In the heart of China’s rapid economic and infrastructure growth, the crane manufacturing and operations industry stands as a pivotal force, driving the country’s construction, logistics, and industrial development. With China boasting the world’s largest market for mobile cranes and a vast array of crane types, from truck cranes and tower cranes to crawler cranes, the sector’s influence is unparalleled.

This in-depth guide delves into the intricacies of crane operations in China, exploring the historical evolution of the industry, from its early beginnings with foreign technology imports to its current status as a global leader in crane manufacturing. Readers will gain insights into the latest trends, including the shift towards lightweight, large-scale, intelligent, and reliable crane technologies, as well as the significant role of government policies and international investments in fueling industry growth.

You will also learn about the competitive landscape, with key players such as XCMG, Shanghai Zhenhua Heavy Industries, and Zoomlion Heavy Industry Science And Technology Co., Ltd.,

US warns of cyberthreat from China container cranes

Given that the specific website you mentioned is not included in the search results, the following guide is compiled from the relevant information found in the other sources.

U.S. Concerns Over Cyber Threats from Chinese-Made Container Cranes

Introduction

The U.S. government and various agencies have raised significant concerns about the cybersecurity and national security risks posed by Chinese-manufactured ship-to-shore (STS) cranes at U.S. ports. Here is a comprehensive guide to the issue.

Dominance of Chinese-Made STS Cranes

• Chinese companies, particularly Shanghai Zhenhua Heavy Industries (ZPMC), dominate the global STS crane market, with nearly 80% of STS cranes in U.S. ports being manufactured by these companies[2][3].

Cybersecurity Risks

• These cranes are designed for remote control, servicing, and programming, which makes them susceptible to exploitation. The presence of cellular modems and the requirement for remote access by the manufacturer pose significant cybersecurity risks[2][5].
• There is evidence that ZPMC, a Chinese state-owned enterprise, could serve as a “Trojan horse” for the Chinese Communist Party (CCP) and the People’s Republic of China (PRC) military to exploit and manipulate U.S. maritime equipment and technology[2].

National Security Implications

• The involvement of Chinese state-owned enterprises in U.S. port infrastructure raises concerns about potential espionage and the ability of these entities to disrupt U.S. commercial activities and military deployments, especially in scenarios involving Taiwan[2][4].
• Board members of ZPMC have ties to the CCP and defense contracting, further exacerbating these concerns[2].

Regulatory and Directive Actions

• The U.S. Coast Guard has issued MARSEC Directive 105-5, which outlines additional cyber risk management actions for owners or operators of Chinese-made STS cranes. This directive builds upon the requirements set by MARSEC Directive 105-4 and is classified as Sensitive Security Information (SSI)[1][3].
• The directive requires owners and operators to contact their local Captain of the Port (COTP) or cognizant District Commander to acquire a copy, ensuring that only authorized individuals with a ‘need to know’ can access the information[1].

Interagency Collaboration and Initiatives

• The U.S. Coast Guard has consulted with various agencies, including the Department of State, Department of Defense (DoD), Department of Transportation/Maritime Administration, DHS, Transportation Security Administration, Cybersecurity and Infrastructure Security Agency (CISA), and National Maritime Intelligence-Integration Office, to address these security concerns[1].
• The Department of Homeland Security (DHS) has been given expanded authority to deal with maritime cyber threats through an Executive Order, which includes setting cybersecurity standards for American port networks and systems[2].

Mitigation and Future Steps

• The House Committee on Homeland Security has urged stakeholders and the federal government to address these threats with greater urgency. Recommendations include reducing dependence on potentially compromised technology and incentivizing the domestic manufacture of critical port equipment[2].
• Initiatives such as the Control Environment Laboratory Resource (CELR) platform, launched by DHS’ Science and Technology Directorate and CISA, aim to enhance cybersecurity at U.S. harbors by providing a training and research hub for securing maritime infrastructure[1].

Conclusion

The presence of Chinese-made STS cranes in U.S. ports poses significant cybersecurity and national security risks. The U.S. government and various agencies are taking proactive steps to mitigate these risks through regulatory directives, interagency collaboration, and the development of new cybersecurity initiatives. Addressing these vulnerabilities is crucial to ensuring the security and integrity of the U.S. maritime transportation system.

Why China’s cargo cranes at U.S. ports pose espionage risk

Guide to Security Risks Associated with Chinese-Made Cargo Cranes in U.S. Ports

Introduction

The use of Chinese-made cargo cranes in U.S. ports has raised significant security concerns due to potential cyber vulnerabilities and the risk of espionage. Here is a comprehensive guide to the issues and measures being taken.

Dominance of Chinese Cranes in U.S. Ports

• Chinese company Shanghai Zhenhua Heavy Industries Co. Ltd. (ZPMC) dominates the global market for ship-to-shore (STS) cranes, with approximately 80% of these cranes in U.S. ports being manufactured by ZPMC[2][4][5].

