WASHINGTON, D.C. — This week, the House Homeland Security Subcommittee on Transportation and Maritime Security, led by Chairman Carlos Gimenez (R-FL), held a hearing to examine security vulnerabilities at U.S. maritime ports, as well as the actions Congress can take to ensure and promote maritime and economic security amid increased cybersecurity threats from China.
 
Testimony was provided by Rear Admiral Wayne R. Arguin, assistant commandant for prevention policy in the United States Coast Guard; Rear Admiral John Vann from the Coast Guard Cyber Command; Rear Admiral Derek Trinque, director of strategic plans, policy, and logistics at United States Transportation Command; and Christa Brzozowski, acting assistant secretary for trade and economic security with the Department of Homeland Security (DHS).

Chairman Gimenez asked Rear Admiral Vannabout the security of port cranes made by a Chinese company, ZPMC:

“Is it possible that, during that process, the ZPMC could be installing malware, ransomware, or trojan horses in the software that’s actually provided by, and the hardware actually provided by western companies?”

Vann answered:

“What we have found in our operations aboard ZPMC cranes and the networks on the cranes, that connect to the cranes, and the shore side that communicate with the cranes, are either by design vulnerabilities of open connections, and again, I say by design, because oftentimes the monitoring of the cranes and the maintenance of the systems on board the cranes is done from a hub outside the port or in the port’s landside infrastructure and then communicated to the crane through a connection, so we have found, I would say, openings to vulnerabilities that are there by design.”

“Our concern is with the vulnerabilities and the operators that operate these cranes being aware that those vulnerabilities exist and then considering the reporting that we’ve heard about PRC attempting to get on to critical infrastructure of these are obviously important nodes in our marine transportation system, sir. So [we] haven’t found that yet, but those vulnerabilities exist to be able to access what’s on the crane.”

Chairman Gimenez questioned Brzozowski on China’s capability to disrupt global trade:

“Is it possible that, without safeguards,our trade can actually be disrupted across the world? With the [Chinese] dominance of these the cranes, not only the cranes but also the ports, in a nefarious fashion so that Chinese manufactured goods, flow very smoothly, but somehow American manufactured goods and trade don’t flow quite as smoothly. Is that a possibility?”

Brzozowksi answered:

“Yes, I think it’s not only a possibility, but something that we’re seeing play out around the world. It’s no secret that China has both the capability and the intent to challenge the rules-based trade system and they are leveraging all instruments of their national power to do so. They’re looking to gain access, not only to technology and data and, in particular, the vulnerabilities that we’re talking about around the cranes today but engaging in a number of other practices to undercut American workers and businesses. We’re seeing an influx of the production of fentanyl through American ports. […] We’re seeing use of vile practices associated with forced labor to undercut the competitiveness of the U.S. and other global companies in bringing goods to market on that are normally made in a means that are very contrary to U.S. values but undercut legitimate businesses that can’t compete in that type of situation. 

“We’re also seeing that malign economic influence is coming in through investments. I spoke that DHS is part of the CFIUS committee, the Committee on Foreign Investments in the United States,and we are taking a very, very close look at investments, particularly in our critical infrastructure sectors.”

Subcommittee on Emergency Management and Technology Chairman Anthony D’Esposito (R-NY) asked what effects a disruption at a U.S. port would have:
 
“Can you just describe the implications, because I think it’s sort of hard to understand, the implications of even what a short-term halt would do to a port like the Port of New York and New Jersey?”
 
Arguin answered:
 
“Any disruption––cyber or otherwise––a hurricane, anything that would cause a ripple in that very tightly fine-tuned system will have really diverse impacts. And so part of what each local sector commander and captain of the port is focused on each and every day with their teams is to ensure that, are we looking at the right things to determine whether or not those disruptions are predictable, and if they are, what can we do to minimize disruption downstream? One aspect of the marine transportation system is to get the cargo to the port. There’s an entire rest of that conversation that will be impacted downstream.”

Subcommittee on Counterterrorism, Law Enforcement, and Intelligence Chairman August Pfluger (R-TX) asked Rear Admiral Vann about the timing of the Biden administration’s executive order in relation to a recent cyber attack:
 
“Was this executive order in any way linked to Volt Typhoon and the malicious activity that Microsoft first allegedly reported on?”
 
Vann answered:
 
“That actor is a threat that uses a technique called living off the land. These are activities on a network that are not not easily recognizable because they get on a network and then use standard activities that occur in network traffic all the time. So what it requires us to do as we look for adversaries is to look for behavioral patterns. So we do a significant amount of analysis after we look at a network. Back to the question of the EO, what the EO really does is allow a captain of the port, if it’s determined there is a threat or there’s been some disruption because of a cyber intrusion, to take action to maybe in this case, in your example, to secure a crane or secure a terminal until such time that the operator, maybe with our assistance, at least with our validation, takes action to secure that particular node of the system.”
 
Background:
 
Last week, House Homeland Security Committee Chairman Mark E. Green, MD (R-TN) and Subcommittee on Counterterrorism, Law Enforcement, and Intelligence Chairman August Pfluger (R-TX) joined Chairmen Gimenez and Gallagher in issuing a joint statement concerning the Biden administration’s announcement of new investments in the domestic manufacturing of port cranes and other maritime security efforts in order to combat threats from the Chinese Communist Party (CCP). This announcement followed a lengthy joint investigation by the Committees and numerous calls to action to counter the cybersecurity risks, foreign intelligence threats, and supply chain vulnerabilities plaguing the U.S. maritime sector. 
  
In January, members of the Committee, along with the Select Committee on the Chinese Communist Party Chairman Mike Gallagher (R-WI), sent a letter to Swiss company ASEA Brown Boveri Ltd. (ABB) requesting public testimony regarding the company’s relationship with the Chinese state-owned enterprise, Shanghai Zhenhua Heavy Industries Company Limited (ZPMC). ZPMC currently accounts for nearly 80 percent of the ship-to-shore cranes at U.S. maritime ports. ABB works with ZPMC to provide the U.S. maritime industry with hardware and equipment. In July 2023, the Committee sent a private letter to ABB concerning these security risks. The concerns raised in the letter were not properly addressed by the company.
 
On April 3, 2023, Chairmen Green and Gimenez, along with Subcommittee on Cybersecurity and Infrastructure Protection Chairman Andrew Garbarino (R-NY) and Subcommittee on Oversight, Investigations, and Accountability Chairman Dan Bishop (R-NC), sent a letter to Secretary Mayorkas, demanding answers on the cybersecurity threats posed to military and industrial operations by Chinese-manufactured cranes operating at U.S. ports.
 
In May 2023, Chairmen Green and Gimenez joined Chairman Gallagher in sending a letter to Secretary Mayorkas seeking immediate compliance with the previous letter’s requests. On May 10, 2023, the Committee held a hearing to evaluate port security vulnerabilities and threats posed to U.S. maritime ports by cyber criminals and our adversaries. 

 ###