghai Zhenhua Heavy Industries (ZPMC), contain communications equipment that does not appear to support normal crane operations. This includes the discovery of more than 12 cellular modems installed in these cranes[1][2][4].

Remote Access Capabilities

• These cellular modems enable remote access to the cranes, which could potentially be exploited by the Chinese government due to China’s national-security laws that mandate companies to cooperate with state intelligence agencies. Some modems were installed without the knowledge or request of the port authorities, and they were not documented in any sales contracts[1][2][4].

Suspicious Device Installations

• Port operators have expressed uncertainty about who installed these modems, with some speculating that they were installed in China during the manufacturing process as early as 2017. These devices were connected to the cranes’ operating control systems, raising concerns about their purpose and potential misuse[1][4].

National Security Implications

Espionage and Surveillance

• The presence of these modems and the potential for remote access pose a significant risk of espionage. The Chinese government could use these cranes to covertly monitor U.S. port operations, gather intelligence, or even sabotage critical infrastructure[1][2][4].

Disruption of Port Operations

• If compromised, these cranes could disrupt the entire maritime supply chain, leading to severe economic and logistical consequences. The cranes handle a substantial portion of container operations in the U.S., and any malfunction or cessation of their normal operation could cripple U.S. transportation capacity[2][4][5].

Measures to Address the Risks

New Cyber-Risk Management Requirements

• The U.S. Coast Guard has issued new cybersecurity directives, such as Maritime Security Directive 105-4 and later MARSEC 105-5, which outline required cyber-risk management actions for owners and operators of Chinese-made container cranes. These directives aim to prevent security incidents and mitigate the risks associated with remote access features[3][4].

Security Evaluations and Monitoring

• The Coast Guard has conducted security evaluations on some of the Chinese-made cranes, with plans to assess all such cranes. These evaluations include hunting for malicious cyber activity and determining the cybersecurity posture of the cranes[3][4].

Economic and Legislative Actions

• The Biden administration has imposed a 25% tariff on Chinese-made cranes ordered after May 2024 to discourage their use. Additionally, significant funding has been allocated to onshore the manufacturing of cranes in the U.S., aiming to replace Chinese-made cranes with U.S.-made alternatives. This includes grants to companies like PACECO Corp. to establish new manufacturing facilities[5].

Training and Compliance

• The Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency (CISA) have launched cybersecurity training programs for port operators to enhance security measures. However, it has been noted that only a fraction of private operators have utilized these services, leaving many ports vulnerable[4].

Conclusion

The discovery of suspicious communications equipment in Chinese-made cargo cranes at U.S. ports has highlighted critical national security risks. The ongoing investigations and subsequent measures are crucial steps in mitigating these risks and ensuring the security and integrity of U.S. maritime infrastructure. Continued vigilance and cooperation among government agencies, port operators, and private sector entities are essential to address these vulnerabilities effectively.

Joint Investigation into CCP-Backed Company Supplying …

Joint Investigation into CCP-Backed Company Supplying Cranes to U.S. Ports: Key Findings and Implications

Introduction

A joint investigation by several House committees has uncovered significant concerns regarding the presence of Chinese-made cranes at U.S. ports, particularly those supplied by Shanghai Zhenhua Heavy Industries (ZPMC), a state-owned Chinese manufacturer. Here is a detailed guide to the findings and their implications.

Discovery of Unauthorized Communication Devices

• Cellular Modems: The investigation revealed the presence of cellular modems on ZPMC ship-to-shore (STS) crane components at multiple U.S. seaports. These modems were not part of the original equipment contracts and were installed without the knowledge or consent of U.S. port officials.
• Server Room Modem: A cellular modem was also found in the server room of another U.S. seaport, which houses the firewall and networking equipment for the STS cranes.

Security Concerns

• Potential for Spying: The presence of these unauthorized communication devices has raised concerns that the Chinese Communist Party (CCP) could use these cranes for surveillance or intelligence gathering.
• FBI Findings: In 2021, the Federal Bureau of Investigation (FBI) discovered intelligence gathering equipment on a vessel delivering ZPMC cranes to the Port of Baltimore, further exacerbating these concerns.

Extent of ZPMC’s Presence in U.S. Ports

• Market Dominance: ZPMC accounts for nearly 80% of the STS cranes in use at U.S. maritime ports.
• Proximity to Military Facilities: Many of these cranes are built in an area adjacent to a shipyard where the People’s Liberation Army Navy’s most advanced warships are constructed, including aircraft carriers and destroyers.