Cybersecurity and Espionage Risks

• The cranes are equipped with control technology that could enable remote access, posing a risk of cyber attacks and espionage. Cellular modems installed in these cranes can be accessed remotely, potentially allowing the Chinese government to gain access to U.S. port systems[2][3][4].
• These modems were sometimes installed without the knowledge or consent of the port authorities, and they could be used for purposes beyond maintenance and diagnostics, such as spying on U.S. ports[3][4].

National Security Implications

• The presence of these cranes raises concerns about the potential for the Chinese Communist Party (CCP) to disrupt U.S. critical infrastructure, including the ability to restrict or manipulate the supply of critical components in a future dispute[2][4].
• The CCP’s national security laws mandate that companies cooperate with state intelligence agencies, which amplifies the risk that these cranes could be used for espionage and sabotage[2][4].

Regulatory and Directive Actions

• The U.S. Coast Guard has issued MARSEC Directive 105-5, which sets out additional cyber risk management requirements for STS cranes made by Chinese companies. This directive follows an earlier mandate issued in February and is part of the three-level MARSEC system to communicate security threats[1][5].
• The directive requires port and terminal operators, crane owners, and other relevant parties to contact their Coast Guard District commander or captain of the port to obtain a copy of the directive, which contains sensitive security information[1][5].

Recommendations and Mitigation Measures

• House committees recommend that U.S. ports sever connections between ZPMC cranes and cellular modems and install operational technology monitoring software to mitigate the risks[2][4].
• There is a push to replace Chinese-made cranes with those manufactured in the U.S., supported by an executive order from President Joe Biden that allocates infrastructure funding for port upgrades[1][2].

Industry and Government Response

• The American Association of Port Authorities (AAPA) has stated that it is not aware of any security breaches involving port equipment to date, but the ongoing investigations and directives indicate a growing concern within the government and industry[2].
• The Department of Homeland Security (DHS) and other agencies are working to bolster cybersecurity at U.S. harbors through initiatives like the Control Environment Laboratory Resource (CELR) platform[5].

Future Actions and Considerations

• The U.S. maritime industry is urged to reduce its reliance on Chinese-manufactured equipment to minimize national security risks. This includes exploring alternatives from other manufacturers and enhancing oversight and security protocols for existing equipment[2][4].
• Continuous monitoring and updating of security measures are crucial to address the evolving threats posed by the use of foreign-manufactured critical infrastructure equipment.

China can spy on US with intelligence-gathering devices …

Guide to Chinese-Made Port Cranes and Potential Espionage Threats

Introduction

A recent congressional investigation has uncovered significant national security concerns related to Chinese-made cargo cranes used at U.S. seaports. Here is a comprehensive guide to the findings and implications of this investigation.

Background

The investigation was conducted jointly by the Republican majorities of the House Homeland Security Committee and the Select Committee on the Chinese Communist Party. It focused on cranes manufactured by Shanghai Zhenhua Heavy Industries Company Limited (ZPMC), a state-owned Chinese company.

Key Findings

Presence of Communication Equipment

• The cranes were found to contain communication equipment, including cellular modems, which could be accessed remotely. These modems were not always requested by the U.S. ports and were sometimes installed without their knowledge[1][3][4].

Potential for Espionage

• The cellular modems built into the cranes could potentially allow the Chinese government to gain access to the machines due to China’s national-security laws that mandate companies to cooperate with state intelligence agencies. This access could be used for intelligence collection and to monitor U.S. port activities[1][2][5].

Remote Access and Control

• ZPMC had pressured port operators to allow remote access to the cranes for diagnostic and maintenance purposes. However, this remote access could be extended to other Chinese government entities, posing a significant security risk[1][3][5].

Scope of the Issue

• The cranes in question make up roughly 80% of the seaport cranes across the U.S., highlighting the widespread nature of the potential vulnerability[1][5].

Security Implications

National Security Risks

• The presence of these modems and the potential for remote access by Chinese entities pose significant national security risks. This could allow China to undercut trade competitors through espionage, disrupt supply chains, and potentially sabotage critical infrastructure[1][3][5].

Economic Consequences

• Any disruption to port operations could have catastrophic economic consequences, including the potential to cripple the U.S. economy. This is particularly concerning given the critical role these cranes play in the logistics and supply chain[5].

Military and Civilian Impact

• The technology on these cranes could provide the Chinese Communist Party with valuable information on American critical infrastructure, affecting both civilian and military operations[5].

Response and Mitigation

Government Actions

• The Biden administration has announced plans to invest in replacing foreign-built cranes with domestically manufactured ones to mitigate these risks. Additionally, the Department of Homeland Security (DHS) has been given more authority to address maritime cyber threats, and the U.S. Coast Guard has been instructed to improve cybersecurity conditions at ports[2][5].

