[House Hearing, 119 Congress]
[From the U.S. Government Publishing Office]
EMBEDDED THREATS: FOREIGN OWNERSHIP,
HIDDEN HARDWARE, AND LICENSING FAILURES
IN AMERICA'S TRANSPORTATION SYSTEMS
=======================================================================
HEARING
BEFORE THE
SUBCOMMITTEE ON OVERSIGHT
OF THE
COMMITTEE ON THE JUDICIARY
U.S. HOUSE OF REPRESENTATIVES
ONE HUNDRED NINETEENTH CONGRESS
SECOND SESSION
__________
WEDNESDAY, JANUARY 21, 2026
__________
Serial No. 119-52
__________
Printed for the use of the Committee on the Judiciary
[GRAPHIC NOT AVAILABLE IN TIFF FORMAT]
Available via: http://judiciary.house.gov
__________
U.S. GOVERNMENT PUBLISHING OFFICE
62-658 WASHINGTON : 2026
-----------------------------------------------------------------------------------
COMMITTEE ON THE JUDICIARY
JIM JORDAN, Ohio, Chair
DARRELL ISSA, California JAMIE RASKIN, Maryland, Ranking
ANDY BIGGS, Arizona Member
TOM McCLINTOCK, California JERROLD NADLER, New York
THOMAS P. TIFFANY, Wisconsin ZOE LOFGREN, California
THOMAS MASSIE, Kentucky STEVE COHEN, Tennessee
CHIP ROY, Texas HENRY C. ``HANK'' JOHNSON, Jr.,
SCOTT FITZGERALD, Wisconsin Georgia
BEN CLINE, Virginia ERIC SWALWELL, California
LANCE GOODEN, Texas TED LIEU, California
JEFFERSON VAN DREW, New Jersey PRAMILA JAYAPAL, Washington
TROY E. NEHLS, Texas J. LUIS CORREA, California
BARRY MOORE, Alabama MARY GAY SCANLON, Pennsylvania
KEVIN KILEY, California JOE NEGUSE, Colorado
HARRIET M. HAGEMAN, Wyoming LUCY McBATH, Georgia
LAUREL M. LEE, Florida DEBORAH K. ROSS, North Carolina
WESLEY HUNT, Texas BECCA BALINT, Vermont
RUSSELL FRY, South Carolina JESUS G. ``CHUY'' GARCIA, Illinois
GLENN GROTHMAN, Wisconsin SYDNEY KAMLAGER-DOVE, California
BRAD KNOTT, North Carolina JARED MOSKOWITZ, Florida
MARK HARRIS, North Carolina DANIEL S. GOLDMAN, New York
ROBERT F. ONDER, Jr., Missouri JASMINE CROCKETT, Texas
DEREK SCHMIDT, Kansas
BRANDON GILL, Texas
MICHAEL BAUMGARTNER, Washington
------
SUBCOMMITTEE ON OVERSIGHT
JEFFERSON VAN DREW, New Jersey, Chair
BARRY MOORE, Alabama JASMINE CROCKETT, Texas, Ranking
ROBERT F. ONDER, Jr., Missouri Member
DEREK SCHMIDT, Kansas JARED MOSKOWITZ, Florida
BRANDON GILL, Texas HENRY C. ``HANK'' JOHNSON, Jr.,
Georgia
CHRISTOPHER HIXON, Majority Staff Director
ARTHUR EWENCZYK, Minority Staff Director
C O N T E N T S
----------
Wednesday, January 21, 2026
OPENING STATEMENTS
Page
The Honorable Jefferson Van Drew, Chair of the Subcommittee on
Oversight from the State of New Jersey......................... 1
The Honorable Jasmine Crockett, Ranking Member of the
Subcommittee on Oversight from the State of Texas.............. 3
The Honorable Jamie Raskin, Ranking Member of the Committee on
the Judiciary from the State of Maryland....................... 4
WITNESSES
Emily de La Bruyere, Senior Fellow, Foundation for Defense of
Democracies
Oral Testimony................................................. 6
Prepared Testimony............................................. 9
Rocky Cole, Co-Founder, Chief Operating Officer, iVerify
Oral Testimony................................................. 16
Prepared Testimony............................................. 19
Chris Spear, President, Chief Executive Officer, American
Trucking Association
Oral Testimony................................................. 22
Prepared Testimony............................................. 24
Rob K. Knake, Chief Executive Officer, TPO Group
Oral Testimony................................................. 38
Prepared Testimony............................................. 40
LETTERS, STATEMENTS, ETC. SUBMITTED FOR THE HEARING
All materials submitted for the record by the Committee on the
Judiciary are listed below..................................... 59
An Interim Staff Report entitled, ``The Weaponization of CISA:
How a `Cybersecurity' Agency Colluded with Big Tech and
`Disinformation' Partners To Censor Americans,'' Jun. 26, 2023,
Committee on the Judiciary, Select Subcommittee on the
Weaponization of the Federal Government, submitted by the
Honorable Brandon Gill, a Member of the Subcommittee on
Oversight from the State of Texas, for the record
Materials submitted by the Honorable Jasmine Crockett, Ranking
Member of the Subcommittee on Oversight from the State of
Texas, for the record
An article entitled, ``DOGE Put Critical Social Security Data
at Risk, Whistle-Blower Says,'' Aug. 26, 2025, The New
York Times
An article entitled, ``Transportation Department targets
3,000 truck driving schools for non-compliance,'' Dec. 1,
2025, AP News
EMBEDDED THREATS: FOREIGN
OWNERSHIP, HIDDEN HARDWARE, AND
LICENSING FAILURES IN AMERICA'S
TRANSPORTATION SYSTEMS
----------
Wednesday, January 21, 2026
House of Representatives
Subcommittee on Oversight
Committee on the Judiciary
Washington, DC
The Committee met, pursuant to notice, at 2 p.m., in Room
2141, Rayburn House Office Building, the Hon. Jefferson Van
Drew [Chair of the Subcommittee] presiding.
Members present: Representatives Van Drew, Onder, Gill,
Crockett, Raskin, and Johnson.
Mr. Van Drew. The Subcommittee will come to order. Without
objection, the Chair is authorized to declare a recess at any
time. We welcome everyone to today's hearing on foreign
involvement and threats to America's transportation system.
I now recognize the doctor, the gentleman Dr. Onder from
Missouri, to lead us in the Pledge of Allegiance.
All. I pledge allegiance to the Flag of the United States
of America, and to the Republic for which it stands, one
Nation, under God, indivisible, with liberty and justice for
all.
Mr. Van Drew. Remain standing for a moment of silence.
I will now recognize myself for an opening statement.
Again, I want to welcome everyone, and I want to thank the
witnesses for being here today. I guess you could say this
hearing is about control and who ultimately pays the price when
we give that control away.
Every day, millions of Americans travel on our Nation's
highways, leaving behind a detailed digital record of who they
are, where they go, what their destination is, and how they got
there. I want to say on this hearing today--and I may be wrong;
we are going to find out there may be some bipartisanship, not
on all the subjects of the hearing, but particularly on this
piece of it. I am hopeful for that. We are going to find out.
We all agree that this is a serious issue.
Electronic toll collection systems like E-ZPass were sold
to the public as a convenience. You drive through; you get a
bill later. Those bills get pretty big, by the way. Your data
also does get tracked. In an alarming trend, more and more of
this data is being stored and being controlled by foreign
entities.
In my home State of New Jersey, the E-ZPass system used by
millions of residents--some of the most traveled roads in the
United States of America are in the State of New Jersey, the
New Jersey Turnpike, for example, used by millions and
businesses as well, is now operated by a company under foreign
government control, a Singaporean company with documented ties
to the Chinese Communist Party.
