A bipartisan group of House members from New York are raising concerns about Chinese involvement in building New York City subway cars, zeroing in on the potential that the new train cars could be hacked or controlled remotely.
The group of 15 lawmakers, led by Reps. Kathleen Rice (D-N.Y.) and John Katko (R-N.Y.), wrote a letter to the New York City Transit Authority and the Metropolitan Transit Authority (MTA) recently to “raise concerns regarding the safety and security” of New York City’s transit system following MTA’s decision to allow a Chinese-owned company to design new rail cars for the city.
“As you may be aware, critical infrastructure systems around the country have been increasingly targeted in recent years as part of coordinated hacking attempts and other forms of systematic interference, often stemming directly from foreign governments,” the lawmakers wrote.{mosads}
“These actions are part of comprehensive efforts to undermine U.S. economic competitiveness and national security, and we have serious concerns regarding MTA’s involvement with some of those same foreign governments and the protections in place to ensure that our subway systems remain safe and secure,” they added.
In 2018, MTA announced that the winners of its “MTA Genius Transit Challenge” would include the China Railway Rolling Stock Corporation (CRRC), which proposed an investment of $50 million of its own funds to develop a new subway car in New York City. The challenge was announced in 2017 in order to upgrade the subway system.
While the members acknowledged that “no U.S. companies currently manufacture transit railcars,” they stressed that they have “serious concerns regarding the intimate involvement of a Chinese state-owned enterprise in these efforts.”
They specifically pointed to concerns around rail cars being built that would include Wi-Fi systems and train control technology that could be susceptible to hacking or other cyberattacks and asked that MTA respond to questions around how it planned to ensure the cybersecurity of its rail cars.
The letter from the House members comes after Senate Minority Leader Charles Schumer (D-N.Y.) called on the Commerce Department last week to “thoroughly investigate” CRRC.
“Given what we know about how cyberwarfare works, and recent attacks that have hit transportation and infrastructure hubs across the country, the Department of Commerce must give the green light and thoroughly check any proposals or work China’s CRRC does on behalf of the New York subway system, including our signals, Wi-Fi and more,” Schumer said in a statement.
CRRC, which is the world’s largest passenger train manufacturer, is also planning to bid on building Metro cars for the Washington Metropolitan Area Transit Authority (WMATA) in Washington, D.C. Reuters reported earlier this month that the company plans to bid on a WMATA contract to build new Metro cars that is worth more than $500 million. The company is also involved in building rail cars in Los Angeles, Boston, Philadelphia and Chicago.
While CRRC did not immediately respond to comment on this story, it said in a statement after winning the MTA challenge that “we look forward to introducing CRRC’s design philosophy focused on accelerating the pace subway vehicles are procured and deployed to the New York transit system.”
The Chinese company’s involvement in the D.C. Metro system is an issue that has raised concerns among Senate Democrats who represent Virginia and Maryland, particularly in light of recent Trump administration moves against Chinese telecommunications companies involved in the roll out of fifth generation wireless technology, or 5G.
Last week, Sens. Mark Warner (D-Va.), Tim Kaine (D-Va.), Chris Van Hollen (D-Md.), and Ben Cardin (D-Md.) introduced a bill that would renew federal funding to WMATA, but also prevent WMATA from using those funds “on a contract for rolling stock from any country that meets certain criteria related to illegal subsidies for state-owned enterprises.”
All four of those senators previously raised cybersecurity concerns about WMATA allowing a Chinese company to build rail cars, suggesting that the bill would ban funds for contracts with Chinese companies.
In January, the same group of senators sent a letter to WMATA asking for details on how the transit agency planned to “ascertain and mitigate” any involvement of a foreign country in building new rail cars, and how it planned to defend rail cars against potential cyber espionage.
“Many of these technologies could be entirely susceptible to hacking, or other forms of interference, if adequate protections are not in place to ensure they are sourced from safe and reliable suppliers,” the senators wrote.