Cybersecurity Measures

• The U.S. is working with Japanese heavy industrial companies to start domestic production of ship-to-shore cranes, ensuring a reliable supply of critical hardware. The Coast Guard will work with crane owners and operators to implement and verify compliance with new cybersecurity directives[4][5].

Conclusion

The discovery of potential espionage devices on Chinese-made port cranes highlights a critical vulnerability in U.S. national security and infrastructure. The ongoing efforts by the U.S. government to address these issues through investment in domestic manufacturing and enhanced cybersecurity measures are crucial steps in mitigating these risks and protecting American interests.

Investigation by Select Committee on the CCP, House …

Investigation Findings: Potential Threats to U.S. Economic and National Security from the Chinese Communist Party (CCP)

Introduction

The Select Committee on the Chinese Communist Party, in conjunction with the House Committee on Homeland Security, has conducted a comprehensive investigation into the growing threats posed by the CCP to U.S. economic and national security. This guide outlines the key findings and implications of this investigation.

Threats Posed by Chinese-Manufactured Maritime Equipment

Vulnerabilities in U.S. Ports

The investigation revealed significant vulnerabilities in U.S. ports due to the presence of Chinese-manufactured cargo equipment, particularly those produced by Shanghai Zhenhua Heavy Industries Co., Ltd. (ZPMC). ZPMC, a wholly owned subsidiary of China Communications Construction Group (CCCG), has been identified as a potential “Trojan horse” that could be used by the CCP and the People’s Republic of China (PRC) military to exploit and manipulate U.S. maritime equipment and technology.

Intelligence Gathering and Cyber Espionage

• The FBI discovered intelligence-gathering equipment on ZPMC cranes at the Port of Baltimore in February 2021.
• ZPMC has requested remote access to its cranes operating at various U.S. ports, which could potentially be extended to other PRC government entities, posing significant cyber espionage risks.
• Cellular modems installed on ZPMC cranes at U.S. ports were found to be outside the scope of existing contracts, raising concerns about unauthorized modifications and backdoors in the equipment.

Implications for U.S. National Security

Economic and Strategic Risks

• The CCP could track the movement of goods through U.S. ports or halt port activity, affecting Americans nationwide and influencing global military and commercial activities.
• In the event of a dispute over Taiwan, the PRC could restrict or manipulate the supply of critical components essential to U.S. maritime infrastructure, disrupting U.S. commercial activities and hindering the Department of Defense’s (DoD) ability to deploy resources.

Long-term Economic Security

• The investigation highlighted that short-term financial gains from using Chinese-manufactured equipment may compromise long-term economic security. This includes the potential for the CCP to exploit vulnerabilities in U.S. critical infrastructure.

Investigation Methodology and Scope

Oversight and Stakeholder Engagement

• The investigation involved oversight of key stakeholders in the maritime sector, including the Department of Homeland Security (DHS), the U.S. Coast Guard, the Department of Transportation Maritime Administration, the DoD, the FBI, and the National Security Agency.
• The committees reviewed information from 10 U.S. strategic seaports, three international port equipment manufacturers, and other relevant entities.

Contractual Vulnerabilities

• The investigation found no provisions in contracts between ZPMC and U.S. ports that prohibit or limit unauthorized modifications or access to equipment and technology. This lack of contractual safeguards allows ZPMC and other PRC state-owned enterprises (SOEs) to install backdoors or modify technology without restriction.

Recommendations and Calls to Action

Urgent Need for Remedial Actions

• The report emphasizes the need for immediate action to address these threats, urging maritime sector stakeholders and the federal government to take more urgent measures to protect U.S. homeland security.
• Lawmakers have called for the Biden administration to strengthen its executive orders on maritime security and for companies like ABB to remedy significant vulnerabilities in their China-based supply chains.

Legislative and Regulatory Responses

• The investigation supports the need for legislative and regulatory responses to mitigate these threats. This includes the establishment of stricter oversight and security protocols for foreign-manufactured equipment used in critical U.S. infrastructure.

Conclusion

The investigation by the Select Committee on the CCP and the House Committee on Homeland Security has exposed significant and immediate threats to U.S. economic and national security posed by the CCP through its maritime activities. It is crucial for the U.S. government and private sector stakeholders to implement a coordinated and robust response to these threats to ensure the security and resilience of U.S. critical infrastructure.

Biden admin warns House about China’s major presence …

Given that the specific website content from CNBC is not provided in the search results, I will create an in-depth guide based on the information available from the other sources, focusing on the security risks and implications of Chinese-made cranes in U.S. ports.

Chinese Dominance in U.S. Port Equipment: Security Risks and Implications

Introduction

The presence of Chinese-made cranes, particularly those manufactured by Shanghai Zhenhua Heavy Industries (ZPMC), in U.S. ports has raised significant security and national security concerns. Here is a comprehensive guide to the issues and implications.

