A joint investigative report released today by the House Committee on Homeland Security has revealed significant cybersecurity and national security vulnerabilities in U.S. ports due to the dominance of Chinese-made container cranes.
The report highlights the risks posed by Shanghai Zhenhua Heavy Industries (ZPMC), a Chinese state-owned enterprise that accounts for nearly 80% of ship-to-shore (STS) cranes in U.S. ports.
“The evidence gathered during our joint investigation indicates that ZPMC could, if desired, serve as a Trojan horse capable of helping the CCP and the PRC military exploit and manipulate U.S. maritime equipment and technology at their request,” said Committee Chairman Mark E. Green, MD (R-TN).
The investigation revealed that two PRC state-owned enterprises control portions of five U.S. ports and lead billions in overseas seaport investments. ZPMC, a subsidiary of China Communications Construction Company (CCCC), a CCP-linked company involved in militarizing the South China Sea, has board members with ties to the Chinese Communist Party and defense contracting. Cybersecurity risks include unauthorized installations of cellular modems on cranes and ZPMC’s requests for remote access to its cranes in U.S. ports.
The report also notes that alternative crane manufacturers maintain ties to China, potentially exposing them to supply-chain disruptions or pressure. These vulnerabilities could be exploited in potential conflicts, particularly regarding Taiwan, potentially disrupting U.S. commercial activities and military deployments.
The findings underscore the urgent need to address vulnerabilities in U.S. port infrastructure and reduce dependence on potentially compromised technology.
In February, the White House issued an Executive Order giving the Department of Homeland Security (DHS) expanded authority to deal with maritime cyber threats, including setting cybersecurity standards for American port networks and systems, as part of a broader effort to enhance the security of the nation’s ports.
“While the Biden administration’s executive orders on maritime security are an important step forward, our investigation proves immense damage may have already been done. This report must be a wake-up call for maritime sector stakeholders and the federal government to address this threat with far more urgency,” said Green.
The investigation comes after a series of reports highlighting potential security risks associated with Chinese-made cranes in U.S. ports. In 2023, the Wall Street Journal reported on national security risks posed by Chinese state-owned cranes, revealing that the FBI had discovered intelligence collection devices on ZPMC cranes at the Port of Baltimore.
The committee’s investigation, which spanned over a year, involved interviews and information requests from various stakeholders, including government agencies and U.S. strategic seaports.
In response to these findings, the committee is urging maritime sector stakeholders and the federal government to address this threat with greater urgency. As Subcommittee Chairman Carlos Gimenez noted during a recent hearing, U.S. Coast Guard Rear Admiral John Vann confirmed, “We have found…openings to vulnerabilities that are there by design.”
Cary Davis, President and CEO American Association of Port Authorities (AAPA), thanked the committee for their work and attention on port cybersecurity.
“Due to our constant work with the U.S. Coast Guard, other federal law enforcement, and private sector experts, there have been no known security breaches involving port equipment to date,” said Davis. “We are eager to continue collaborating with Federal Government leaders to respond to evolving threat landscapes with forward-looking policy solutions like waivers to burdensome procurement requirements and incentives for the domestic manufacture of critical port equipment.”
Unlock Exclusive Insights Today!
Join the gCaptain Club for curated content, insider opinions, and vibrant community discussions.