US Senators representing the Washington DC region urged Washington Metropolitan Area Transit Authority (WMATA), commonly referred to as the Metro, to refrain from awarding a contract to a Chinese railcar maker, claiming that Beijing could build in remote-controlled features to spy on Americans or even remotely control trains.
In a letter to Metro General Manager Paul J. Wiedefeld, four lawmakers say the agency should get approval from the US Department of Defense, the Department of Homeland Security and the Transportation Department before awarding the contract for next-generation rail cars to a "foreign adversary," Washington Post reported.
The four lawmakers: Senators Mark R. Warner (D-VA); Tim Kaine (D-VA): Ben Cardin (D-MD) and Chris Van Hollen (D-MD) did not mention Beijing in their letter, but an accompanying news release makes clear that the senators are concerned that the contract may be awarded to a "Chinese company."
A news release cited a January 7 article by The Washington Post claiming that China could install malware in subway cars to spy on passengers, monitor conversations or engage a car remotely to cause a crash.
The letter was met with pointed criticism from Metro Board Chairman Jack Evans.
"If indeed the federal government wants us to buy from other vendors at a higher cost, then they need to subsidize the difference," Wiedefeld responded, while observing that some 40 percent of the Metro's rush-hour passengers are federal government employees.
"I note that the federal government still pays zero, nothing, for Metro on the operating side," Evans said. "I would instruct the four senators to focus their efforts on getting federal funding for Metro."
On January 11, Senators Mike Crapo (R-ID) and Sherrod Brown (D-OH) wrote to Wiedefeld expressing "deep concerns" about CRRC's efforts "to displace rail manufacturers in the United States." Crapo and Brown are the chairman and ranking Democrat on the Senate Committee on Banking, Housing and Urban Affairs, respectively, overseeing public transportation.
The lawmakers cited similar concerns, saying CRRC's cars are vulnerable to "hacking or other forms of interference," including "automatic train control; network and trainline control; video surveillance; monitoring and diagnostics; and data interface with [Metro]."
Their letter put up a series of questions, including: "Will Metro consult with the Department of Defense prior to awarding a contract to confirm whether the Department would permit railcars built by certain foreign governments to operate through the Pentagon?" and "Will Metro […] seek the concurrence of [US Transportation Department] and [Department of Homeland Security] in its cybersecurity evaluations before making any final contract award?"
Metro will choose the winner of the contract in accordance with a Request for Proposals it issued in September 2018. In response to lawmaker concerns, the agency said in December that it would review the document. Bids for the contract are due April 4, Washington Post reports.