The News
China-made cranes used in US ports could pose a security threat, according to a new congressional report.
The report identified cranes manufactured by China-based ZPMC in particular, and alleged that the state-owned company has put pressure on some US port operators to give it remote access to the cranes’ modems, which ZPMC said was needed for maintenance. In some cases, the modems were installed without port authorities’ knowledge, the report stated.
The modems may be used to covertly collect sensitive information that could disrupt US ports and supply chains, the report warned.
In an acknowledgment of the risk to US infrastructure, the Biden administration recently announced plans to replace foreign-made cranes with American-manufactured ones, and imposed a 25% tariff on cranes made in China.
SIGNALS
Hacked cranes could open door to global supply chain chaos
Beyond the immediate risks identified in the new report, the large presence of Chinese-manufactured cranes at US ports highlighted a broader strategic vulnerability that runs throughout American infrastructure. The cranes, which are thought to account for 80% of all ship-to-shore cranes in US ports, according to the report, could be a potential “choke point” in a future geopolitical conflict with the US, The Wall Street Journal wrote. The ability to disrupt port operations through embedded technology may also give China more leverage over the global supply chain in any future economic and military confrontations, the outlet noted, particularly as tensions between the two powers rise.
US faces expansive digital battleground
The alleged risks identified with ZPMC cranes at US ports are part of a broader pattern, whereby China-backed cyber threats target key infrastructure, US security officials have said. China’s digital strategy goes beyond ports to encompass water and electricity, Wired wrote, underscoring the need for more comprehensive digital diplomacy between Beijing and Washington. The administration’s push to train US diplomats in cybersecurity is one such step, but future foreign policy should focus more heavily on securing digital fronts as well as physical ones, analysts said.
US suffers from old-school digital weaknesses
In February, the Federal Bureau of Investigation alerted that Chinese hackers appeared to have deeply infiltrated the US’ cyber infrastructure, threatening water treatment facilities, the electrical grid, and transportation networks. The vulnerabilities exposed in the latest congressional report reflect the fragility of US critical infrastructure and its unpreparedness to defend against increasingly sophisticated and targeted cyber attacks. The seeming lack of preparedness is compounded by the fact that old-school hacking techniques like email phishing are still effective due to poor cyber hygiene practices — like using outdated and easy to guess passwords and inadequate system segregation, CNBC noted.