Dominance of ZPMC in Global and U.S. Markets

• Global Market Share: ZPMC dominates the global market share of ship-to-shore (STS) port cranes, holding approximately 70% of the global market and 80% of the STS cranes operational in U.S. ports[1][3][5].

Security Risks Associated with ZPMC Cranes

Cybersecurity Vulnerabilities

• Remote Access: ZPMC has pressured port operators to allow remote access to the cranes, which could potentially be extended to other PRC government entities, posing significant cybersecurity risks[1][2][3].
• Cellular Modems: ZPMC has installed cellular modems on STS cranes in U.S. ports, which are not part of the original contracts and bypass the port’s local area network, creating independent connections that could be exploited[1][4].

National Security Concerns

• PRC Control: ZPMC is owned and controlled by the People’s Republic of China (PRC), which has been named a “Communist Chinese Military Company” by the Department of Defense. This ownership raises concerns about the potential for espionage and manipulation of U.S. maritime equipment and technology[1][2][3].
• Geopolitical Ambitions: The PRC’s geopolitical ambitions, especially regarding Taiwan, could lead to restrictions or manipulation of critical components essential to U.S. maritime infrastructure, including STS cranes. This could severely disrupt U.S. commercial activities and hinder the Department of Defense’s ability to deploy supplies and resources[1][3].

Contractual and Oversight Issues

• Contract Terms: U.S. ports have multimillion-dollar contracts with ZPMC that do not prohibit or limit unauthorized modifications or access to equipment and technology. These contracts do not specifically bar the vendor from installing backdoors into the equipment or modifying the technology[1][3].
• Lack of Oversight: Critical crane components from other countries (e.g., Germany, Japan, Switzerland) are shipped to China for assembly by ZPMC without oversight from the original manufacturers, further increasing security risks[1].

Recommendations and Actions

Immediate Security Measures

• Disconnect Cellular Modems: Recommendations include severing the connections between ZPMC cranes and cellular modems to mitigate immediate security risks[1].
• Operational Technology Monitoring: Installing operational technology monitoring software to enhance the security posture of U.S. ports[1].

Long-Term Strategies

• Diversification of Suppliers: Efforts to diversify suppliers and reduce reliance on Chinese-made equipment. For example, the Biden administration has agreed with PACECO Corp. to relaunch U.S. manufacturing capabilities for cranes, and Konecranes is establishing a supplier network to build STS cranes in the U.S.[4].
• Tariffs and Economic Measures: The U.S. has implemented sweeping tariffs on Chinese goods, including a 25% tariff on Chinese-made STS cranes, with exclusions for contracts executed prior to May 14, 2024, and cranes that enter the U.S. prior to May 14, 2026[4].

Regulatory and Policy Changes

• Executive Orders: The Biden-Harris administration has issued executive orders to strengthen maritime cybersecurity, fortify the supply chain, and strengthen the U.S. industrial base, including a $20 billion investment into U.S. port infrastructure over the next five years[1][3].
• Department of Homeland Security (DHS) and US Coast Guard: Recommendations for DHS and the US Coast Guard to prioritize closing security gaps at strategic seaports, such as Guam’s port, and ensure the safety and security of DoD-designated commercial strategic seaports[1].

Conclusion

The presence of Chinese-made cranes in U.S. ports, particularly those from ZPMC, poses significant cybersecurity and national security risks. Addressing these risks requires immediate security measures, long-term strategies to diversify suppliers, and regulatory and policy changes to ensure the security and integrity of U.S. maritime infrastructure.

Chinese Cargo Cranes at U.S. Ports Pose Espionage Risk …

Chinese Cargo Cranes at U.S. Ports: A Potential Espionage Risk

Introduction

A recent congressional investigation has uncovered significant security concerns regarding Chinese-made cargo cranes used at U.S. seaports. The cranes, manufactured by the state-owned Chinese company Shanghai Zhenhua Heavy Industries (ZPMC), pose a potential threat to U.S. national security due to embedded technology that could be exploited for espionage and disruption.

Key Findings of the Congressional Investigation

Dominance of ZPMC in the U.S. Market

• ZPMC accounts for approximately 80% of all ship-to-shore cranes in U.S. ports, highlighting a critical dependence on Chinese-manufactured equipment[2][3][5].

Embedded Technology and Remote Access

• The cranes contain cellular modems that can be remotely accessed, which ZPMC claims are necessary for maintenance and diagnostic purposes. However, these modems can potentially be used by the Chinese government to gather intelligence and disrupt port operations[2][3][5].

Pressure on Port Operators

• ZPMC has pressured U.S. port operators to allow remote access to the cranes, with a particular focus on those located on the West Coast. This access could be extended to other PRC government entities due to China’s national security laws that mandate cooperation with state intelligence agencies[2][3][5].

Unauthorized Modifications

• In some cases, the cellular modems were installed without the knowledge or consent of port authorities, and beyond the scope of existing contracts with ZPMC[3][5].

