Biden to replace Chinese-made cranes at all American ports with Japanese cranes

Election year in the US with hysteria growing by the day about a more strident China has seen the White House take action over a perceived threat at its ports.

President Joe Biden signed 21 Feb an executive order giving the coast guard greater powers to police cyber security at ports, as well as setting in place a plan to replace the nation’s Chinese-built port cranes with Japanese ones over concerns they could be fitted with spy devices. “These cranes, because they are essentially moving the large-scale containers in and out of port, if they were encrypted in a criminal attack, or rented or operated by an adversary, that could have real impact on our economy’s movement of goods and our military’s movement of goods through ports,” said Anne Neuberger, deputy national security adviser for cyber and emerging technology.

Around 80% of the cranes used in American ports are made in China and use Chinese software. Biden has earmarked $20bn over the next five years to get these replaced by a US subsidiary of Mitsui.

American maritime assets were reportedly being targeted last year by Volt Typhoon, a Chinese state-sponsored snooping operation, according to tech giant Microsoft.

Microsoft said it had uncovered “stealthy and targeted malicious activity” focused on post-compromise credential access and network system discovery aimed at critical infrastructure organisations in the US. The attack is carried out by Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering. According to Microsoft, Volt Typhoon has been active since mid-2021 and has targeted critical infrastructure organisations in Guam and elsewhere in the US. In this campaign, the affected organisations span the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

“Observed behavior suggests that the threat actor intends to perform espionage and maintain access without being detected for as long as possible,” Microsoft stated in an update on its site…Shipping is well aware of the threat posed by state-backed malware.

A major cyber security report published by Thetius, CyberOwl and HFW detailed many recent cyber incidents including how the Stena Impero tanker’s GPS was spoofed to force it to cross into Iranian waters unintentionally in 2019 with the ship and its crew then held for months….Other key takeaways from the 43-page report include news that CyberOwl discovered nation-state malware on systems onboard seven separate vessels belonging to a large liner fleet. The malware belonged to the PlugX family, which is designed to provide the attacker remote access to the affected system, followed by full admin control of the machine without permission or authorisation. This includes the ability to manipulate files, execute commands, and spread locally. The particular malware variant was first discovered in 2020 and linked to political espionage on foreign nations.