Investigation Details

• Components Sourced from Switzerland: The investigation also involves the Swiss company ABB, as many operational components manufactured by ABB are shipped to China, stored for several months, and then installed on U.S.-bound port equipment by ZPMC engineers.
• Multiple Ports Affected: More than 12 cellular modems were found in Chinese-made cranes across several U.S. ports. While some modems were used for operational functions like remote monitoring and maintenance tracking, others were installed without any request from the ports.

Responses and Reactions

• Congressional Concerns: The discovery has fueled concerns within the Biden administration and among lawmakers about the potential security risks posed by these Chinese-made cranes.
• Political Stance: Politicians like Mark Green have emphasized that China is a significant threat to U.S. security, highlighting the need for vigilant oversight of foreign-made equipment in critical infrastructure.

Implications and Next Steps

• National Security Threat: The findings suggest that the presence of these cranes could compromise national security, potentially allowing for surveillance or sabotage.
• Regulatory Actions: The investigation may lead to increased scrutiny and regulatory actions against CCP-backed companies supplying critical infrastructure equipment to the U.S.
• Domestic Manufacturing: There is a growing call for investing in domestic manufacturing to reduce dependence on foreign suppliers, especially those with potential ties to adversarial nations.

Conclusion

The joint investigation has exposed critical vulnerabilities in the security of U.S. ports due to the presence of unauthorized communication devices in Chinese-made cranes. These findings underscore the need for enhanced security measures, greater transparency in equipment sourcing, and a strategic shift towards domestic manufacturing to mitigate potential security risks.

China Could Use Cargo Cranes To Hijack American Ports

Potential Chinese Espionage and Disruption Through Cargo Cranes at U.S. Ports

Introduction

China’s increasing global aggression has raised significant concerns about its potential to disrupt critical U.S. infrastructure, particularly through the use of cargo cranes at American ports. Here is a detailed guide on the threats and implications associated with Chinese-made cargo cranes.

The Threat of Remote Access

• A key concern is that Chinese-made cargo cranes, predominantly manufactured by the state-owned company ZPMC, could be remotely operated by the Chinese Communist Party (CCP). This capability could allow China to disrupt port operations at critical times, such as during wartime or other significant events[1].

Data Theft and Espionage

• The cranes are equipped with technology that enables data collection, which could be exploited by the CCP for espionage purposes. China expert Gordon Chang has expressed concerns that China may already be collecting data from these cranes, particularly at major ports like the Port of Houston, the busiest port in the U.S. in terms of overall tonnage[1].

Vulnerability of U.S. Ports

• The Port of Houston, along with other U.S. seaports, is vulnerable to these threats due to the widespread use of Chinese-made cranes. These cranes make up a significant portion of the equipment used at U.S. ports, with ZPMC cranes accounting for roughly 80% of the seaport cranes across the country[2][3].

Congressional Investigation Findings

• A yearlong joint investigation by the House Homeland Security Committee and the Select Committee on the Chinese Communist Party found that ZPMC had pressured port operators to allow remote access to the cranes. This access could be extended to other PRC government entities, posing a significant risk due to China’s national security laws that mandate cooperation with state intelligence agencies[2][3].

Technological Backdoors

• The investigation revealed that the cranes contain technological backdoors, including cellular modems not requested by U.S. ports or included in contracts. These modems are connected to Linux computers on the cranes and are intended for the collection of usage data, creating a significant backdoor security vulnerability[3].

Impact on National Security

• The use of these Chinese-made cranes jeopardizes U.S. national security. The report from the House committees highlights that these vulnerabilities could allow the CCP to exploit and manipulate U.S. maritime equipment and technology, affecting Americans across the country[2][5].

Need for Executive Action and Policy Changes

• Experts like Gordon Chang suggest that executive action by the Biden administration could address these issues. However, so far, there has been limited action taken to mitigate these risks. The Biden administration has proposed investing billions of dollars in new crane technology to reduce reliance on Chinese equipment[1][3].

Mitigation Efforts

• To counter Beijing’s potential influence, the U.S. is working on several mitigation strategies:
• The Coast Guard has ordered ports to implement better cybersecurity measures.
• The U.S. is collaborating with Japanese heavy industrial company Matsui to start domestic production of ship-to-shore cranes, aiming to reduce reliance on Chinese-made equipment[3].