That means Americans are paying tolls into a system that is
not under American control. Interestingly enough, New Jersey
had a choice. There was an American company that submitted a
lower bid to operate the system. Many believed it was a
responsible bid. Instead of choosing the option that would have
kept control here at my home and save residents money, the
State went with the higher, more expensive foreign bid.
This is at a time when families are struggling with
inflation, high prices, and increased cost-of-living pressures.
New Jersey taxpayers were asked to pay more for less
accountability and less security. Higher costs, less
transparency, more foreign control--it is a bad formula. The
problems do not end with those who operate our toll systems. It
extends to what is embedded inside the infrastructure itself.
The United States has become dangerously dependent on
Chinese-manufactured infrastructure components, including
batteries, sensors, and cameras. In 2024, the Department of
Homeland Security estimated that at least--at least--12,000
Chinese-made internet cameras were already in use across United
States infrastructure.
The February 2025 DHS report revealed that many of these
cameras lack basic data encryption and security settings, and
by default, they can communicate directly with their
manufacturer located in China. That means foreign entities may
have visibility into American facilities, American operations,
and American vulner-abilities.
Chinese State-sponsored cyberattack groups linked to the
Chinese Government have demonstrated the capability to
infiltrate U.S. infrastructure, steal sensitive data, and
maintain persistent access inside our networks.
Once again, it comes back to control. If we do not control
the systems, the hardware, and the data, then we don't control
the risk. The loss of American control does not stop with toll
systems or infrastructure. Under the Biden Administration,
States were allowed to issue CDLs, commercial driver licenses,
to individuals who were not qualified and not proficient in
English. This is where it may not be as bipartisan.
Truck drivers must be able to read road signs. If you are
driving an 18-wheeler, a semi, on the road, you have to be able
to understand the signs. I don't know why that is complicated.
They have to be able to communicate with law enforcement and
respond in emergencies. When States ignore those requirements,
Americans pay the price.
Let me give you a few examples. On March 13, 2025, Austin,
Texas, a tractor trailer driven--slowed for a stop in traffic
plowed into more than a dozen vehicles, killed five people,
including an infant and a child. The driver couldn't read and
write English. On November 14, 2025, Boone County, Indiana, an
illegal immigrant from the country of Georgia driving with a
New York-issued nondomiciled CDL lost control of an 18-wheeler,
killing a National Guardsman by the name of Terry Frye.
In Ontario, California, a semitruck driven by an
undocumented immigrant crashed on Interstate 10, killing three
Americans and injuring several others. In St. Lucie County,
Florida, a commercial truck driver with limited English
proficiency made an illegal maneuver on the Florida Turnpike,
and it resulted in a crash and killed three people. In
Washington State, an undocumented commercial driver struck a
stopped vehicle on a State highway killing a motorist.
These are not just statistics. These are families. These
are brothers and sisters, mothers and fathers, daughters and
sons, people whose families were destroyed because of what
happened. Once again, it does come back to control.
When States abandon enforcement of Federal law, Americans--
American families--suffer the consequences. Safety on American
roads is not optional. American roads should be controlled by
Americans. American data should be controlled and protected by
Americans and American safety standards should be enforced for
the benefit of Americans.
I thank the witnesses for being here today, and I do look
forward to your testimony.
I now recognize the Ranking Member from the great State of
Texas, Ms. Crockett, for an opening statement.
Ms. Crockett. Thank you so much, Mr. Chair. Thank you to
the witnesses for appearing today to discuss threats to our
transportation system.
This is a serious national security issue. I appreciate the
opportunity to have a bipartisan discussion, something that
does not happen very often here, about how our foreign
adversaries target America's critical infrastructure.
Just last fall, the Federal Highway Administration warned
that spyware had been found inside foreign-manufactured systems
used to operate the signs, traffic cameras, weather stations,
and vehicle chargers that line our highways all across the
country. These communication devices could be used to collect
individuals' transportation data, could be used to hack into
government systems, and could even be used to cause outages in
major American cities.
Infiltration of our supply chains is just one vulnerability
our adversaries can exploit. We consistently see our
adversaries target our critical infrastructure with cyber
espionage and cyberattacks.
Unfortunately, from sending the names of CIA operatives
over email to including a journalist in a Signal group chat
discussing war plans, President Trump's Administration has
shown a blatant disregard for our cybersecurity. The President
has gutted the Cybersecurity and Infrastructure Security
Agency, our core civilian cyber defense agency. He also fired
the head of the U.S. Cyber Command, DHS' Cyber Safety Review
Board, and cybersecurity professionals at the NSA and NIST.
The DHS determined the Critical Infrastructure Partner
Advisory Council as a key advisory group that provided space
for public-private collaboration to coordinate and craft
cybersecurity plans to protect critical infrastructure. Experts
repeatedly emphasize that public-private partnerships are
necessary to protect the cybersecurity of our critical
infrastructure. The Cybersecurity Information Sharing Act,
which facilitates the public-private cyber threat intelligence
ecosystem, expired last fall, and the Republican-led Congress
has failed to reauthorize it.
President Trump's Administration has also disbanded key
operations targeting foreign malign influence. Attorney General
Pam Bondi dissolved the FBI's Foreign Influence Task Force.
Director of National Intelligence Tulsi Gabbard dismantled the
intelligence community's Foreign Malign Influence Center.
It appears that there is no longer any Federal body
dedicated to tracking and analyzing foreign-State efforts to
interfere in American society. Meanwhile, the President seems
to get friendlier with the heads of authoritarian adversarial
Nations every day.
This dismantling of the Federal Government's cybersecurity
and national security resources and the continued
politicization of our Federal agencies has left State and
private officials reluctant to trust and share information with
our Federal Government. This threatens the security of all
critical infrastructure, from our healthcare to our elections
to our transportation systems.
It is vital that we address the ways our foreign
adversaries target our key critical infrastructure sectors. In
my opinion, the largest threat to our national security and
critical infrastructure is not undocumented immigration or
foreign investment. It is the incompetent folks at the highest
levels of our government that have dismantled our cybersecurity
resources.
Thank you, and I yield back.
Mr. Van Drew. I thank the Ranking Member. With that, I will
recognize the Ranking Member of the Full Committee, Mr. Raskin.
Mr. Raskin. Thank you very much, Chair Van Drew. Thank you
to all our witnesses for joining us today.
To the extent that our colleagues have called this hearing
to examine how foreign threat actors are compromising our
national security by targeting transportation and critical
infrastructure, that is a valid and meaningful subject of
inquiry. I salute the Chair for this initiative.
China is in strategic competition with the United States
and is using cyber espionage to undermine our defenses.
Cybersecurity is of serious concern in the transportation
sector because of the vast number of targets that operate new
technologies and are run by a wide array of government and
private entities.
From AI-driven software to trip-reliant hardware,
advancement in technology of course has great promise to make
transportation faster, cheaper, and safer. We must be vigilant
to ensure these systems are not vulnerable to infiltration or
attack from malign actors, like Putin's autocratic Russia or
the Stalinist bureaucrats of China.
We cannot honestly discuss and debate the issue without
addressing how President Trump has gutted the safeguards that
protect our transportation and critical infrastructure against
foreign threats. The programs and personnel in the U.S.
Government that keep us safe have been cut wholesale and have
been bizarrely politicized, jeopardizing our national security.
Trump removed a third of the workforce at the Cybersecurity
and Infrastructure Security Agency, which helps government and
business work together to identify cyber threats before it is
too late. That reduction included the Department officials
dedicated to local government coordination with business, which
is crucial to transportation infrastructure security.
