OpinionThinking About China

Chinese ‘Spy Cranes’ Targeted in Port Security Executive Order Shortly Before Baltimore Disaster

Save
Chinese ‘Spy Cranes’ Targeted in Port Security Executive Order Shortly Before Baltimore Disaster
The U.S. flag flies over shipping cranes and containers in Long Beach, Calif., on March 4, 2019. Mark Ralston/AFP via Getty Images
John Mills
Updated:
0:00
Commentary

ZPMC is the largest manufacturer of cranes in the world. Its assembly yard is a vast facility on Changxing Island at the mouth of the Yangtze River in Shanghai. The massive yard has ample layout space to fabricate and assemble the iconic container cranes seen at ports around the world. Typically, the cranes are shipped assembled, and the ZPMC yard has a large wharf to load them onto specially designed, heavy-lift ships and then deliver them all over the world.

ZPMC’s factory is next to another important facility for China. The flagship shipyard of China’s frenetic naval expansion is adjacent to Jiangnan Shipyard, where the People’s Liberation Army Navy (PLAN) Aircraft Carrier 003, the Fujian, is fitting out and the first PLAN nuclear-powered Aircraft Carrier 004 is being built.
ZPMC has approximately 80 percent market share for container cranes, which are indispensable for port operations in the United States. They provide great efficiencies and are internet-enabled to ensure that the cranes can fully collect and share multiple data streams, including camera systems to monitor all activity in and around the cranes. Internet connectivity means that these cranes are not just cranes but internet protocol (IP) endpoints on a worldwide network.

Chinese ‘Spy Cranes’ to Be Replaced

Being IP-enabled can be a good and a bad thing. The U.S. government ordered the removal of Hikvision closed-circuit television cameras (CCTV) over concerns that this broadly used CCTV system was omnipresent throughout the U.S. government and being used to spy on sensitive government facilities (this same guidance removed Huawei and ZTE information technology).
The Federal Emergency Management Agency, which operates continuity of operations (COOP) sites for the U.S. government, is helping state and local government agencies “rip and replace” Hikvision from their emergency operations centers (EOCs).

The ZPMC cranes are replete with similar cameras that analysts in China could use to count and examine shipments. Signals could also be sent to the cranes to make them potentially unsafe or inoperable.

Related Stories
Coast Guard Officials, Federal Agency Chief Detail Rapid Responses to US Port Cyber Threats
4/5/2024
Coast Guard Officials, Federal Agency Chief Detail Rapid Responses to US Port Cyber Threats
China Planted Mystery Devices on Cranes Used in US Ports, Could Seize Control Remotely: Congressional Letter
3/8/2024
China Planted Mystery Devices on Cranes Used in US Ports, Could Seize Control Remotely: Congressional Letter
The Biden administration, in February 2024, issued guidance that $20 billion in grants will be made available to ports to remove their ZPMC cranes and replace them with cranes made by PACECO Corp., a U.S.-based subsidiary of Mitsui E&S Co. Ltd. (Japan).
“Ripping and replacing” port cranes is a much larger and more complex civil engineering effort than remediating the CCTV situation at U.S. government facilities, COOP sites, and EOCs. This will have to be done with sophisticated planning and scheduling to ensure that American ports are not disrupted in their existing commercial throughput or any contingency surges caused by international affairs such as tension in the Western Pacific.

Port Security Equals Cybersecurity

The same guidance released by the Biden administration also addressed longstanding port security issues that have fallen into the gap and seamlines between the roles and responsibilities of the U.S. Coast Guard, other parts of the Department of Homeland Security (DHS), the Department of Defense, and the Department of Justice.

In the new guidance, the Coast Guard “will have the express authority to respond to malicious cyber activity in the nation’s MTS [Marine Transportation System] by requiring vessels and waterfront facilities to mitigate cyber conditions that may endanger the safety of a vessel, facility, or harbor.”

Simultaneously, the administration released the U.S. Maritime Advisory titled “2024-002-Worldwide-Foreign Adversarial Technological, Physical, and Cyber Influence.” This unusual and extraordinary advisory went into detail on multiple cyber concerns in the civilian maritime environment. Pervasive software used in the maritime logistics tracking environment, LOGINK, was identified as an untrusted, Chinese-originated software that could be used for malign purposes. Nuctech, which makes advanced inspection equipment used broadly in ports, was similarly identified as a company of concern. This determination of untrusted Chinese equipment in sensitive port locations and activities did not come out of thin air.

Volt Typhoon Cyberattack

In May 2023, the first reports of a Chinese cyberattack on critical infrastructure were made public by Microsoft, which said in a statement that the “Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises.”

The DHS Cybersecurity and Infrastructure Security Agency (CISA) made initial comments, and then a quiet time ensued—most likely because the U.S. government was convening working groups to study, assess, and make recommendations.

Starting in December 2023, the public comments of CISA Director Jen Easterly, FBI Director Christopher Wray, and the new Cyber Command/National Security Agency Director General Timothy Haugh began to reveal the outcome of this analysis period, and the officials were ready to share the findings in a loud, vocal, and unequivocal manner in multiple appearances before Congress and in public statements.

Gen. Haugh said China was securing access to U.S. critical networks before a direct confrontation between the two countries would occur.

Mr. Wray was more precise when he said, “It’s difficult to know the intent of the preparation, but it was aligned with China’s broader goal to stop the United States from defending Taiwan.”

Ms. Easterly said: “This is truly an ‘Everything Everywhere, All at Once’ scenario. And it’s one where the Chinese government believes that it will likely crush American will for the U.S. to defend Taiwan in the event of a major conflict there.”

The removal of Chinese “spy cranes” and the fortification of American ports have led the Chinese to surge Volt Typhoon to ensure that they have diversity in all possible aspects of U.S. critical infrastructure.

Views expressed in this article are opinions of the author and do not necessarily reflect the views of The Epoch Times.
John Mills
John Mills
Author
Col. (Ret.) John Mills is a national security professional with service in five eras: Cold War, Peace Dividend, War on Terror, World in Chaos, and now, Great Power Competition. He is the former director of cybersecurity policy, strategy, and international affairs at the Department of Defense. Mr. Mills is a senior fellow at the Center for Security Policy. He is author of “The Nation Will Follow” and “War Against the Deep State.” ColonelRETJohn2 on “X”, ColonelRETJohn on Substack, GETTR, and Truth Social