This bill limits the operation of foreign cranes at U.S. ports. Foreign cranes are those that have information technology and operational technology components that (1) were manufactured by companies that are subject to the control or influence of a country designated as a foreign adversary, and (2) connect to ports' cyber infrastructure.
Foreign cranes that are contracted for on or after the date of the bill's enactment may not operate at a U.S. port. The bill also prohibits, effective five years after the date of the bill's enactment, foreign cranes at U.S. ports if the cranes use software or other technology manufactured by a company owned by a country designated as a foreign adversary.
Additionally, the Cybersecurity and Infrastructure Security Agency (CISA) must (1) inspect foreign cranes for potential security risks or threats before they are placed into operation, (2) assess the threat posed by security risks or threats of existing or newly constructed foreign cranes, and (3) take any crane that poses a security risk or threat offline until the crane can be certified as no longer being a risk or threat.
CISA must also report to Congress about security risks or threats posed by foreign cranes at U.S. ports.
