The Chinese supplier of new rolling stock and passage compartments for the subway system serving Boston and its suburbs has laughed off claims about bugging US passengers.
State-owned China Railway Rolling Stock Corp also warned that such “hysterical mentality” could delay progress in modernizing and accelerating subway services in major US cities.
Its comments were in response to a Washington Post report earlier this month, which alleged that made-in-China subway cars could conduct surveillance of US passengers while they ride the trains.
The article went so far as to suggest that espionage devices and software installed could secretly record images and conversations of passengers and leave convenient backdoors in train operating systems for hackers.
“The Chinese hide malware in a metro rail car’s security camera system that allows surveillance of Pentagon or White House officials as they ride the Blue Line – sending images back to Beijing … Or a flaw in the software that controls the train – inserted during the manufacturing process – allows it to be hacked by foreign agents or terrorists to cause a crash,” alleged the report.
But CRRC assembles its trains for Boston at its US plant, with parts either sourced locally or imported from China, according to the Global Times. The Chinese rail equipment behemoth said on December 18 that the first pair of train cars had rolled down its production line at CRRC’s Springfield City plant west of Boston.
The next-generation rail cars are on track to replace outmoded ones that have served Boston’s Blue and Orange Lines for decades, in a deal won by CRRC after it undercut other bidders.
The Chinese firm said closed-circuit television cameras and other sensors are commonplace on modern trains nowadays across the globe, to monitor train services and ensure swift response to any emergency.
No US company now makes subway cars, allowing CRRC to use bargain prices to win four of five large US transit rail car contracts awarded since 2014. Other than Boston, it will make train cars for Chicago, Los Angeles and Philadelphia.
Officials and rail operators in these cities said they have taken significant steps to ensure their rail cars are not outfitted with spyware or other suspicious technology.
There have been talks that CRRC is also eyeing more contracts as New York and Washington are procuring new rail equipment to modernize their respective systems, now the two largest subway networks in the US as measured by system length.
Meanwhile, the Massachusetts Bay Transportation Authority that operates train services in Boston and its neighboring areas has also stressed it has robust controls in place to maintain the security of its system, adding that no software components for the new cars are procured in China.
It said it would examine cyber-security hazards through an overall system safety analysis, based on the Pentagon’s Military System Safety Standard.