Trump fired the Chair of the Joint Chiefs and other top-
level military leadership, eliminating continuity in national
security, and his Attorney General shut down the FBI's Foreign
Influence Task Force, the group responsible for identifying and
combating malign foreign influence operations targeting the
people of the United States.
Trump's approach to national security, especially
cybersecurity, is that of a coach who is friendly with the
coaches of foreign teams and then suddenly takes his goalie
off-net. To my mind, I don't think we can have a serious
conversation about hardware vulner-abilities if we are going to
ignore the fact that President Trump has made our
infrastructure substantially less safe in just one year's time.
What is even more confusing to me about today's hearing is
that we are examining foreign threats as though Donald Trump
isn't systematically ceding more global power to China every
single day, even as he multiplies and deepens his own personal
business ties to China.
During his first term, Trump collected millions of dollars
in payments from the Chinese Government and State-owned
companies. In exchange for these unconstitutional emoluments,
he opposed sanctions against Chinese telecom companies and
banks even when they threatened our national security. He even
tried to cancel military exercises with Japan and South Korea
because China complained about them.
In his second term, we have seen even more of enthusiastic
Presidential embrace of the tyrants and dictators. Over the
last year, the administration has dismantled USAID, giving
China free rein to swoop in and offer countries around the
world assistance with their infrastructure construction
projects, their agricultural programs, their food aid, and
public health, dramatically expanding China's sphere of
influence.
Trump has also hurt American consumers by imposing unlawful
and arbitrary tariffs and hamstrung our ability to respond to
threats by firing government workers, including key experts on
China and national security personnel. All the while, he has
been using his crypto ventures to pocket hundreds of millions
of dollars directly from Chinese billionaires with ties to the
CCP.
In May, a tiny Chinese tech company with ties to the
government announced it had bought $300 million of President
Trump's memecoin, despite the fact that it has no revenue and
only eight employees. Gee, I wonder where the money is really
coming from.
One year in Trump's second term, we've learned that other
countries think that Donald Trump is indeed making a country
great, but that country is not America. It is China. In a 21-
country poll by the European Council on Foreign Relations, the
majority of respondents around Europe said that while the U.S.
is less feared by its adversaries and less revered by its
friends, they fully expect China's global influence to continue
to grow over the next decade.
It is no wonder why they think, Mr. Chair, when Trump is
inviting China, an egregious human rights violator, to join the
Gaza Board of Peace and reverse its course and allows U.S. chip
exports to China in a move that Anthropic CEO likened to
selling nuclear weapons to North Korea.
My friends, I wish this could just be about the problem of
hardware technology in transportation, but it exists in this
larger political context. That we have to make that clear for
everyone if we are serious about confronting the problem of
Chinese and Russian tyrannical influence in our government.
Thank you, Mr. Chair. I yield back.
Mr. Van Drew. I thank the Ranking Member.
Let me say--only conjuncture here. I am not sure, but I
have this sneaking suspicion, this intuitive feeling, the other
side doesn't like President Trump all that much. Am I right?
Ms. Crockett. I have never met him.
Mr. Raskin. I have never met him. It is not personal. We
were looking just at what the effect is on the American people.
Mr. Van Drew. I know. I am trying to have a little levity.
With that, I thank Mr. Raskin. Without objection, all other
opening statements will be included in the record.
Mr. Van Drew. We will now introduce today's witnesses. The
first witness--I am going to try not to murder your name; we
will see how I do--Ms. Emily de La Bruyere. Pretty close? OK.
Thank you for being here. The floor is yours.
Ms. de La Bruyere. Thank you. Thank you, Chair Van Drew--
Mr. Van Drew. Actually, let me--you know what? Let me do a
little history of you. I am sorry. You are a Senior Fellow at
the Foundation for Defense of Democracy. It is a think tank
that conducts research on our national security and foreign
policy issues. Your work focuses on China, economic security,
international organizations, and supply chains.
Now the floor is yours.
STATEMENT OF EMILY de La BRUYERE
Ms. de La Bruyere. Thank you, Chair Van Drew. Thank you,
Ranking Member Crockett. Thank you for this opportunity and
both having names much easier to pronounce than mine.
The Chinese Communist Party wants to control global
resources, markets, and information so that it can control the
world. Beijing pursues this ambition by leveraging nonmarket
industrial policy through which it subverts critical supply
chains and networks, a strategy of military-civil fusion
through which it turns that positioning into a forward-deployed
military presence, and a program State-sponsored data
collection through which every Chinese company and component
becomes an asset for influence and espionage.
Transportation systems are a core part of this Chinese
strategy. Beijing defines transportation systems as part of the
military-civil fusion ecosystem because they are necessary for
industrial operations, social functioning, and military
mobilization. For that reason, China protects its own
transportation systems domestically while looking to penetrate
them internationally.
Transport systems also represent a massive economic
opportunity. The U.S. auto sector, for example, alone accounts
for some 11 million jobs and $1.2 trillion of national output a
year. Beijing wants those markets. Beijing also wants the
military-relevant tech and industrial capacity that undergirds
them.
China wants something else from transportation systems,
too. Today's technological trends are pushing the transport
ecosystem toward an intelligent, connected, data-is-everything
paradigm. In that environment, every foothold in a transport
system, whether that is a component or a piece of software or a
vehicle, becomes a possible back door. Everything is a
computer. China is hacking all of it.
For this reason, China's presence in U.S. transportation
systems, (a) threatens U.S. industry and supply chains and
markets, and (b) grants Beijing access to critical information
on American society, the power to influence that information
and therefore society, and the ability to disrupt the
foundational networks on which our country depends.
This isn't a notional danger. It is not something that is
on the horizon. Our system is already embedded with Chinese
components, and we are already under attack. LiDAR offers a
valuable example. Autonomous vehicles use LiDAR to map their
surroundings. Airports use it to track movement and crowds.
Bridges use it to scan for defects.
China controls 90 percent of the world's LiDAR market. The
Chinese entities that are leading this charge are companies
like Hesai, RoboSense, DJI that the U.S. Government has already
identified as tied to the Chinese military. Those Chinese
military-tied companies sell to GM's Cruise and Nvidia's Drive
Hyperion. Their LiDAR sensors have been installed at JFK
International Airport and Charlotte Douglas International
Airport.
Chinese LiDAR sensors are on intersections in Chattanooga
and on drawbridges in Sarasota. Every purchase of a Chinese
LiDAR sensor funds the Chinese Communist Party. Every Chinese
LiDAR sensor risk collecting information on behalf of Beijing,
and all of them could be turned off at China's command.
This isn't a unique case. LiDAR is not isolated. The same
story plays out across the broader ecosystem of components that
go into modern transportation systems, whether those are IoT
modules, optical transceivers, or cameras.
Moreover, moving beyond the component level, Beijing is
also building out the platform and software level of modern
transportation. China is the world's largest player in in-car
AI agents. Beijing is also developing unrivaled global shipping
and transportation and logistics solutions, for example,
LOGINK, a Chinese national platform that provides a centralized
window into the otherwise fragmented world of global shipping
under the Chinese Government's control.
Washington needs to stop further Chinese penetration of our
transportation systems. Those efforts can start with direct
restrictions. No company that uses Chinese components software
or those made by a Chinese-influenced entity should be eligible
for Federal procurement, Federal tax incentives, or any other
Federal incentives. In establishing restrictions like that,
Washington should also tighten and clarify FEOC and PFE rules
to make it clear what it is that is a Chinese entity and to
make that a stricter definition.