Security Risks and Implications

Espionage and Disruption

• The embedded technology in the cranes could allow the Chinese government to covertly gain access to the machines, enabling espionage and the potential disruption of U.S. ports and supply chains[2][3][5].

National Security Vulnerabilities

• The vulnerability of these cranes to remote access poses a significant risk to U.S. national security, particularly given China’s geopolitical ambitions and assertiveness. This could impact the security of U.S. maritime supply chains, especially in potential future disputes over Taiwan[5].

Economic Impact

• Disruption to port operations could devastate the U.S. economy by undercutting trade competitors through espionage and disrupting the movement of cargo[4].

Broader Strategic Vulnerabilities

Dependence on Chinese Infrastructure

• The large presence of Chinese-manufactured cranes at U.S. ports highlights a broader strategic vulnerability in American infrastructure. This dependence could serve as a “choke point” in future geopolitical conflicts, giving China leverage over the global supply chain[1].

Cybersecurity Weaknesses

• The vulnerabilities exposed in the investigation reflect the fragility of U.S. critical infrastructure and its unpreparedness to defend against sophisticated cyber attacks. Old-school hacking techniques, such as email phishing, remain effective due to poor cyber hygiene practices[1].

Recommendations and Actions

Replacement of Foreign-Made Cranes

• The Biden administration has announced plans to replace foreign-made cranes with American-manufactured ones to mitigate the security risks. Additionally, a 25% tariff has been imposed on cranes made in China[1].

Enhanced Security Measures

• The congressional report recommends that U.S. ports sever connections between ZPMC cranes and cellular modems, install operational technology monitoring software, and prioritize closing security gaps at critical seaports[5].

Strengthening Maritime Cybersecurity

• The Biden-Harris administration has issued an Executive Order to strengthen maritime cybersecurity, fortify the supply chain, and strengthen the U.S. industrial base, including a $20 billion investment into U.S. port infrastructure over the next five years[5].

Conclusion

The use of Chinese-made cargo cranes at U.S. seaports presents a significant security risk due to the potential for espionage and disruption. Addressing these risks requires a multifaceted approach, including the replacement of foreign-made cranes, enhanced security measures, and a robust cybersecurity strategy to protect critical U.S. infrastructure.

U.S. Moves Forward with Sweeping Tariffs on China …

U.S. Tariffs on Chinese-Made Port Cranes: An In-Depth Guide

Introduction

The U.S. has implemented sweeping tariff increases on a wide range of Chinese goods, including ship-to-shore (STS) cranes used in American ports. This move is part of the Biden Administration’s efforts to counter China’s unfair trade practices and address national security concerns.

Tariff Details

Tariff Rates and Implementation

• The U.S. Trade Representative has increased tariffs on Chinese-made STS cranes to 25% effective in 2024[1][3][4].
• The tariffs apply to cranes ordered after May 14, 2024, and those that enter the U.S. after May 14, 2026. Contracts executed prior to May 14, 2024, and cranes entering the U.S. before May 14, 2026, are excluded from these tariffs[1][3].

Affected Products

• The tariffs are part of a broader set of increases on Chinese goods, including semiconductors, steel and aluminum products, electric vehicles and their batteries, permanent magnets, and various medical products such as gloves, facemasks, and syringes[1][4].

Impact on U.S. Ports

Financial Burden

• The American Association of Port Authorities (AAPA) estimated that the tariffs would result in an additional $131 million in costs for U.S. ports, given the number of cranes currently on order from Chinese manufacturers[1][3][5].
• For example, Port Houston faces an extra $28.5 million in costs for eight container cranes ordered from Zhenhua Heavy Industries Co. (ZPMC)[2].

Operational and Strategic Implications

• Ports argue that the immediate implementation of tariffs would punish U.S. port operators without a viable alternative, potentially delaying critical port infrastructure investments[1][2].
• The tariffs could impact future projects at ports, particularly those on the Gulf Coast, and may make U.S. ports less competitive against ports in Mexico and Canada[2][5].

Security Concerns

Cybersecurity Risks

• There are concerns about the potential for Chinese-made cranes to be used for espionage. Reports have highlighted the presence of cellular modems in ZPMC cranes, which could bypass local area networks and pose a cybersecurity risk[1][3].
• The U.S. House of Representatives subcommittee has released reports detailing these risks and recommending measures such as disassembling connections to cellular modems and installing operational technology monitoring software[3].

Industry Response and Alternatives

Lobbying and Exemptions

• The AAPA and other port authorities have lobbied against the tariffs, arguing they do not achieve their intended objectives and instead harm U.S. ports and the economy. The USTR has partially accommodated these concerns by excluding pre-ordered cranes from the tariffs[1][2][3].

