[NNagain] Article: Espionage Probe Finds Communications Device [[Modems]] on Chinese Cranes at U.S. Ports

[David Bray, PhD]

*Of note: *

https://www.msn.com/en-us/news/world/espionage-probe-finds-communications-device-on-chinese-cargo-cranes/ar-BB1juBcq



*Noting "communications equipment that doesn’t appear to support normal
operations, fueling concerns that the foreign machines may pose a covert
national-security risk."*Over a dozen cellular modems were found on crane
components in use at one U.S. port, and another modem was found inside
another port’s server room, according to a committee aide. Some of the
modems had active connections to operational components to the cranes, the
aide said.

While it isn’t unusual for modems to be installed on cranes to remotely
monitor operations and track maintenance, it appears that at least some of
the ports using the ZPMC-made equipment hadn’t asked for that capability,
according to congressional investigators and documents seen by The Wall
Street Journal. One port with modems told lawmakers in a December letter
that it was aware of their existence on the cranes, but couldn’t explain
why they were installed.

ZPMC, a Chinese state-owned company, didn’t respond to requests for
comment. Liu Pengyu, a spokesman at the Chinese embassy in Washington,
didn’t address specific questions about the modems but said claims that
China-made cranes pose a national-security risk to the U.S. is “entirely
paranoia” and amounted to “abusing national power to obstruct normal
economic and trade cooperation.”

Concerns about ZPMC’s cranes have been building steadily in Washington for
years. In 2021, the Federal Bureau of Investigation found
intelligence-gathering equipment on board a ship that was transporting
cranes into the Baltimore port, the Journal previously reported.

Last month, the Biden administration announced it would invest more than
$20 billion over the next five years to replace foreign-built cranes with
U.S.-manufactured ones. The money will go toward supporting the building of
cranes by a U.S. subsidiary of Mitsui, a Japanese company, marking what
officials said would create a domestic option for ports for the first time
in 30 years.

The administration also rolled out a suite of maritime cybersecurity
measures, which comes amid rising fears that Chinese hackers have been
pre-positioning themselves to disrupt American critical infrastructure in
the event of open hostilities, such as a military conflict over Taiwan.

Those actions by the Biden administration followed a Wall Street Journal
investigation last year that revealed U.S. fears that cranes made by ZPMC
in use at a number of America’s ports could present an espionage and
disruption risk. More recently, there has been a surge of warnings from top
U.S. officials about the potential threat to American lives posed by the
infiltration of the nation’s critical infrastructure by Chinese hackers.

The new focus on cranes and broader maritime security “has been a wake-up
call for many western countries,” Wille Rydman, minister of economic
affairs for Finland, said in an interview. Finland, which joined the North
Atlantic Treaty Organization last year, has been seeking to expand the
market share of its maritime industry globally amid the rising concerns
about Chinese technology supply chains.

The Finnish company Konecranes, for example, supplied four large container
cranes to the port in Savannah, Georgia, last summer.

Biden administration officials say the Chinese cranes have security
shortcomings that should worry ports. “We have found, I would say,
openings, vulnerabilities, that are there by design,” Rear Adm. John Vann,
who leads the Coast Guard cyber command, said during congressional
testimony about the cranes to Green’s committee last week.

In a partially redacted December letter to the committee seen by the
Journal, an unidentified U.S. port operator said that the modems weren’t
part of an existing contract, but that the port had been aware of their
installations on the cranes and that they were intended for a “mobile
diagnostic and monitoring” service the port didn’t enroll in.

“We are unsure who installed the modems as they were on the cranes when we
first saw them in China,” the letter to the committee said. The modems,
according to the letter, were believed to have been installed around June
2017, around the time of the cranes’ manufacturing and assembly, and
removed in October of last year.

It couldn’t be determined what prompted the port to take action on the
modems or who did so. A committee aide said information collected by the
panel indicated the modems had been physically disabled, but not yet fully
removed.

“These components do not contribute to the operation of the (ship-to-shore)
cranes or maritime infrastructure and are not part of any existing contract
between ZPMC and the receiving U.S. maritime port,” the
Republican-controlled committees said in a letter sent to the company last
week.

The letter to ZPMC said that lawmakers found that many cranes at U.S. ports
were built at the company’s Changxing base adjacent to a shipyard on the
Shanghai island where the Chinese navy builds advanced warships. It also
said lawmakers had learned from briefings with ports and U.S.
law-enforcement agencies that ZPMC had repeatedly made requests for remote
access to U.S.-based cranes and other maritime infrastructure.

ZPMC cranes entered the U.S. market around two decades ago, offering what
industry executives described as good-quality cranes that were
significantly cheaper than Western suppliers. In recent years, ZPMC has
grown into a major player in the global automated-ports industry, working
to connect equipment and analyze data in real time.

Green, the committee chairman, said that the additional components
discovered on some cranes “are just one example of the worrisome findings
in our investigation.”

The panel intends to finish its probe, which is being done jointly with the
Select Committee on the Chinese Communist Party, next month. A public
report will focus on ZPMC, its suppliers, and potential threats posed by
equipment and technology at U.S. ports that were manufactured in China, a
committee aide said.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.bufferbloat.net/pipermail/nnagain/attachments/20240307/00d6284d/attachment-0001.html>