Targeted measures like this can directly bolster the
security of American transportation systems, but Washington
should also take broader action to change the State of play
that has allowed China to embed itself into our critical
infrastructure systems. Tariffs on Chinese goods can help
dissuade the U.S. private sector from buying from Chinese
entities and therefore from being complicit with the Chinese
Communist Party. Tariffs can also create the circumstances in
which to rebuild a trusted American industry.
On the data front, no company that stores data in China
should be permitted to collect data in the United States or be
eligible for Federal procurement, defense industrial-based
procurement, Federal tax credits, or other incentives.
Washington should leverage trade deals to compel U.S. allies
and partners to enact their own defenses against China, such
that they don't serve as conduits for the Chinese Communist
Party.
It might seem impossible now to think that China could
supplant American giants like FedEx, Boeing, and Ford. That
scenario is on the very, very near horizon. Should it come to
pass, China will claim a determinative advantage. Washington
needs to fight back.
Thank you for your time.
[The prepared statement of Ms. de La Bruyere follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Van Drew. Thank you. Very informative. That outlines
the seriousness of this issue. I know it is not the sexiest
issue in Congress that everybody is talking about, and I get
it. This room should be packed, and everybody should hear this
and listen to it. It is a serious, serious issue.
Again, as I said before--and I understand components of
what you are talking about in your issues, but it should be a
bipartisan one as well.
Now, your name, on the other hand, Mr. Cole, is Rocky Cole.
Couldn't be easier than that, right?
Mr. Cole. Correct.
Mr. Van Drew. The floor is yours.
STATEMENT OF ROCKY COLE
Mr. Cole. Thank you, Chair Van Drew, Ranking Member
Crockett, and the distinguished Members of the Committee, for
the opportunity to testify today.
The topic of the hearing is embedded threats in America's
transportation systems, and I will certainly address those
directly. However, I believe, as several other people have
pointed out, that these threats are best understood in the
broader context of adversarial cyber operations against
America's critical infrastructure as they constitute one piece
of a larger strategic landscape.
My name is Rocky, and I have worked to counter America's
top cyber adversaries for almost 20 years now, first within the
United States intelligence community, then at Google, and now
at a U.S.-based, venture capital-backed company called iVerify,
which secures the very powerful computers in our pockets,
mobile phones.
I have witnessed a strategic evolution of cyber operations
from the earliest days of mere cyber espionage to what can only
be called today's cyber cold war. My experiences have informed
a somewhat unique perspective on both the problem and steps we
can take to mitigate the threats.
In cyberspace, America has two historical rivals, China and
Russia. Historically, both Chinese and Russian cyber operations
were focused on intelligence gathering. For China, this meant
extracting intellectual property to feed their Made in China
2025 strategy, which a former Director of the NSA described as
the greatest transfer of wealth in human history, while Russia
focused on more traditional espionage goals.
However, we have recently, in within the last five years,
reached a watershed moment where the objective of cyber
operations has shifted to prepositioning for disruptive
effects. Modern doctrine now views cyberspace as a basic
platform for hybrid warfare where blinding cyberattacks are
intended to paralyze command-and-control networks before
kinetic operations even begin.
The U.S. intelligence community assesses with high
confidence that these actors are embedding, quote, ``sleeper
software'' within our infrastructure to be activated at will.
The threat from China is particularly acute through several
multiyear campaigns aimed at achieving information dominance.
The Volt Typhoon campaign, for example, targets energy, water,
and yes, transportation sectors specifically to disable
military mobilization and sow domestic chaos that would
distract U.S. leaders during the potential invasion of Taiwan.
Furthermore, Salt Typhoon has compromised the backdoor
systems used by telecommunication providers for court-ordered
wiretapping and allowing China to monitor law enforcement,
track the real-time geolocations of millions of Americans, and
compromise our mobile devices. These operations have even
expanded to targeting toll systems and compromising State-level
commercial driver's license databases, all which are vital for
our national logistics.
To evade detection, these actors have refined their methods
to bypass modern defenses through malware-free intrusions. They
utilize techniques like living off the land, which means using
legitimate system administration tools to blend in with normal
activity and avoid detection, using largely stolen credentials
like passwords and tokens as their initial access point.
Finally, as per the topic of this hearing, they
increasingly utilize supply chain operations to gain backdoor
access to critical technologies. This could manifest as
tampering with or implanting hardware components, inserting
malicious codes into software updates, or compromising the
integrity of manufacturing processes for devices like routers,
servers, and even large industrial equipment such as port
cranes.
Despite the magnitude of the threat, the United States
remains hamstrung by a patchwork regulatory landscape and
structural challenges that impede a unified defense. Our
defensive posture is characterized by voluntary frameworks that
have failed to keep pace with the adversary's strategic pivot
to prepositioning. Compounding this is the complexity of
coordinating between the Federal Government and 50 State-level
regulatory bodies.
This asymmetry demands a significant structural and legal
overhaul to achieve true cyber deterrence both on the offensive
side and on the defensive side. This includes formalizing the
authority for the United States Cyber Command to, quote,
``defend forward and disrupt adversarial groups within foreign
networks before they reach the homeland.''
We must also address systematic personnel failures within
the United States Cyber Command by transitioning toward an
independent cyber force that establishes uniform standards for
recruitment and training and bypasses the traditional military
standards that have frankly hindered our cyber readiness. Most
importantly, we should consider advancing a framework that
treats cyberattacks on critical infrastructure that may imperil
a human life as the acts of war that they are, equivalent to
kinetic strikes.
We must also harden our domestic resilience by moving
beyond purely voluntary standards. Congress should fund States
to build high-maturity response capabilities and convert
voluntary resilience standards into mandates for systematically
important entities requiring redundant power and physical
hardening across physical sectors. We must shift the legal duty
of care to software manufacturers and away from the end users
like local governments, instead holding the software designers
liable for design flaws while mandating a move to secure-by-
design principles rather than today's voluntary pledges.
Finally, to mitigate supply chain risks, Congress should
consider implementing mandatory screening and the eventual
phase-out of Chinese-manufactured hardware with remote
communications capabilities within highly sensitive critical
infrastructure and Federal networks, akin to the rip-and-
replace campaigns that Congress has already funded to remove
Chinese-made telecommunications gear from America's core
networks.
Thank you, and I look forward to your questions.
[The prepared statement of Mr. Cole follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Van Drew. Thank you, Mr. Cole. With that, let me say
you're the co-founder and COO of iVerify, a cybersecurity
company focused on mobile phones, and previously worked at
Google and Deloitte and served with the National Security
Agency.
Mr. Chris Spear is next. Mr. Spear is the President and
Chief CEO officer of the American Trucking Association, an
organization made up of trucking companies. He also serves on
the Board of Directors for American Transportation Research
Institute and the Trucking Cares Foundation.
Mr. Spear?
STATEMENT OF CHRIS SPEAR
Mr. Spear. Chair Van Drew, Ranking Member Crockett, and the
Members of the Subcommittee, thank you for the opportunity to
testify here today.
For over 90 years, the American Trucking Associations has
represented an industry that employs the hardest-working men
and women in the country. Safety is in our DNA, and it is at
the forefront of everything that we do. The overwhelming
majority of America's 3.6 million truck drivers take immense
pride in their work. They meet every requirement every day, and
they move our economy forward with proficiency and with pride.
Safely operating a tractor trailer requires specialized
skills and an adherence to high standards of professionalism. A
CDL should represent a promise that the person behind the wheel
of an 80,000-pound vehicle is qualified, competent, and
accountable.
