Watch Now

Lawmaker to propose legislation discouraging purchases of Chinese container cranes

Florida’s Carlos Gimenez warns of cybersecurity risk to US supply chains

ZPMC cranes arriving in Seattle in June. (Photo: Northwest Seaport Alliance)

A Florida lawmaker plans to propose legislation aimed at disincentivizing the purchase of Chinese container gantry cranes by port authorities and terminal operators, saying the cranes pose a cyberthreat to U.S. supply chains.

Speaking on Tuesday during a Capitol Hill hearing on maritime cybersecurity, Republican U.S. Rep. Carlos Gimenez, whose district is south of the Port of Miami, said he is concerned about software embedded in cranes purchased by the port from China that could include malware meant to penetrate port operating systems.

“The other concern I have is that whenever the Chinese want, they can cut off our supplies of spare parts” for the cranes, “which means that a significant part of our ability to load and offload ships would be compromised. I will be introducing legislation to try and wean us off these Chinese cranes and other infrastructure needs that may be coming from adversary nations.”

Gimenez did not provide details on how his planned legislation would work. 

Cranes manufactured by China’s Shanghai Zhenhua Heavy Industries (ZPMC), which controls upwards of 70% of the world’s post-Panamax container crane market, according to some estimates, are popular at U.S. ports under pressure to expand their capacity to process growing container volumes.

Most recently, terminal operator SSA Marine purchased four super post-Panamax cranes from ZPMC that arrived at the Port of Seattle in June. Four similar cranes were delivered to the Port of Baltimore in September, purchased by terminal operator Ports America.

The hearing, held jointly by two subcommittees of the U.S. House Committee on Homeland Security, was the latest seeking to evaluate whether more regulatory oversight is needed to effectively address growing cyberthreats against transportation systems.

“Shocked by what we learned during their oversight of Colonial Pipeline and other recent high-profile cyber incidents, members of Congress have begun to question whether the federal government’s approach to cybersecurity — which relies primarily on voluntary partnerships — actually works, or whether some security requirements ought to be mandated,” the committees noted in a joint statement.

Scott Dickerson, who directs the Maritime Transportation System Information Sharing and Analysis Center Institute, a nonprofit whose members include ports, vessel owners and terminal operators, agreed with Gimenez’s theory that China is manipulating container crane markets through pricing to become world’s “sole provider” of large container gantry cranes.

“I think there is some undercutting of the market taking place,” he said at the hearing. “Maybe augmenting [legislation] with grant programs that could allow the [U.S.] private sector to reasonably make those investments would be helpful.”

But Dickerson also took issue with how the federal government is working with industry to combat cyber-risk.

“Currently this is not an effective system of public-private partnership and collaboration,” Dickerson testified. “It feels like industry is being threatened with additional regulation and security directives rather than being treated as the partners who own and operate the vast majority of critical infrastructure.”

He said that because of various intermodal connections at ports, terminals and other maritime facilities, his members are subject to multiple and overlapping regulatory requirements.

“As a result, limited resources are often spent on redundant checklists, meetings, reports and audits, as opposed to actively managing cyber-risk to critical infrastructure. It seems like every time we turn around there’s a new effort unveiled by a government agency, and often it seems to be repackaging elements of an older program with a new name.”

To improve the government-private sector relationship when it comes to cybersecurity — which includes improving maritime operators’ trust in how the government handles data collected before and after an attack — Dickerson provided the committee a list of recommendations for federal officials.

They included supporting private-sector practices that already address governmental needs and are proven effective for critical infrastructure. Also, the Cybersecurity and Infrastructure Security Agency should consider funding information-sharing analyst positions “to better facilitate the bi-directional flow of information across critical infrastructure.”

Click for more FreightWaves articles by John Gallagher.


  1. yodami

    I get paid over $87 per hour working from home with 2 kids at home. I never thought I’d be able to do it but my best friend earns over 10k a month doing this and she convinced me to try. The potential with this is endless.
    Here’s what I’ve been doing…► 𝗪𝘄𝘄.𝗝𝗼𝗯𝘀𝟳𝟬.𝗰𝗼𝗺

  2. Rob Allen

    This is not a problem with a quick solution
    If Biden wants to restore manufacturing this is a “path” but it will not be feasible until he is out of the White House.
    It took a long time to screw our industrial base up and it will take a long time to restore it.

Comments are closed.

John Gallagher

Based in Washington, D.C., John specializes in regulation and legislation affecting all sectors of freight transportation. He has covered rail, trucking and maritime issues since 1993 for a variety of publications based in the U.S. and the U.K. John began business reporting in 1993 at Broadcasting & Cable Magazine. He graduated from Florida State University majoring in English and business.