The views expressed by contributors are their own and not the view of The Hill

The consequences of inviting China into US rail transportation


A group of U.S. scientists — all with top secret security clearances — takes the subway to a conference on missile defense. Tracking their movements and communications (using the train’s built-in WiFi), and matching each scientist to a prepared dossier, Chinese operatives quickly insinuate a human intelligence asset into the mix. That asset, armed with intimate personal information about each scientist, gains their trust through fake connections and credentials.

But how did the Chinese collect and leverage all this information? Simple: they made the train.

{mosads}The Made in China (MIC) 2025 initiative sets aggressive goals for market share in advanced rail transportation equipment: 30 percent in developed countries by 2020 and 40 percent by 2025.  These goals are quickly becoming reality in the United States. Over the past two years, a single Chinese company signed contracts to provide passenger rail cars to municipal public transit systems in Los Angeles, Chicago, Philadelphia, and Boston. Moreover, the contracts were secured by significantly underbidding the competition. Thus, via a state-owned rail company, China has established a heavy foothold that spans the United States.

 

This determined effort needs to be addressed on two fronts: the threat to U.S. and allied business in transportation critical infrastructure, and the looming risks of introducing Chinese smart technologies into our nation’s critical infrastructure.

Regarding China’s overt threat to U.S. and allied industry, there are measures to address unfair trading practices — ranging from subtle to heavy-handed.

First, the United States could deny Chinese rail car manufacturers access to the U.S. advanced rail market, in light of national security implications, and levy high import tariffs where China engages in uncompetitive trading practices, including state subsidies and other forms of support that allow manufacturers to significantly undercut U.S. and allied bidders.

Consistent with this approach, Congress could pass legislation stating that under anti-dumping and countervailing duty laws, Chinese state-owned and state-controlled enterprises are presumed to be operating on behalf of the state and, as a result, do not have standing under U.S. laws against unfair trade to block a case from proceeding.

In the alternative, the United States could work with our allies to discourage anti-competitive behavior by Chinese companies in infrastructure markets. Such efforts could include pressing China for market-based reforms, including limiting subsidization of infrastructure companies, and increasing resources to bring anti-dumping and countervailing duty (CVD) cases to the World Trade Organization.

Independent of any economic interests, the long-term security and privacy consequences of integrating Chinese smart technologies into our transportation infrastructure are ominous. In the worst-case scenario, passenger electronic communications could be intercepted, archived and used for a variety of nefarious purposes. For example, China could track the digital identities of individual riders and match them with information China has from its previous attacks on U.S. networks. This would allow China to significantly enhance its dossiers on high-ranking U.S. officials and executives.

Chinese rail cars also could send a steady stream of non-personal information about economic and transportation activity, and associated U.S. technologies, back to China. Indeed, China already may be doing so in connection with infrastructure projects in Malaysia, Cambodia and Belarus.

The risks to national security, in the form of critical infrastructure, also are substantial. Advanced rail transportation equipment includes wayside systems (fixed assets such as signaling and communications) and rolling stock (mobile assets such as passenger cars). These components are interconnected through communications networks that control rolling stock, signaling, switching  and communications. The networks are designed to provide safety and security for rail transportation, but they are a vulnerability in light of the potential for embedding nefarious back-door implants or hidden code enhancements that covertly communicate with the manufacturer. Critical transportation components could be under foreign command and control.

This situation would pose real risks to transit operations. Precision navigation timing can be manipulated to disrupt vehicle operations. Simply introducing errors in the network data or communications could cause systems to revert to a safe mode, wherein the vehicle is stalled until the error is diagnosed and corrected.

The next generation of rail cars used in public transit systems will be hyper-connected mobile hotspots, where critical infrastructure and critical communications systems intersect. Given the operational access afforded by these new technologies, the issue deserves the same attention presently focused on port, airline, telecommunications and technology infrastructures, with a watchful eye on suppliers and supply chain integrity, and unblinking vigilance over end-to-end system security and integrity.

Now is the time to place passenger rail on the same level of concern as other key elements of our critical national infrastructure.  

David N. Senty, a retired U.S. Air Force major general, was the first chief of staff at U.S. Cyber Command. He also is a 33-year veteran of the CIA, principally as a senior technical operations officer.

Mark S. Sparkman is a 30-year veteran of the CIA, including as an operations officer, a member of the Senior Intelligence Service and former Chief of Station. He is the chief intelligence officer for Veretus Group, an investigations and strategic intelligence firm in Washington, D.C.