Regrettably, years of lax and uneven enforcement have
undermined that promise. Serious vulnerabilities, particularly
related to driver training and CDL issuance, have been exposed
through several high-profile, tragic, and preventable crashes.
CDL mills which masquerade as legitimate schools have fast-
tracked prepared individuals into trucking by putting profits
before training.
Meanwhile, State licensing agencies handed out improper
credentials, and Federal regulators looked the other way,
enabling unqualified individuals to climb into the driver's
seat. ATA has long warned that insufficient compliance allows
unsafe operators to obtain CDLs.
Fortunately, Secretary Duffy has made it a priority to
close these loopholes. Our federation has been working hand-in-
glove with USDOT to implement comprehensive solutions. We know
that meaningful oversight works. Since December, FMCSA at DOT
has removed nearly 7,000 CDL mills from the training provider
registry and put an additional 450 noncompliant providers on
notice.
These actions, coupled with upholding Federal driver
qualifications and implementing regular audits, are critical
steps toward improving the CDL system. We appreciate the
Subcommittee's focus on these issues, and we look forward to
being a resource as you seek to codify these regulations.
While the integrity of CDLs is foundational to highway
safety, the systems that monitor driver compliance and enable
roadside enforcement are just as critical. In recent years, the
proliferation of noncompliant electronic logging devices has
emerged as a serious and rapidly evolving threat. Cheating has
gone high-tech, with some devices using AI to produce fake
documentation, like fuel and food receipts, to fabricate hours
of service.
Equally concerning are digital back doors that could
provide U.S. adversaries access to sensitive supply chain data.
When operators are able to purchase devices that falsify logs
or conceal violations, it rewards unsafe behavior and penalizes
carriers who invest in compliant systems.
ATA strongly supports FMCSA's efforts to strengthen
electronic logging device certification, which have led to the
removal of nearly 100 noncompliant devices in just the last two
months. An additional 250 devices have been removed,
underscoring the need for better vetting on the front end. We
urge Congress to improve device screening, apply greater
scrutiny to foreign-owned ELDs, and enhance penalties against
violators.
Another growing concern involves cross-border trade with
Mexico. The B-1 visas allow Mexican drivers to haul freight
between Mexico and the U.S., but not within the United States.
When
B-1 drivers haul domestic freight, it is called cabotage, and
it is illegal. This underhanded practice exploits Mexican
drivers, and it is unfair to law-abiding motor carriers and
American truck drivers. ATA is pushing for stepped-up
enforcement against these violations.
Finally, I would like to draw the Subcommittee's attention
to a transportation security lapse within the Department of
Defense that was identified by ATA's Government Freight
Conference. The Department is improperly awarding shipments to
unauthorized carriers to move sensitive cargo like M1 Abrams
tanks and Bradley Fighting Vehicles.
This practice compromises safety by putting military
freight in the hands of unvetted carriers and drivers. Last
year, ATA worked with Congress to enact several provisions in
the NDAA aimed at this problem, and we will continue to partner
with you to shore this up.
ATA thanks the Subcommittee for your interest in
identifying foreign ownership risks and hidden vulnerabilities
across our transportation system. I look forward to answering
your questions.
[The prepared statement of Mr. Spear follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Van Drew. Thank you, Mr. Spear.
Mr. Rob Knake is the Chief Executive Officer of TPO Group,
a cybersecurity consulting firm. He previously served as the
Deputy National Cyber Director with the National Security
Council and at the Department of Homeland Security.
Mr. Knake?
STATEMENT OF ROB K. KNAKE
Mr. Knake. Thank you, Chair Van Drew, and thank you,
Ranking Member Crockett and the Members of the Committee, for
the opportunity to testify on this subject.
While I can't speak to the issues that my colleague Mr.
Spear has addressed, I think you are going to find that the
bipartisan approach that you were hoping for, Chair Van Drew,
really has emerged, at least within the cybersecurity
community, on these topics. There is very little that I could
disagree with in either the tone or the substance of what my
other two panelists have said about the cyber threats.
As not to repeat much of what they have said, let me make a
series of points about how we address these threats. First, let
me applaud the focus on embedded threats. As Mr. Cole pointed
out, our critical infrastructure is compromised through remote
hacking capabilities that China, Iran, Russia, and North Korea
have deployed. This is a serious issue. This is a serious risk,
and more needs to be done to address that traditional threat.
The threat from embedded systems that are dependent on
Chinese-produced electronics, Chinese IT components, and
Chinese products is unique to China because of the scale of
their manufacturing and the lack of capacity that we have in
the United States today.
I will primarily focus my remarks on the cyber aspects
here, but it should be noted that in the event of a conflict
with China, they will have the ability to cutoff supplies for
critical minerals, critical goods, critical parts, and services
that our economy needs to run. That alone means that we need to
diversify our supply, onshore our supply, and build trusted
supply networks with our allies overseas.
While we need to diversify our supply, we also simply
cannot simply trust that something produced by an ally or
something produced by a U.S. company, built by U.S. citizens,
is necessarily trusted. Let me go for another point of
bipartisanship here by quoting Ronald Reagan. This is an area
where the mantra needs to be, ``Trust but verify.''
We need to verify that the systems we rely on are in fact
secure, regardless of whether they are produced by a U.S.
company from entirely U.S.-made components or they are produced
by our allies through an extended and secured supply chain. We
cannot simply assume that onshoring will address this risk.
We have seen the risk from transshipment where U.S.
companies may think that they are building from chips that did
not in fact come from China, but those chips may have been
transshipped from China through Vietnam, Mexico, or another
country. A drone or other device that you may think is secure
and is U.S. and American made may have a risk inside it that
even the company that manufactured it does not know about.
That is why it is critically important that we invest in
the ability not only to produce these goods domestically and
with our allies but also be able to identify and recognize when
these supply chains have been compromised and when there are
back doors or logic bombs or other threats embedded in these
systems. We can envision a future in which we have trusted
supply chains, but to get there, we need much stronger
government action.
Chair Van Drew, to your point about a more expensive
Chinese system, I think what we are seeing today is that,
typically, Chinese suppliers are often cheaper, but in some
cases they in fact have better capability than some U.S.-
produced goods. What that will mean on the market is that
companies are going to purchase the cheaper good, particularly
if it is more effective than an American-made good.
I was part of a long-running--what I would call a
whispering campaign against Huawei to say that Huawei's
technology shouldn't be trusted; it shouldn't be put in our
core infrastructure. The FBI did briefings. We did briefings at
the NSC. What finally worked was banning that technology, and
then for the rural broadband telecommunications providers that
were incapable of investing to replace that, subsidizing that
investment.
We need a far broader approach like that to the categories
of technology that China is dominant in today, and we need to
develop and invest in the ability to verify that the
replacement technologies produced in the United States are, in
fact, secure and have not been compromised.
Thank you for this opportunity.
[The prepared statement of Mr. Knake follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Van Drew. Thank you, Mr. Knake. All good statements.
I am going to ask you all to rise to be sworn in. Raise
your right hand. Do you swear or affirm under penalty of
perjury that the testimony you are about to give is true and
correct to the best of your knowledge, information, and belief,
so help you God?
You may be seated.
Mr. Raskin. Point of order, Mr. Chair.
Mr. Van Drew. Yes.
Mr. Raskin. Does that apply also to testimony they have
already given?
Mr. Van Drew. Correct.
Mr. Raskin. Thank you.
Mr. Van Drew. Thank you for that. That does apply to the
testimony you have already given. What the Ranking Member is
pointing out in his gentle way is I should have done that at
the very beginning when you started your testimony.
That is a good point. Thank you.
