Homeland Security Committee seeks audit of threats brought by Chinese cranes operating at maritime ports
U.S. House Committee on Homeland Security has sought answers this week from the Department of Homeland Security (DHS) on the cybersecurity threats posed to business, military, and industrial operations by Chinese-manufactured cranes operating at U.S. maritime ports. The members have now called for conducting oversight on threats posed by these cranes at U.S. ports.
“To address these concerns, the Committee on Homeland Security is conducting oversight of vulnerabilities in our nation’s maritime ports and the Department of Homeland Security’s (DHS) resilience strategies to address them,” Mark E. Green, a Republican from Tennessee and House Committee on Homeland Security Chairman, Andrew Garbarino, a Republican from New York and Subcommittee on Cybersecurity and Infrastructure Protection Chairman, Carlos Gimenez, a Republican from Florida and Subcommittee on Transportation and Maritime Security Chairman, and Dan Bishop, a Republican from North Carolina and Subcommittee on Oversight, Investigations, and Accountability Chairman, wrote in a letter this week to Alejandro Mayorkas, DHS Secretary.
“As you know, DHS is the lead federal agency responsible for our nation’s maritime port security and cybersecurity. America’s supply chain and economic security are largely dependent on maritime ports, which help facilitate $5.4 trillion worth of commercial and military goods, annually,” the letter added.
The letter follows a November 2022 letter sent by a bicameral group of members to U.S. President Joe Biden urging action and a decisive response to the threats posed by China at the nation’s ports. “We renew that call. Among other issues, we find troubling that Chinese-made cranes manufactured by Shanghai Zhenhua Heavy Industries Co., also known as ZPMC, are utilized in 80 percent of U.S. ports,” it added.
Ship-to-shore cranes play a critical role in maritime port operations and U.S. commercial and military supply chains. As reported last month in the Wall Street Journal, roughly 80 percent of cranes used at U.S. ports are manufactured by the Chinese company Shanghai Zhenhua Heavy Industries Co. (ZPMC), a subsidiary of China Communications Construction Co. These cranes contain technology that allows the company to remotely monitor ‘in real time’ the movement of these cranes and the shipping containers they transport. They also provide access that could provide the Chinese Communist Party with valuable information on American critical infrastructure.
Just, last month, the U.S. intelligence community warned in its annual threat assessment that China represents the ‘most active, and persistent cyber espionage threat to U.S. Government and private-sector networks.’ The report added that China’s cyber pursuits and its industry’s export of related technologies increase the threats of aggressive cyber operations against the U.S. homeland, suppression of the free flow of information in cyberspace, such as U.S. web content, that Beijing views as threatening to the CCP’s hold on power, and the expansion of technology-driven authoritarianism globally.
To assist the Homeland Security Committee in its oversight of DHS’s maritime port security efforts, the lawmakers have requested a briefing on maritime port security with a focus on maritime port cybersecurity, as well as the vulnerabilities ZPMC’s cranes in U.S. ports may pose, as soon as possible, but no later than 5:00 p.m. on April 14, 2023.
The lawmakers also called for certain documents and information as soon as possible, but no later than 5:00 p.m. on April 17, 2023. The requested documents and communications include those referring or relating to security vulnerabilities ZPMC or other foreign-manufactured cranes employed at U.S. ports pose to U.S. maritime ports from January 1, 2000, to the present. They also requested documents sufficient to show the risk assessment and emergency preparedness measures in place by sector risk management agencies (SRMAs) as directed by the FY21 National Defense Authorization Act for the Transportation System Sector, specifically relating to the maritime transportation sector.
The signatories to the letter to Mayorkas also called for documents sufficient to show the United States Coast Guard’s (USCG) Maritime Cyber Readiness Branch (MCRB) standard operating procedures to assess, address, and mitigate cybersecurity risks to maritime ports. They also requested documents sufficient to show how DHS, including the USCG, engages with the maritime port industry, including private companies, about cybersecurity threats. Additionally, they asked for a document sufficient to show the percentage of private maritime transportation companies that voluntarily report cybersecurity incidents to DHS.
The lawmakers also requested a document sufficient to show the average response time of the DHS, including the Cybersecurity and Infrastructure Security Agency (CISA) and USCG, for reported maritime port cybersecurity incidents. Lastly, the letter called for documents sufficient to show which private companies received Federal Emergency Management Agency (FEMA) Port Security Grant program funding for FY20, FY21, FY22, and FY23, and how awardees utilized grant dollars for those fiscal years.
Last month, the CISA partnered with the U.S. Army Corps of Engineers’ Engineer Research and Development Center (USACE-ERDC) to develop the Marine Transportation System Resilience Assessment Guide (MTS Guide). The assessment document provides a consistent, repeatable process for conducting uniform assessments of the resilience of the complicated systems that comprise the marine transportation system, delivering advice for assembling the diverse group of public and private stakeholders and agencies that manage these systems. It also provides a framework for conducting resilience assessments and delivering various resources to support resilience assessments.
A complimentary guide to the who`s who in industrial cybersecurity tech & solutions
Free DownloadRelated
