Administration moves to counter cybersecurity threat from made-in-China port cranes

The White House has announced a series of measures being taken by the Biden administration to enhance cybersecurity in U.S. ports and, in particular, address the threat posed by Chinese-manufactured port cranes. They include providing funding to rebuild America’s industrial capacity to produce port cranes with trusted partners.

The measures to counter the cybersecurity threat from the Chinese port cranes include a new Executive Order on “Amending Regulations Relating to the Safeguarding of Vessels, Harbors, Ports, and Waterfront Facilities of the United States,” that among other things considerably enhances Coast Guard Captain of the Port (COPT) authority to preventing access of persons, articles, or things, including any data, information, network, program, system, or other digital infrastructure, to vessels, or waterfront facilities.

Additionally, the U.S. Coast Guard is to issue a Maritime Security Directive on cyber risk management actions for ship-to-shore cranes manufactured by the People’s Republic of China located at U.S. commercial strategic seaports. Owners and operators of these port cranes must acknowledge the directive and take a series of actions on these cranes and associated information technology (IT) and operational technology (OT) systems. This action is seen as a vital step to securing the U.S. maritime infrastructure’s digital ecosystem and addresses several vulnerabilities that have been identified in an updated U.S. Maritime Advisory, 2024-00X – Worldwide Foreign Adversarial Technological, Physical, and Cyber Influence, that was released today.

The U.S. Coast Guard has issued a Notice of Proposed Rulemaking on Cybersecurity in the Marine Transportation System.

“Every day malicious cyber actors attempt to gain unauthorized access to MTS control systems and networks throughout the nation,” says the White House announcement. “The Proposed Rule will strengthen these digital systems by establishing minimum cybersecurity requirements that meet international and industry-recognized standards to best manage cyber threats. These actions build on prior actions by DHS including those taken by the Transportation Security Administration, and reflect the Administration’s commitment to leverage regulatory requirements in pursuit of safeguarding critical infrastructure.”

PRODUCING PORT CRANES IN THE U.S/

The White House says that the Administration will invest over $20 billion, including through grants, into U.S. port infrastructure over the next 5 years through the President’s Investing in America Agenda, including the Bipartisan Infrastructure Law and the Inflation Reduction Act. As a result, PACECO Corp., a U.S.-based subsidiary of Mitsui E&S Co., Ltd (Japan), is planning to onshore U.S. manufacturing capacity for its crane production. PACECO has a deep history in the container shipping industry, manufacturing the first dedicated ship-to-shore container crane in 1958 as PACECO Inc., and it continued U.S.-based crane manufacturing until the late 1980s. PACECO intends to partner with other trusted manufacturing companies to bring port crane manufacturing capabilities back to the U.S. for the first time in 30 years, pending final site and partner selection.