Conclusion

The use of Chinese-made cargo cranes at U.S. ports poses significant risks to national security and critical infrastructure. Addressing these vulnerabilities requires immediate attention from policymakers and port authorities to ensure the integrity and security of U.S. port operations.

Congressional probe finds communications gear in … – CNN

Congressional Probe into Chinese-Made Cranes at US Ports

Overview

A recent congressional investigation has uncovered significant concerns regarding Chinese-made cranes installed at various US ports. The probe, conducted by the House Committee on Homeland Security and the House Select Committee on China, revealed the presence of undocumented communications equipment in these cranes, raising fears of potential surveillance and sabotage.

Key Findings of the Investigation

Presence of Undocumented Communications Equipment

• The investigation discovered that several Chinese-made cranes, manufactured by Shanghai Zhenhua Heavy Industries (ZPMC), a state-owned Chinese company, contain cellular modems that were not documented in any contract between US ports and ZPMC[2][4][5].
• These cellular modems, which can be used for remote communication, were found installed on the cranes before they were delivered to the US ports. US port personnel who inspected the cranes in China found the modems already in place[1][2].

Potential National Security Risks

• The presence of these undocumented modems has fueled concerns that the cranes could be used for espionage or sabotage. The modems could potentially allow remote access to the cranes’ operating systems, posing a covert national-security risk[2][4][5].
• The ability to remotely access and control these cranes raises concerns about the potential disruption of logistics and infrastructure, particularly in the event of a conflict with China[3].

Operational and Non-Operational Modems

• While some of the cellular modems were used for legitimate operational functions such as monitoring and tracking maintenance remotely, others were installed without any clear purpose or request from the US ports[2][4].
• The modems that were not used for operational purposes have sparked particular concern, as their installation was not explained and they were not included in the sales contracts[2].

Scope of the Investigation

• The investigation focused on more than 200 Chinese-made cranes installed at US ports and related facilities. This includes cranes used in several major ports across the country[1][2][5].
• The probe was part of a broader inquiry into the security risks posed by Chinese-made equipment and the influence of the Chinese Communist Party (CCP) on US critical infrastructure[2].

Government and Legislative Responses

• The findings of the investigation have prompted the US Coast Guard to order better security measures for the Chinese-made cranes at US ports[1].
• There are ongoing efforts to replace these cranes to prevent potential Chinese control over US infrastructure. Legislation and policy changes are being considered to address these security concerns[3].

Broader Implications

• The discovery of these undocumented modems highlights broader concerns about the security risks associated with using equipment from Chinese companies, particularly those with ties to the Chinese government.
• This issue is part of a larger discussion about the need for the US and its allies to scrutinize and regulate the use of foreign-made equipment in critical infrastructure to prevent potential espionage and sabotage[3].

Conclusion

The congressional probe into Chinese-made cranes at US ports has revealed significant national security concerns due to the presence of undocumented communications equipment. These findings underscore the need for enhanced scrutiny and regulation of foreign-made equipment in critical US infrastructure to mitigate potential risks of surveillance and sabotage.

China can spy on US with intelligence-gathering devices …

Overview of the Threat: Chinese-Made Cranes at U.S. Seaports

Introduction

A recent congressional investigation has uncovered significant national security concerns related to Chinese-made cranes installed at U.S. seaports. The cranes, manufactured by the Shanghai-based, state-owned company ZPMC (Zhenhua Heavy Industries Co.), contain technology that could be exploited by the Chinese government for espionage and disruption of critical infrastructure.

Key Findings of the Congressional Investigation

Presence of Undocumented Cellular Modems

• The investigation revealed that many of the Chinese-made cranes were equipped with cellular modems that were not requested by U.S. port authorities and were not included in the contracts with ZPMC[1][3][4].
• These modems, which can be accessed remotely, were found in cranes across several U.S. ports, with some ports unaware of their installation.

Potential for Espionage and Disruption

• The cellular modems could allow the Chinese government to gain covert access to the cranes, enabling them to collect intelligence on U.S. port operations and potentially disrupt supply chains and critical infrastructure[1][2][5].
• This access is particularly concerning due to China’s national-security laws, which mandate companies to cooperate with state intelligence agencies.

