4G Modems with Unknown Purpose Found in Chinese Port Cranes Operating in the United States
The Committee on Homeland Security and the Committee on China Affairs of the US House of Representatives published the results of an investigation that revealed communication equipment in some Chinese-made cranes used in US ports. This equipment was not documented, and the purpose of its installation was not announced.
Mobile modems that can be used for remote communication were found on the cranes, but their presence was not specified in any contract between the US port authorities and the Chinese crane manufacturer ZPMC. “Our investigation has uncovered vulnerabilities in cranes at U.S. ports that could help the Communist Party of China not only undermine trade competitors through espionage, but also disrupt supply chains, crippling our nation’s economy. Without immediate, dramatic changes, we will continue to provide the CCP with easy access to our critical infrastructure in their quest for global dominance,” said CNN is one of the leaders of the Committee on Homeland Security.
In an official statement, ZPMC said that the company “has always been committed to producing high-quality products and serving customers around the world.” Liu Pengyu, a representative of the Chinese Embassy in the United States, called the assumption of a threat from Chinese port cranes “paranoia.” “We strongly oppose the United States creating unnecessary tension on national security issues and abusing national power to hinder normal economic and trade cooperation between China and the United States,” Mr. Liu emphasized.
Port cranes play a key role in moving goods to the US by sea; 80% of the cranes used in US ports are Chinese. They can often be controlled remotely, allowing hackers with access to the network to gather intelligence from the ports or theoretically cause equipment malfunctions. At the same time, no “malware or Trojan horse software” was detected during the inspection, said Rear Admiral John Vann, head of the Coast Guard Cyber Command. Many machines in the marine and oil and gas sectors are equipped with communication equipment, including mobile modems that technicians use for remote maintenance. However, such equipment at critical facilities is not always well documented and “physically bypasses” traditional port cybersecurity, posing a security threat, added Marco Ayala, president of the Houston chapter of the InfraGard National Member Alliance.
