It's on us. Share your news here.

U.S. Coast Guard Sounds Alarm on Cyber Threats from Chinese Port Cranes

STS cranes at APM Terminals' Port Elizabeth Terminal, at the Port of New York and New Jersey.

Posted on November 26, 2024

The U.S. Coast Guard has issued a new cybersecurity directive targeting Chinese-manufactured ship-to-shore cranes, addressing mounting concerns over national security vulnerabilities in America’s maritime infrastructure.

MARSEC Directive 105-5 establishes additional cyber risk management requirements for ship-to-shore cranes made by Chinese companies, building upon previous security measures implemented in February 2024.

“The built-in vulnerabilities for remote access and control of these STS cranes, combined with intelligence regarding China’s interest in disrupting U.S. critical infrastructure, necessitate immediate action,” the directive effectively states.

The directive comes amid recent alarming findings that Chinese-manufactured cranes dominate approximately 80% of U.S. port infrastructure. Shanghai Zhenhua Heavy Industries (ZPMC), a Chinese state-owned enterprise, maintains the majority share of these installations.

joint investigative report issued in September by the House Committee on Homeland Security exposed major cybersecurity and national security vulnerabilities at U.S. ports stemming from the prevalence of Chinese-manufactured container cranes.

“The evidence gathered during our joint investigation indicates that ZPMC could, if desired, serve as a Trojan horse capable of helping the CCP and the PRC military exploit and manipulate U.S. maritime equipment and technology at their request,” warned Committee Chairman Mark E. Green, MD (R-TN), upon releasing the report.

Security concerns over Chinese-manufactured STS cranes intensified in 2023 after The Wall Street Journal reported that the FBI discovered intelligence collection devices on ZPMC cranes at the Port of Baltimore. The investigation revealed troubling connections between ZPMC and China’s military interests, including unauthorized cellular modem installations and attempts to gain remote access to U.S. port facilities.

The White House responded to these threats in February by expanding the Department of Homeland Security’s authority over maritime cybersecurity, enabling the implementation of new security standards for port networks and systems.

Port operators and crane owners must now contact their local Coast Guard Captain of the Port or District Commander to obtain the new directive, which contains sensitive security information and requires specific clearance for access.

Source

It's on us. Share your news here.
Submit Your News Today

Join Our
Newsletter
Click to Subscribe