Domestic Manufacturing Initiatives

• The Biden Administration is working to relaunch U.S. manufacturing capabilities for STS cranes. Agreements have been made with companies like PACECO Corp., a U.S.-based subsidiary of Japan’s Mitsui E&S Co., and Konecranes, a Finnish-based port equipment manufacturer, to build STS cranes in the U.S. using U.S. steel[1].

Long-Term Strategies

Encouraging Non-Adversarial Suppliers

• The U.S. government is encouraging ports to buy cranes from non-adversarial countries to reduce dependence on Chinese manufacturers[3].
• There is a push for legislation to build up a domestic crane manufacturing sector and introduce financial incentives to support this transition[3].

Conclusion

The tariffs on Chinese-made STS cranes are a complex issue, balancing economic and national security concerns. While the immediate financial impact is significant, the long-term strategy aims to reduce U.S. dependence on Chinese manufacturers and enhance domestic manufacturing capabilities. The ongoing dialogue between port authorities, industry groups, and the U.S. government reflects the nuanced approach needed to address these challenges.

House Report Shows Chinese Cranes a Security Risk to …

Overview of the Security Risks Associated with Chinese-Made Port Cranes in US Ports

Introduction

The use of Chinese-made port cranes, particularly those manufactured by Shanghai Zhenhua Heavy Industries (ZPMC), has raised significant security concerns for US ports. Here is a detailed guide outlining the key issues and recommendations from recent reports and investigations.

Dominance of ZPMC in the Global Market

• ZPMC, a company owned and controlled by the People’s Republic of China (PRC), dominates the global market for ship-to-shore (STS) port cranes, accounting for roughly 80% of the STS cranes operational in the US[1][5][4].

Security Risks and Vulnerabilities

Cybersecurity Threats

• The cranes are equipped with technology that could be exploited by the Chinese government for spying and data collection. This includes the installation of cellular modems not requested by US ports and not included in contracts, which can collect usage data and bypass firewalls[1][3][5].
• These modems allow for remote monitoring and control of the cranes, potentially providing the Chinese Communist Party (CCP) with valuable information on American critical infrastructure[2][3].

Unauthorized Modifications and Access

• Contracts between US ports and ZPMC do not prohibit or limit unauthorized modifications or access to the equipment and technology. This includes the possibility of installing backdoors into the equipment or modifying the technology without oversight[1][3][5].

Integration with Critical Infrastructure

• The cranes integrate directly into port community platforms and other IT systems, handling sensitive data about containers, their contents, origins, and destinations. This integration creates a centralized network for acquiring business intelligence and poses risks for military cargoes and personnel[4].

Geopolitical and National Security Implications

PRC’s Geopolitical Ambitions

• The PRC’s assertiveness, particularly regarding Taiwan, raises concerns about the security of US maritime supply chains. In a potential future dispute, the PRC could restrict or manipulate the supply of critical components essential to US maritime infrastructure[1][5].

Links to Chinese Military and State Entities

• ZPMC is involved in militarizing the South China Sea and is designated as a “Communist Chinese Military Company” by the Department of Defense. This connection mandates cooperation with state intelligence agencies under PRC national security laws[1][5].

Potential Consequences and Risks

Disruption of Port Operations

• The exploitation of these vulnerabilities could lead to the complete shutdown of domestic port operations, suspending all commercial activity and disrupting military and commercial supply chains. This could have catastrophic economic and security consequences[2][4].

Supply Chain Disruptions

• The reliance on Chinese-made cranes and components could lead to supply chain disruptions, especially in the event of a conflict or geopolitical tensions. This could result in dangerous shortages and cascading supply chain failures[1][4].

Recommendations and Actions

Severing Connections and Implementing Security Measures

• The House committees recommend severing the connections between ZPMC cranes and cellular modems and installing operational technology monitoring software to mitigate risks[1].

Enhancing Cybersecurity and Oversight

• The Department of Homeland Security (DHS) and the US Coast Guard are urged to prioritize closing security gaps, particularly at Guam’s port, and ensure the safety and security of DoD-designated commercial strategic seaports[1].

Domestic Production and Diversification

• There is a push for investing in domestic production of ship-to-shore cranes to reduce dependence on Chinese technology. The Biden administration has announced a $20 billion investment into US port infrastructure over the next five years and is working with Japanese companies to start domestic production of cranes[1][4].

Industry and Government Response

Acknowledgment of Risks

• The American Association of Port Authorities (AAPA) acknowledges the potential risks but notes there have been no known security breaches involving port equipment to date. However, they are committed to collaborating with federal government leaders to address evolving threat landscapes[1][5].

Regulatory and Policy Actions

• The Biden administration has issued an Executive Order to strengthen maritime cybersecurity, fortify the supply chain, and enhance the US industrial base. The US Coast Guard has been ordered to implement better cybersecurity measures at ports[1][4][5].

