On 5 March, an investigation by the US Congress revealed the existence of “questionable” Chinese communications equipment in American ports. This reinforces the threat of China’s global Cyber espionage.
The Chinese state-owned company, Shanghai Zhenhua Heavy Industries (ZPMC), is directly accused. It produces handling cranes, which are sold and installed in various freight ports around the world, including in the United States and France. These cranes are used to unload ships. According to the Congressional investigation, their communication systems could be used for Cyber espionage into more than 200 cranes.
Following a deep search, numerous cellular modems were quickly found on these installations, in the port of Baltimore, Maryland, but also in the server room of another national port terminal. Mobile phone modems that can be accessed remotely are common on this type of crane, in order to monitor operations. However, these devices have not been requested by the commissioning manufacturing company. Although ZPMC denied the cyber-security threat on 10 March, its equipment could enable Beijing to obtain information on container shipments and receipts, thanks to modern recording sensors.
Against the “Cyber storm », the urgent need to protect
On the occasion of the signing of a Presidential Executive Order on maritime cybersecurity on 22 February 2024, the White House reported the imperative of the situation: “Every day, malicious cyber actors attempt to gain unauthorized access to maritime transportation control systems and networks“. Following the investigation, the chairman of the House Homeland Security Committee, Mark Green, said that the Chinese government is “exploiting every opportunity to gather intelligence and exploit vulnerabilities in our infrastructure, including in the maritime sector: the country has ignored this threat for too long.“
In the United States, 80% of ports, including some of military use, are equipped by the Chinese firm. This is not the only country threatened by Chinese cyber attacks. From 2021 to 2023, ports of Houston, as well as those in Canada and Australia, have been targeted. Since the start of the war in Ukraine, the upsurge in these attacks has been all the more worrying. In a joint report, the specialist company OWN and France Cyber Maritime note a 235% increase in attacks since 2020, especially in Europe. Today, these attacks are impacting or even compromising the confidentiality and integrity of port and maritime data.
In February, Washington announced that it was investing more than 20 billion dollars in port security. Altogether, China’s industrial Cyber espionage has been proven beyond doubt. It would be logical for many other Western countries to follow the United States in these protectionist measures. Fortunately, more and more countries are managing to navigate the murky waters of the digital world and avoid the threats.
