Unseen Threats: The Hidden Risks of Foreign Components in Critical Infrastructure

In an era of unprecedented connectivity, the backbone of our nation’s critical infrastructure—maritime ports, oil and gas facilities, chemical terminals, vessels, tugs, telecommunications networks, and physical security systems—relies heavily on operational technology ("OT"). These systems, which control everything from cargo cranes to pipeline valves, are the lifeblood of our economy and security. Yet, as we integrate increasingly sophisticated technologies into these vital sectors, a growing concern emerges: the risks posed by foreign-manufactured components embedded within these systems. As an ISA Fellow, president of InfraGard Houston, and someone who has spent decades navigating the intersection of infrastructure and communications, Marco Ayala seen firsthand how our reliance on global supply chains can expose us to vulnerabilities that adversaries may exploit.

The Growing Dependency on Foreign Components

The global supply chain for OT is a complex web, with components often sourced from multiple countries to optimize cost and efficiency. In maritime ports, for instance, automated ship-to-shore cranes, manufactured by foreign entities like China’s Shanghai Zhenhua Heavy Industries ("ZPMC"), dominate many U.S. facilities. Similarly, in the oil and gas and chemical sectors, sensors, controllers, and networking equipment often originate from overseas suppliers. Telecommunications infrastructure, including 5G equipment, and physical security systems like surveillance cameras frequently incorporate components from countries identified as potential adversaries, such as China. A 2024 U.S. Maritime Advisory highlighted vulnerabilities in port equipment, noting that foreign-manufactured systems like ZPMC cranes and Nuctech scanners create risks to both IT and OT networks, potentially allowing unauthorized access to sensitive logistics data.

This dependency is not merely a matter of economics—it’s a national security issue. Many of these components are designed, manufactured, or maintained by companies with ties to foreign governments, raising concerns about embedded backdoors, firmware vulnerabilities, or remote command-and-control capabilities. The 2025 Office of the Director of National Intelligence Threat Assessment underscored that adversaries like China, Russia, Iran, and North Korea are actively targeting U.S. critical infrastructure, including telecommunications and manufacturing sectors, to steal data or disrupt operations.

The Risks: From Espionage to Disruption

The risks of foreign components in OT systems are multifaceted. First, there’s the threat of espionage. Systems like the Peoples Republic of China's ("PRC") LOGINK platform, used in at least 24 global ports, aggregate sensitive data such as vessel and cargo details, which could be accessed by foreign governments. The U.S. government has explicitly prohibited LOGINK’s use in American ports due to its potential to collect and transmit sensitive logistics data to the PRC. Such data could reveal supply chain dependencies, military logistics patterns, or economic activities, providing adversaries with strategic insights.

Beyond espionage, the more alarming risk is disruption. Foreign components with embedded backdoors or remote access capabilities could allow adversaries to manipulate or disable critical systems. Imagine a scenario where a foreign-controlled crane in a major port like Los Angeles or Houston is remotely shut down, halting cargo operations during a crisis. In the oil and gas sector, a compromised controller in a pipeline could lead to catastrophic spills or explosions. The 2024 RAND commentary warned that Chinese hackers are pre-positioning themselves in U.S. infrastructure to “wreak havoc” in a potential conflict, citing FBI Director Christopher Wray’s testimony about the PRC’s Volt Typhoon group infiltrating critical networks.

Telecommunications and physical security systems are equally vulnerable. The 2024 ban on Chinese-made connected vehicles and components, proposed by the Commerce Department, highlighted fears that adversaries could remotely control or disable vehicles, potentially causing crashes or blocking key infrastructure like roads. Surveillance cameras, such as those produced by Hikvision and Dahua—both PRC-based companies banned in some U.S. applications—have been found to contain vulnerabilities that could allow remote access or data exfiltration. These risks are not hypothetical; they are actively being exploited.

