This piece originally appeared in Newsweek.
The House China Select Committee made a splash earlier this year. One of its first moves was to investigate Chinese cybersecurity risks in U.S. ports. Visiting the Port of Miami, committee members argued that the Chinese Communist Party could be spying on American ports through Ship-to-Shore (STS) cranes we buy from ZPMC—a Chinese state-owned enterprise. These cranes load and unload cargo from container ships, making them essential for America's trade with the rest of the world.
The committee members' investigation faced a basic problem, however: uncertainty about just how many Chinese cranes are in American ports in the first place. Now, we finally have an answer. Our first-of-its-kind analysis of public port infrastructure data found that nearly half the STS cranes used in the average American container port come from ZPMC. In some ports, such as Philadelphia's, nearly every STS crane is produced by the ZPMC, the world's biggest STS manufacturer.
Our reliance on Chinese cranes poses major threats to American national security. Through the crane's software, the Chinese Communist Party (CCP) could spy on our ports and collect critical data contained in port IT systems. Chinese law gives the CCP the power to demand data collected by any Chinese company, and requires Chinese manufacturers to install software granting the CCP access to any equipment they produce. Together, these policies mean the CCP could easily use ZPMC's cranes to collect sensitive data on our port system.