In summary, the widespread use of Chinese-made port cranes by ZPMC poses significant cybersecurity and national security risks to US ports. Addressing these vulnerabilities requires immediate and comprehensive actions, including severing unauthorized connections, enhancing cybersecurity measures, and diversifying the supply chain through domestic production.

Chinese-made port cranes in US included ‘backdoor …

Overview of the Security Risks Posed by Chinese-Made Port Cranes in the US

Introduction

A recent congressional examination conducted by the House Select Committee on China and the House Homeland Security Committee has uncovered significant security vulnerabilities associated with Chinese-made port cranes in US ports. Here is a detailed guide to the findings and implications of this investigation.

Key Findings of the Congressional Investigation

Presence of Backdoor Modems

• The investigation revealed that Chinese-made ship-to-shore cranes, manufactured by Shanghai Zhenhua Heavy Industries Company Limited (ZPMC), contain cellular modems that were not requested by US ports or included in the contracts. These modems are connected to Linux computers on the port cranes and were understood by technicians to be for diagnostic purposes, but they actually create a backdoor security vulnerability[1][3][5].

Unauthorized Installations and Remote Access

• The modems were installed without the knowledge of port authorities and beyond the scope of contracts with ZPMC. ZPMC has pressured port operators to allow the company to maintain remote access to the cranes, ostensibly for diagnostic and maintenance purposes. However, this access could potentially be extended to other PRC government entities, posing a significant national security risk due to China’s national-security laws that mandate companies cooperate with state intelligence agencies[1][2][4].

Cybersecurity and National Security Vulnerabilities

• The presence of these modems and the potential for remote access by Chinese entities undermine the integrity of port operations and create significant cybersecurity and national security vulnerabilities. This could allow the Chinese government to collect usage data, bypass firewalls, and potentially disrupt port operations[1][3][5].

Dominance of ZPMC in Global Maritime Infrastructure

• ZPMC, a state-owned Chinese company, dominates the global market share of ship-to-shore (STS) port cranes, accounting for roughly 80% of the STS cranes operational in the US. This dominance adds to the PRC’s broader maritime infrastructure control and exacerbates cybersecurity and national security risks for the US and its allies[3][5].

Contractual Agreements and Lack of Oversight

• Contracts between US ports and ZPMC often allow critical internal components from third-party contractors to be sent to ZPMC for installation without adequate oversight. This lack of oversight enables ZPMC to install backdoors and modify technology without detection[1][3][4].

Implications and Recommendations

National Security Concerns

• The investigation highlights that the PRC’s geopolitical ambitions, particularly regarding Taiwan, raise concerns about the security of US maritime supply chains. In a potential future dispute, the PRC could restrict or manipulate the supply of critical components essential to US maritime infrastructure, severely disrupting US commercial activities and hindering the Department of Defense’s ability to deploy supplies[3][4][5].

Mitigation Strategies

• The committees recommend that US ports sever the connections between ZPMC cranes and cellular modems and install operational technology monitoring software. The Department of Homeland Security (DHS) and the US Coast Guard are advised to prioritize closing security gaps at strategic seaports, such as Guam’s port, to ensure safety and security[3][5].

Domestic Production Initiatives

• To reduce reliance on Chinese-made equipment, the Biden administration has called for investing billions of dollars in domestic production of ship-to-shore cranes. The US is working with Japanese heavy industrial company Matsui to start domestic production of these critical hardware components for the first time in decades[1].

Conclusion

The findings of the congressional investigation underscore the critical need for enhanced cybersecurity measures and reduced dependence on Chinese-manufactured equipment in US ports. The presence of backdoor modems and the potential for remote access by Chinese entities pose significant risks to national security and the integrity of port operations. Implementing the recommended mitigation strategies and investing in domestic production are crucial steps towards securing US maritime infrastructure.

Joint Investigation into CCP-Backed Company Supplying …

Joint Investigation into CCP-Backed Company Supplying Cranes to U.S. Ports: Key Findings and Implications

Introduction

A joint investigation by several House committees has uncovered significant concerns regarding Chinese-built cargo cranes deployed at U.S. ports. The investigation focuses on Shanghai Zhenhua Heavy Industries (ZPMC), a state-owned Chinese manufacturer, and its potential ties to the Chinese Communist Party (CCP).

Discovery of Unauthorized Communications Equipment

• Cellular Modems: The investigation revealed the presence of cellular modems on ZPMC ship-to-shore (STS) crane components at multiple U.S. seaports. These modems were not part of the original equipment contracts and were installed without the knowledge or request of U.S. port officials.
• Server Room Modem: An additional cellular modem was found in the server room of another U.S. seaport, which houses the firewall and networking equipment for the STS cranes.

Security Concerns and Implications

• Potential for Espionage: The discovery of these unauthorized modems has fueled concerns within the Biden administration that these cranes could be used for spying on U.S. ports. The presence of such devices raises significant security risks, as they could be used for remote communication and data transmission.
• FBI Findings: In 2021, the Federal Bureau of Investigation (FBI) discovered intelligence gathering equipment on a vessel delivering ZPMC cranes to the Port of Baltimore, further exacerbating security concerns.