With that being said, we are going to begin with the
questions. I am going to start with the gentleman from
Missouri, Dr. Onder.
Mr. Onder. Thank you, Mr. Chair.
Over the past decade, Federal agencies and infrastructure
operators have embedded software-driven electrical equipment
throughout America's roads, ports, rail systems, and power
networks. Through this rapid modernization, we have quietly
opened a dangerous national security vulnerability. Foreign-
manufactured hardware now sits at the core of systems that keep
the American economy running and the military moving.
Nowhere is the threat more acute than in the power sector.
Chinese-made inverters, batteries, and transformers have become
foundational to the power grid and critical infrastructure. The
components are designed, built, and in some cases remotely
controlled by firms operating under the authority and influence
of the Chinese Communist Party. As a result, the CCP is
increasingly positioned to monitor, disrupt, or manipulate the
infrastructure that underpins U.S. commerce, public safety, and
national defense.
Ms. de La Bruyere, can you explain why it is inherently
dangerous for U.S. roads, ports, and rail systems to rely on
electronic components manufactured in China, particularly when
those components are embedded deep inside operational systems?
Ms. de La Bruyere. Yes. There are three main reasons from
the informational perspective.
(1) The first is those components give China access to
critical American information: Who is traveling, where, when,
and how. That is like a personal privacy risk, but it is also a
strategic asset.
We are in a competition where data is the new oil. Data is
the single most dominant resource. In the great power
competition with China, if Beijing has full information on our
society, that is how it can target all its attacks.
(2) China can shape information: If information is fueling
transportation and you can shape information, you can decide
who is moving where, when, and what. You can pick winners and
losers, what company, shipping route, and software add-on is
going to win. That means that Beijing controls our society.
Then, there is the disruption threat. All these two things
are short of any outright conflict scenario. That is just
happening. If China decides it is time, they can shut off our
systems. They can interfere with our systems. They can
destabilize our society.
(3) That is informational threat: On top of it, there is
just a basic supply chain and industrial threat. China can stop
providing these components. We are trying to build new
infrastructure or modernize infrastructure. We are at their
mercy? Plus, our industrial base depends on being able to
produce these critical goods. Our country depends on having an
industrial base. Our economy depends on that. If we forfeit
that to China, there goes American growth and freedom.
Mr. Onder. What categories of U.S. infrastructure, like EV
charging stations, tolling stations, rail signaling, port
cranes, traffic management systems, currently depend on
foreign-manufactured electronic hardware? I am afraid you are
going to say all the above.
Ms. de La Bruyere. All of the above. At so many levels,
too, that we aren't--you mentioned inverters. No one is talking
about inverters.
Mr. Onder. Right.
Ms. de La Bruyere. That is a huge risk to the grid. All of
those sectors. Every sector. Data centers. Optical
transceiver--building them at rapid scale. Optical transceivers
are necessary for data centers. We increasingly depend on those
for so many other industries. What if China shuts those off?
Mr. Onder. Yes. I was at an energy conference in Houston a
few months back, and someone, one of the speakers, talked about
Chinese-made batteries. Any kind of reliance on so-called green
energy when their solar is going to rely on massive battery-
charging capability, or even one's--the electrical panel on
one's roof, private home, would depend on a battery.
Apparently, a large percentage of these are being made in
communist China right now. Those could, in theory, be remotely
flipped off or even remotely made to overheat, causing
electrical power or even explosion risk.
Mr. Cole, I see you nodding. Any comments on this?
Mr. Cole. Congressman, I was just discussing with the other
witnesses before the hearing that there are virtually no
cybersecurity standards around electric vehicles as a category,
whether that be batteries that can communicate directly,
perhaps, with China, or other cybersecurity standards of the
self-driving components of the vehicle.
You can imagine a world where the United States is trying
to mobilize for a conflict, and suddenly EVs are blocking
roads, the interstates, and cities.
Mr. Onder. Yes. It is frightening. Thank you. I yield back.
Mr. Van Drew. I thank the gentleman. The gentleman from
Georgia.
Mr. Johnson. Thank you, Mr. Chair.
Hostile foreign nations like China are targeting critical
infrastructure here in America. Donald Trump is enriching
himself with money from China while weakening United States
programs that protect us from their security threats.
For example, the Chinese Government and its State-
controlled entities spent over $5.5 million at Trump-owned
properties during the first Trump Administration. In this
second administration, the greed and corruption is
turbocharged. A Chinese company recently announced that it
would buy up to $300 million of President Trump's
cryptocurrency. Coincidentally, the Trump Administration is
systematically weakening our defenses against China's security
threats.
Ms. de La Bruyere, would you agree that the U.S. needs to
be the No. 1 country for artificial intelligence?
Ms. de La Bruyere. I would agree with that.
Mr. Johnson. You would agree also that Nvidia chips power
the Nvidia or the AI revolution, correct?
Ms. de La Bruyere. They are among the components that power
the AI revolution, yes.
Mr. Johnson. Does it surprise you that Trump has discarded
America's strategic technological edge over China insofar as AI
chips by changing the rules and allowing the export of Nvidia's
AI chips to China?
Ms. de La Bruyere. What surprises me the most is that--
Mr. Johnson. Does that surprise you?
Ms. de La Bruyere. I think what surprises me the most is
that we don't actually have an edge in AI chips over China
anymore.
Mr. Johnson. OK. All right. You want to take me in a
different direction.
Ms. de La Bruyere. Yes, sir because it is important
Mr. Johnson. I don't want to go in the direction you are
trying to take me.
I am going to now ask Mr. Cole. Mr. Cole, Elon Musk and his
DOGE musketeers benched hundreds of cybersecurity professionals
at the Cybersecurity and Infrastructure Agency, also known as
CISA, and at the National Security Agency. Nearly a third of
CISA's staff was cut, including divisions that coordinated with
States and businesses which provide key assistance for
transportation infrastructure.
Was that a wise move by Trump?
Mr. Cole. Well, first, Congressman, I'm a native Georgian,
so it is a pleasure to meet you.
Mr. Johnson. Well, good to meet you, too, sir.
Mr. Cole. I have always wanted to. To answer your question,
I do think now is not the time to cut CISA's budget or
operational--
Mr. Johnson. That was a bad move. His budget request to
Congress now includes an additional 18 percent cut to CISA's
Cybersecurity Division, which leads efforts to protect
government networks and helps defend critical infrastructure.
Was that a good move or a bad move?
Mr. Cole. Congressman, if you go around the country and
talk to the State cyber leaders, they will all tell you they
would like additional Federal support to respond to
cyberattacks.
Mr. Johnson. Well, it was a bad move. That is probably what
you are trying to say.
Let me ask you, Mr. Knake. We have seen our foreign
adversaries exploit cyber vulnerabilities against our
communications, energy, and water sectors, among others. It may
be easy to discount national security risk to our
transportation infrastructure because we haven't yet seen
widespread consequences in this field.
While embedded technology like undisclosed radios and
batteries in cranes clearly shows that our adversaries may have
the capability to conduct espionage or even cause outages in
transportation infrastructure, when local governments or
private companies are acquiring technology, they may be willing
to overlook the national security risk in favor of getting
technology that they need more quickly or for cheap, or
cheaper.
Does the fact that we haven't yet seen a major cyberattack
against our transportation infrastructure mean that we don't
have to worry about this national security threat? It comes at
a time when Trump's net worth increased by $3 billion over last
year. With this security threat, does it mean we need to be
worried, or do we have cause for concern as the President gets
richer and our security is eroded?
