U.S. ports have been placed with ship-to-shore cranes by Chinese manufacturer ZPMC that had backdoored modems unspecified in contracts that aimed to gather certain equipment utilization data, reports The Record, a news site by cybersecurity firm Recorded Future.
Despite lacking U.S. port permissions, such cellular modems had been installed on port cranes' Linux computers, enabling data gathering and firewall evasion, which could prompt operational disruptions, according to a report from the House Select Committee on China and the House Homeland Security Committee.
Additional findings revealed several contracts enabling ZPMC to install other critical components from third-party contractors on machines.
Such a development comes days after Department of Homeland Security Undersecretary for Policy Rob Silvers detailed the Biden administration's significant investment in bolstering port security in a bid to avert Chinese cybersecurity threats. "For the first time in decades, so that we have, in the long run, a reliable supply of that critical hardware that most American people never think about, but which they rely on every single day to get whatever is coming to their house," said Silvers at a Center for Strategic and International Studies event.