ZPMC’s Dominance and CCP Ties

• Market Share: ZPMC accounts for nearly 80 percent of the STS cranes in use at U.S. maritime ports, highlighting the extensive presence of this Chinese company in critical U.S. infrastructure.
• Proximity to PLA Facilities: Many of these cranes are built in an area adjacent to a shipyard where the People’s Liberation Army Navy’s most advanced warships are constructed, including the PRC’s third aircraft carrier and its fleet of Type 055 and Type 052 destroyers.
• Engagement with CCP: The investigation is also probing ZPMC’s engagement with the CCP and any requests from the CCP to ZPMC, indicating potential direct influence or control by the Chinese government.

Involvement of Other Companies

• ABB: The Swiss company ABB is under investigation as well, as many of its operational components are manufactured and then shipped to the People’s Republic of China (PRC). These components are stored for several months before being installed onto U.S.-bound port equipment by ZPMC engineers.

Operational Use of Modems

• Operational Functions: Some of the cellular modems found were used for legitimate operational functions such as monitoring and tracking maintenance remotely. However, several ports with ZPMC cranes did not request or need these capabilities.
• Unexplained Installations: Despite some modems serving operational purposes, many were installed without the ports’ knowledge or request, raising questions about their true intent.

Congressional Response and Next Steps

• Congressional Letter: A letter from the committees to ZPMC has requested detailed information regarding the installation of these modems, ZPMC’s engagement with the CCP, and any CCP requests to ZPMC.
• Ongoing Investigation: The joint investigation is ongoing, with lawmakers and federal agencies working to uncover the full extent of the security risks posed by these Chinese-built cranes and the potential for espionage.

Conclusion

The findings of this joint investigation highlight significant security concerns related to the use of Chinese-built cargo cranes at U.S. ports. The unauthorized installation of communications equipment, the dominance of ZPMC in U.S. port infrastructure, and the potential ties to the CCP all contribute to a complex and alarming situation that necessitates further scrutiny and action to protect U.S. national security.

Frequently Asked Questions (FAQs)

What are the primary causes of tower crane accidents in China?

Tower crane accidents in China are often attributed to a combination of factors, including operator error, cranes lifting beyond their load capacity, and systemic issues within the construction industry. However, a more fundamental problem lies in the lax enforcement of safety regulations and the changing workforce dynamics. Many crane operators are now rural migrant workers with minimal training, hired through labour contractors rather than directly by the companies. This has led to a workforce with less experience and higher fatigue levels due to long working hours, increasing the risk of accidents.

What safety regulations are in place for crane operations in China?

China has detailed government regulations for the safe operation of tower cranes. According to the Special Equipment Safety Law, special equipment users must establish job responsibility, potential risk control, emergency rescue, and other safety management rules. Crane operators are required to hold a government-issued special operation certificate before they can be employed. The law also mandates that special equipment producers comply with safety technical specifications and relevant standards, and that imported equipment must pass inspections and meet Chinese safety requirements. Additionally, regular inspections and maintenance are required to ensure the safety performance of the cranes.

How does the hiring and training of crane operators impact safety in China?

The hiring and training practices of crane operators significantly impact safety in China. In the past, crane operators were typically skilled workers employed by state-owned construction companies, working regular shifts. However, with the rise of private crane leasing companies, many operators are now rural migrant workers who lack proper training. These operators often work long hours for minimal pay, leading to fatigue and increased risk of accidents. The outsourcing of recruitment to labour contractors has further exacerbated these issues, as it can result in less stringent training and supervision.

What role do local authorities and trade unions play in ensuring crane safety in China?

Local authorities and trade unions have critical roles in ensuring crane safety in China, but their effectiveness is often hampered by lax enforcement and inadequate supervision. The Special Equipment Safety Law requires local people’s governments to supervise and administer the safety of special equipment within their regions. However, in practice, enforcement has been weak, leading to widespread non-compliance with safety standards. Trade unions, such as the All-China Federation of Trade Unions, are also expected to play a more active role in safeguarding the interests of crane operators, but their impact has been limited, highlighting the need for more robust action to protect workers’ rights and safety.

What are the consequences of non-compliance with safety regulations for crane operations in China?

Non-compliance with safety regulations for crane operations in China can have severe consequences, including accidents, fatalities, and significant disruptions to construction projects. When cranes are not properly maintained or operated beyond their capacity, the risk of collapse or other accidents increases, leading to loss of life and injury. Additionally, accidents can result in the suspension of construction work, causing economic losses and delays. The lack of enforcement also perpetuates a culture of neglect, where cost-cutting measures such as skipping essential maintenance become common, further endangering workers and the public.