Ports of the Americas
Special Report
Covert entry
ZPMC ‘ pressured ’ US ports for remote crane access : House report
By Michael Angell
China ’ s leading ship-to-shore crane maker — which has strong ties to the country ’ s military — pressured US port customers to allow remote monitoring of cranes that contained pre-installed cellular modems , according to a new congressional report released Sept . 12 .
The report aims to bolster the case for heightened cybersecurity efforts at US ports , which authors Mark Green ( R-Tenn .), Carlos Gimenez ( R-Fla .), and John Moolenaar ( R-Mich .), say are vulnerable to Chinese espionage .
The modems are even installed when a customer declines remote diagnostic and monitoring services as part of their procurement contract , the report explained , adding that ZPMC itself claims it does not install the modems .
“ These modems — although not necessary for the operation of the cranes — created an obscure method to collect information , and bypass firewalls in a manner that could potentially disrupt port operations ,” the report said . “ The exact identity of those responsible for installing the modems , while likely ZPMC , remains unclear .”
Military ties
The report highlighted the close ties that ZPMC and other state-owned enterprises such as Cosco Shipping and China Merchants Group have to China ’ s People ’ s Liberation Army ( PLA ).
ZPMC , whose parent company is involved in the construction of military bases in the South China Sea , provided a heavy-lift ship that the PLA used in a maritime exercise , according to the congressional report . ZPMC ’ s
ZPMC supplied roughly 80 % of the ship-toshore cranes in operation at US ports . Justin Sullivan / Getty Images
The congressmen , who are members of various committees charged with homeland and maritime security , issued the joint report after investigating the heavy reliance of US ports on cranes manufactured by Shanghai Zhenhua Heavy Industries ( ZPMC ), which has a nearly 80 % market share of US ship-to-shore cranes .
The report said ZPMC “ pressured ” US ports and terminal operators to provide remote access to the company ’ s cranes after purchase . Not allowing remote access to the cranes , which is ostensibly aimed at providing diagnostics for maintenance , “ is difficult for customers who are looking to get the lowest price or guarantee a robust warranty policy ,” the report said .
ZPMC “ has repeatedly requested remote access to its STS cranes operating at various US ports , with a particular focus on those located on the West Coast ,” the report said , noting West Coast ports would play a vital role in supplying Taiwan if a conflict breaks out with China .
ZPMC cranes also typically come pre-installed with cellular modems for collecting usage data , the report said . cranes also are manufactured near a site where the PLA builds its most advanced warships , the report said , adding that ZPMC is required to comply with a Chinese law that allows the government to request any corporate data .
The report follows hearings that House security committees conducted last year about the vulnerabilities of US ports to Chinese espionage . In the wake of those hearings , US ports were required to submit cybersecurity plans to the US Coast Guard , while the Maritime Administration warned ports about the risk of Chinese-made cranes .
Along with ongoing monitoring of Chinese port cranes in the US , the report ’ s authors recommended fostering a homegrown crane manufacturer . In response to the earlier hearings on the matter , the Biden administration in February pledged $ 20 billion in government support to create a domestic manufacturer . To further that goal , the White House also proposed a 25 % tariff on Chinese-made cranes to incentivize US production .
email : michael . angell @ spglobal . com
28 Journal of Commerce | October 7 , 2024 www . joc . com