Mr. Knake. Sir, we have absolutely seen campaigns carried
out against our transportation infrastructure for the purposes
of collecting intelligence and for the purposes of planning
future attacks. What we haven't yet seen is significant
disruption of that infrastructure because the geopolitical
moment in which our adversaries would want to take advantage of
that has not emerged yet.
Mr. Johnson. Thank you. I yield back.
Mr. Van Drew. I thank the gentleman.
I am going to yield five minutes to myself. This is to Mr.
Spear. How does weakened enforcement of Federal CDL and English
proficiency requirements undermine safety on American roads?
Tell me if you agree this should be viewed as a national
security and rule-of-law issue rather than just a regulatory
problem.
Mr. Spear. Well, the criteria or the standards that you are
speaking to come from the United States Department of
Transportation, handed down to the States. The States
administer the tests. Some States do it very well, and there is
a handful that aren't.
We have seen over the last few years a whole host of CDLs
get issued to people that shouldn't have them, candidly. First,
they may not be here legally. They may not be able to speak or
understand English. They shouldn't be operating an 80,000-pound
heavy-duty truck, moving freight across the country.
Those standards and the relationship between the Federal
and State Government is absolutely essential to make sure that
all States are doing the same thing on those fundamentals.
Mr. Van Drew. If I was to ask you if Federal CDL and
English proficiency standards have been consistently enforced,
am I being fair when I say that some of the fatal crashes we
discussed today probably could have been prevented?
Mr. Spear. There is absolutely no question. Your opening
statement covered several crashes that we have also watched
very closely. A lot of the folks that you cited in those
actions, those drivers, were not able to speak English,
understand English, probably should never have been driving in
the first place. They were issued CDLs when they shouldn't have
had them. You don't want people like that behind the wheel of a
40-ton U.S. truck.
Mr. Van Drew. I would think. Thank you.
I am going to ask you a rapid-fire question here, and if
you agree we do need to do more, if you could catch up with us
and get information to me. What I am going to ask is, do you
believe, in the United States of America, we need to do
anything legislatively? Does Congress need to do something to
make us more safe and more secure? Very briefly. I am going to
ask all of you, so we have to go quickly.
Ms. de La Bruyere?
Ms. de La Bruyere. Yes, absolutely. First, a low-hanging
fruit stopping an unforced error is, with any Federal
incentives or procurement, having actually enforced stringent
restrictions on the ability of Chinese or Chinese-influenced
entities with clear rules of what those are to receive them.
Mr. Van Drew. I know you don't write bills, but if you
could get us that information, get it to my office and also to
the Committee, of what you saw, this bill gives us priorities
on that.
Mr. Cole?
Mr. Cole. Yes, Mr. Chair, I do believe Congress needs to
act in a few ways. First, I believe the United States Cyber
Command needs additional authorities to be able to operate at
the speed with which our adversaries are. I believe Congress
must do more legislatively to increase our resiliency against
cyberattacks.
To some degree, we have to assume that Nation-State
adversaries have already compromised our infrastructure, and
that means giving States the ability to more quickly respond to
threats as they emerge. That could mean additional funding or
clearer frameworks.
Finally, I agree with Ms. de La Bruyere that we should take
a legislative approach to data sovereignty as well.
Mr. Van Drew. Please get that to my office, both of you, as
quickly as you could. Thank you.
Mr. Spear?
Mr. Spear. On the English language proficiency, we would
advocate, for the American Trucking Associations, that Congress
fully codify English language proficiency for all drivers, that
all States should test for this consistently across the board.
This is a safety issue.
If you are operating a vehicle, you shouldn't be pulling a
U-turn on the Florida Turnpike. You should be able to
understand weather signs in, say, Wyoming. You need to
understand English. You need to be able to operate that
equipment safely around the motoring public.
Congress needs to codify this to ensure that all 50 States
abide by this and aren't just handing CDLs out carelessly to
people that shouldn't be driving a 40-ton truck.
Mr. Van Drew. Thank you. Please bring that to my office as
well.
Mr. Knake?
Mr. Knake. I would say the most important thing, from my
perspective, is to fill gaps in regulatory frameworks so that
we have comprehensive ability to oversee regulation in this
space.
Mr. Van Drew. Thank you. I will yield back the rest of my
time.
With that, I will yield to the Ranking Member of this
Committee, Ms. Jasmine Crockett.
Ms. Crockett. Thank you so much, Mr. Chair.
I will point out that being a bad driver doesn't
necessarily have anything to do with whether or not you can
speak English. I also will point out that I have had the
privilege, or maybe not so much the privilege, of driving in
multiple countries, and I was not required to get another
license. I was able to rent cars in other countries and drive
because some things are kind of universal. Frankly, if somebody
passes the test as it is laid out, then I think that this is
what it is. If we need to change the test, then we need to
change the test.
Nevertheless, one of the things that has become clear over
the past year is that this President can be bought. If you have
enough money, you can get favorable regulations from this White
House. You can get pardons, you can get contracts, and you can
get influence with this President, even if you have ties to a
foreign government, which the Justice Department has described
as--and I quote, ``a significant risk to U.S. national
security.''
We have already established that the Trump Administration
has shown a blatant disregard for our cybersecurity. In his
first month in office, the President dismantled nearly all of
the DHS' advisory committees that study major cyberattacks and
provide actionable recommendations to defend against those
attacks.
Mr. Knake, what role did these advisory committees play in
protecting our critical infrastructure? How does their
dissolution make us less safe?
Mr. Knake. Thank you, Ranking Member Crockett. Absolutely,
these committees were essential to establishing the mechanisms
for coordinating and collaborating on cybersecurity with our
industry partners. They were necessary but not sufficient. They
laid the groundwork for the real-time collaborative engagement
that has been emerging over the last five years.
We have gone from having just these discussions on policy
and risk and threat to actually working with government
agencies, with CISA, NSA, Cyber Command, and the FBI.
Ms. Crockett. If I am to understand you correctly, you
believe that they were necessary, but you believe that they
weren't even sufficient in their current form. If anything, you
believe that they should have been beefed up, not deleted,
correct?
Mr. Knake. There is absolutely a need to expand these
collaborative mechanisms with industry and to make them real
time and substantial. Yes.
Ms. Crockett. Now, I represent the State of Texas, which is
the largest exporting State in the country. Texas has 32
official ports of entry that serve as critical gateways to
global trade.
Mr. Knake, as you probably know, 80 percent of cranes at
U.S. ports are manufactured by a Chinese State-owned entity,
and the government has found communication devices embedded on
these cranes that could be used to track port activity and
enable cyber espionage. What concerns are raised when the
technology used inside a critical infrastructure system is
manufactured by a foreign adversary?
Mr. Raskin. In the case of these devices, what we are
talking about is an ability to both monitor and control and
disrupt the infrastructure, should it be in China's interest to
do so. It is an absolutely critical risk that we be able to
maintain our trade in the event that they feel they are
compelled to use that capability.
The focus here, in my view, needs to be retrofitted at this
point. We don't need to replace the steel that holds up the
cranes. We are certain that is pretty strong. What we need to
do is replace the electronics, rip and replace the electronics,
and operate them with trusted hardware and trusted software
that we know is not communicating back to China.
Ms. Crockett. The costs associated with operating
technology needed for critical infrastructure are increasing.
It doesn't help that the Trump Administration's policies are
partly responsible for the cost increase. However, States are
weighing the costs and availability of the technology they need
to operate and maintain their critical infrastructure. There
aren't domestic manufacturers for many of these necessary
machines, such as cargo ships or port cranes.
Let me ask you this. We did have the CHIPS and Science Act,
and my predecessor in Congress was actually the one that
ushered that through. That was to make sure that we could
manufacture more chips right here domestically.