Pressure on Port Operators for Remote Access

• ZPMC had pressured American port authorities to allow remote access to the cranes, ostensibly for diagnostic and maintenance purposes. However, this access could be extended to other Chinese government entities, posing a significant security risk[1][3][5].

Security Vulnerabilities and Implications

Backdoor Access and Data Collection

• The modems connected to the cranes’ operating systems could serve as a backdoor, allowing for the collection of usage data and potentially bypassing firewalls to disrupt port operations[4].
• This vulnerability could be exploited to gather valuable intelligence on U.S. port activities, including the movement of cargo and logistics operations[1][5].

Economic and National Security Consequences

• The potential for Chinese espionage and sabotage through these cranes could have catastrophic economic and security consequences. A shutdown of U.S. ports due to such activities could cripple the economy and compromise national security[5].

Response and Mitigation Efforts

Biden Administration Measures

• In response to these findings, the Biden administration has planned to invest in replacing foreign-built cranes with domestically manufactured ones to mitigate the risk of Chinese influence[2][5].
• The administration has also introduced maritime cybersecurity measures, including giving the Department of Homeland Security (DHS) more authority to address maritime cyber threats[5].

Coast Guard Involvement

• The U.S. Coast Guard has been directed to require marine transportation systems to improve their cyber security conditions. This includes working with port operators to ensure compliance with new cybersecurity directives[5].

Domestic Production of Cranes

• Efforts are underway to start domestic production of ship-to-shore cranes in collaboration with Japanese heavy industrial companies, aiming to reduce dependence on Chinese-manufactured cranes[4].

Conclusion

The presence of Chinese-made cranes with embedded intelligence-gathering technology at U.S. seaports poses a significant threat to national security and critical infrastructure. The findings of the congressional investigation highlight the need for immediate action to secure U.S. ports and mitigate the risks associated with foreign-manufactured equipment. Ongoing efforts to enhance cybersecurity, replace vulnerable equipment, and promote domestic production are crucial steps in protecting U.S. interests.

Frequently Asked Questions (FAQs)

What is the concern about Chinese cargo cranes at U.S. ports?

The primary concern about Chinese cargo cranes at U.S. ports is the potential for espionage and cyber attacks. These cranes, manufactured by companies like Shanghai Zhenhua Heavy Industries (ZPMC), a state-owned Chinese firm, are equipped with technology such as cellular modems that could allow for remote access and control. This raises fears that the Chinese government could exploit these features to gather sensitive data or disrupt U.S. critical infrastructure, given China’s national-security laws that mandate companies to cooperate with state intelligence agencies.

How widespread are Chinese-made cranes at U.S. ports?

Chinese-made cranes are highly prevalent at U.S. ports, with approximately 80% of the ship-to-shore cranes in use being manufactured by Chinese companies, primarily ZPMC. This widespread presence amplifies the security concerns, as it means a significant portion of the U.S. port infrastructure could be vulnerable to potential Chinese espionage or disruption.

What specific technologies on these cranes pose a security risk?

The specific technologies that pose a security risk include cellular modems and remote monitoring software installed in the cranes. These components allow for remote access, servicing, and programming of the cranes, which could be exploited by Chinese entities to gain unauthorized access to the cranes and potentially to the broader port and terminal systems. Additionally, some cranes contain components supplied by third-party companies that are shipped to China for installation, further complicating the supply-chain security.

How are U.S. authorities responding to these security concerns?

U.S. authorities are taking several steps to address the security concerns associated with Chinese-made cranes. The Coast Guard has issued directives, such as Maritime Security Directive 105-4 and 105-5, which outline new cyber risk management requirements for the owners and operators of these cranes. These directives require ports to take immediate action to mitigate the risks, including contacting their local Coast Guard Captain of the Port to obtain the necessary security protocols. Additionally, the Biden administration has announced plans to invest over $20 billion to replace foreign-built cranes with U.S.-manufactured ones and has imposed tariffs on Chinese shipping cranes.

Have there been any known security breaches related to these cranes?

Despite the significant concerns and ongoing investigations, there have been no known security breaches directly attributed to the presence of Chinese cranes at U.S. ports. However, the potential risks are considered serious enough that various government agencies, including the FBI and the Department of Transportation’s Maritime Administration, are actively warning about the vulnerabilities and advising ports to be vigilant. The American Association of Port Authorities has also emphasized that ports work closely with federal law enforcement to mitigate any perceived risks.