Real-World Examples of Compromise

Recent incidents underscore the tangible dangers of foreign components in U.S. infrastructure. In early 2024, U.S. authorities discovered that Chinese-made ZPMC cranes at several American ports contained cellular modems not specified in their design. These modems, capable of remote communication, raised concerns about potential command-and-control capabilities by the PRC. While investigations are ongoing, the presence of undocumented hardware in critical infrastructure is a stark reminder of the risks of unvetted foreign technology.

Another alarming case involved the PRC’s Volt Typhoon hacking group, which in 2024 was found to have infiltrated U.S. critical infrastructure networks, including those in the energy and telecommunications sectors. The group exploited vulnerabilities in foreign-manufactured networking equipment, embedding backdoors for potential disruption during a conflict. The Cybersecurity and Infrastructure Security Agency (CISA) and FBI issued warnings about Volt Typhoon’s ability to maintain persistent access, highlighting the need for robust supply chain scrutiny.

The Supply Chain Challenge

The complexity of global supply chains exacerbates these risks. A single OT system may contain thousands of components—microchips, sensors, firmware—sourced from dozens of countries. Even when the primary manufacturer is domestic, subcomponents may originate from adversarial nations. The 2024 White House Critical and Emerging Technologies List emphasized the importance of securing supply chains for technologies like positioning, navigation, and timing systems, which are integral to maritime and telecommunications infrastructure. Yet, verifying the integrity of every component is a daunting task, particularly when manufacturers lack transparency or are subject to foreign government influence.

Compounding this challenge is the lack of domestic manufacturing capacity for many critical components. The U.S. has taken steps to bolster semiconductor production through initiatives like the CHIPS Act, but rebuilding a resilient supply chain will take years. In the interim, infrastructure operators must rely on rigorous vetting, cybersecurity hygiene, and partnerships to mitigate risks.

Mitigating the Threat

Addressing the risks of foreign components requires a multi-pronged approach. First, infrastructure operators must prioritize supply chain transparency. This means demanding detailed bills of materials from vendors and conducting independent audits of hardware and software. The U.S. Maritime Advisory recommends improving network segmentation, using secure file transfer protocols, and maintaining recoverable backups to reduce vulnerabilities in port systems. Similar measures should be applied across oil and gas, chemical, and telecommunications sectors.

Second, collaboration is critical. Partnerships with government agencies, national labs, and organizations like InfraGard Houston can provide access to threat intelligence and best practices. The Department of Homeland Security’s CISA International Strategic Plan for 2025–2026 emphasizes collective defense and information sharing to counter global threats. Academic institutions and private-sector cybersecurity firms, such as those involved in the DoD’s IDEAS program, can also drive innovation in secure OT solutions.

Finally, policy interventions are essential. Legislation like the Protecting Americans’ Data from Foreign Adversaries Act of 2024 and executive orders restricting data transfers to countries of concern signal a growing recognition of these threats. Expanding these measures to cover OT components could further safeguard critical infrastructure.

Looking Forward: A Call for Vigilance and Collaboration

As we navigate the complexities of globalized technology, the path forward demands a relentless commitment to understanding the equipment and systems we deploy. Every component, from a crane’s firmware to a pipeline’s sensor, must be scrutinized for potential vulnerabilities. This is not a task for industry alone—it requires a united front. By partnering with our National Labs, organizations like MITRE, and collaborative networks like InfraGard Houston, we can develop robust strategies to assess and secure OT before it reaches our ports, refineries, or telecommunications networks. These partnerships foster innovation, share critical threat intelligence, and build resilience against adversaries who seek to exploit our interconnected world.

The stakes are high, but so is our capacity to respond. By embracing transparency, collaboration, and proactive policy, we can ensure that our critical infrastructure remains a pillar of strength, not a point of vulnerability. The future of our security depends on the choices we make today—choices that begin with knowing exactly what’s inside the systems that keep our nation running.

About the Author

Marco Ayala