It is so unfortunate because there were so many plans, and
there were so many that were saying, ``We are going to take
advantage of this bill and pull down on these dollars,'' and
now those plans have fallen by the wayside because of some of
the terrible tariff policies that currently are taking place.
It is harming us not only economically, but it is harming
us from a security standpoint. This was not fiscally
responsible policy that this administration has engaged in, but
it has also been very harmful to us domestically.
The last question is, so what solutions are there to
mitigate the risk posed by foreign technology and
infrastructure supply chains?
Mr. Knake. We badly need to make a government investment in
the retrofitting of these technologies. The markets simply are
not going to support this investment on their own, given that
these are national security risks, and no risks that are
necessarily going to be borne by shareholders of companies.
Ms. Crockett. Thank you so much for your time. I yield
back.
Mr. Van Drew. I thank the Ranking Member. I would just make
one minor point that, probably, when she was driving in those
foreign countries, she wasn't driving an 18-wheeler. I could
probably guarantee that.
Ms. Crockett. How do you know?
Mr. Van Drew. Well, I am hoping not. I couldn't even drive
one. The CDL requirements are much more specific and much
harder. Do you have an CDL? I don't have an CDL.
Ms. Crockett. I am just saying I may have.
Mr. Van Drew. You could. You could.
Ms. Crockett. I got a license to carry.
[Simultaneous speaking.]
Mr. Van Drew. Jasmine, so do I. So, do I. You never know.
With that, we have--the gentleman from Texas has a UC request.
Mr. Gill. I would like to ask for unanimous consent to
enter into the record this report, ``The Weaponization of CISA:
How a Cybersecurity Agency Colluded with Big Tech and
Disinformation Partners to Censor Americans.''
Mr. Van Drew. Without objection. I will ask the gentleman
to go forward and present testimony--questions.
Mr. Gill. Thank you, Mr. Chair for holding this hearing.
In 2016, the Obama-Biden Administration issued internal
guidance that weakened enforcement by discouraging roadside
interviews and out-of-service penalties, effectively nullifying
a core safety rule without changing the law.
Since that time, fatal truck crashes have increased, and
multiple deadly incidents have involved nondomiciled or non-
English-proficient drivers who should have never been licensed
or allowed to operate in the first place. In many cases, they
shouldn't have even been in this country in the first place.
The Trump Administration has moved to restore the rule of
law by rescinding the guidance, and even Democrat-led States
such as California couldn't hide the damage inflicted by the
radical Democrats' open-borders policies and revoked 17,000
commercial driver's licenses given to illegal aliens.
Thank you, witnesses, for taking the time to be here.
Mr. Spear, do you consider the Obama-Biden Administration
2016 rule guidance which discouraged out-of-service enforcement
for English proficiency failures to be a breakdown in
regulatory control over critical transportation sector?
Mr. Spear. I do. That decision cost lives. Respectfully,
Congresswoman Crockett, the accident that was cited in the
Chair's opening statement killed people because that driver did
not understand what he was doing. An 80,000-pound vehicle is
much different than a car. It does not stop on a dime. It
doesn't turn on a dime.
These are very heavy vehicles that need to have people
trained and skilled to operate them, and they need to
understand the language we speak. Here in America, that is
English. I have lived and worked in five continents, driven in
all five--Arabic, Chinese, you name it. You have to understand
that country's language to understand how to operate a vehicle.
It is for the safety of those around you.
That 2016 decision by the Obama Administration took the
lives of innocent people because it put people out on the road
behind the wheel of an 80,000-pound vehicle that should never
have been driving. We need stronger enforcement. That rule has
been in the books since the 1930s. It should be consistent no
matter what party you are for.
If you care about the safety of people driving in your
district, then this needs to be enforced in all 50 States
evenly. It is simply fundamental. There is absolutely no
compromise when it comes to safety. We don't hedge on any of
that.
I want to be very clear. We need to enforce it. It needs to
be done by every State. It needs to be done evenly. Yes, the
language does matter.
Mr. Gill. You are exactly right. It does cost lives. It
cost the life of the son of one of my constituents. A little
over two years ago, eight-year-old Barron Ritchey of Pilot
Point, Texas, was killed on I-35 near Hillsboro when a wheel
hub and tires broke off a semi and struck the Ritchey family's
SUV as his mother drove him home from a school trip.
The non-English speaking illegal alien Martin Monreal-
Alvarado had overstayed a B-1 visitor visa that expired six
months prior to the incident. Further, Monreal-Alvarado was a
party to RTD Carriers trucking company, an entity with an
abysmal Federal Motor Carrier Safety Administration record.
The RTD Carriers employed other foreign drivers, as well,
without valid work visas and sent Monreal-Alvarado on an
unlawful route beyond the U.S.-Mexico-Canada Agreement
commercial zone. The reality was that if even one of these
issues had been policed, Barron Ritchey would still be with us
today.
Mr. Spear, what can Congress do to confront unsafe carriers
such as RTD from closing and reopening under a new name,
reusing the same dangerous equipment and dangerous personnel?
Mr. Spear. Well, certainly, work with your colleagues in
the Transportation Infrastructure Committee to give the Federal
Motor Carrier Safety Administration at DOD the authority it
needs to clean up the registry. OK? We have people come on,
off, on, off. They have an accident; they come back on. They
change their name.
This system is broken. The Federal oversight and ability to
manage the motor carrier populace properly, safely, is broken.
Secretary Duffy understands that. They are going back to the
basics and enforcing the laws that you have given them. Where
there are shortfalls, you all in Congress need to step up and
give these agencies the power they need to have interstate
commerce standards applied equally in all States.
These are just fundamentals. When you take a test in a
State like California for a CDL, you need to be able to speak
English. You need to be here legally. You need to have training
to acquire the CDL, not some online one-day source, and you get
the CDL. This has got to be enforced. I look to Congress to
work with DOT to shore that up.
I can guarantee if you call over there now, they will give
you a list of things that we support that will help them ensure
that all States take steps forward to ensure that lives like
that are not lost.
Mr. Gill. I agree, Mr. Spear. Learn English or get out of
our country. Thank you for being here. I appreciate it.
Mr. Van Drew. I thank the gentleman from Texas. That
concludes today's hearing.
Ms. Crockett. Oh, I have got a UC. OK. ``DOGE employees
shared Social Security data.'' Court filings show employees
detailed to the Social Security Administration shared sensitive
data through a nonsecure server, the Justice Department
disclosed. This is from The New York Times, January 20, 2026.
My final one is Federal review finds 44 percent of U.S.
trucking schools don't comply with government rules. Nearly--
this is from December 1, 2025. This is the AP. It says nearly
44 percent of the 16,000 truck-driving schools in the U.S. may
be forced to close if they lose their students after a review
by the Federal Transportation Department found they may not be
complying with the government requirements. It did not say
anything about languages.
Mr. Van Drew. Without objection.
Ms. Crockett. OK. Now, I am good.
Mr. Van Drew. That concludes today's hearing. We thank our
witnesses for appearing before the Subcommittee today. I thank
you all. You did a great job. Looking forward to the
correspondence from all of you.
Without objection, all Members will have five legislative
days to submit additional written questions for the witnesses
or additional materials for the record.
Without objection, this hearing is adjourned.
[Whereupon, at 3:50 p.m., the Subcommittee was adjourned.]
All materials submitted for the record by Members of the
Subcommittee on Oversight can be found at: https://
docs.house.gov/Committee/Calendar/ByEvent.aspx?EventID=118875.
[all]