It could be a plot worthy of science fiction.
Rail industry groups fear you could be tracked by secret sensors on Metro trains if a Chinese company builds the transit agency’s new railcars.
"It sounds like a spy novel," Erik Olson, vice president of the Rail Security Alliance, said. The group of railcar, iron, and steel makers is rallying riders against CRRC Corp.
The fear is the Chinese state-run company could easily win the bid to build WMATA’s new 8000-series trains, planned to hit the rails in 2024.
On Tuesday, Metro's chief watchdog told a congressional hearing on Metro oversight that he is concerned about CRRC. WMATA Inspector General Geoffrey Cherrington said he has raised red flags with Metro management.
"Whenever a subway system runs undeath something particularly as critical as the nation’s capital -- the seat of power in the world and all of the targets here—we’re concerned it could be controlled by a third party or outside of the Metro system," Cherrington said.
Olson points to Chinese makers of smartphones, which have been banned from military bases. The Pentagon deemed that the devices could track troop positions, though phone makers insist otherwise.
"We know how government-run companies operate whether it’s ZTE or Huawei," Olson said. "When they’re making components and parts for The United States, they use them to spy."
Cybersecurity experts paint this picture: cameras on railcars -- typically used to keep you safe -- but instead used to recognize your face and track your commuting habits. They also think loopholes could be designed into train software -- allowing hacks of systems, such as automatic train control.
"It really scares me," retired Army Brigadier General John Adams said. Adams stresses the risks get even greater in Washington, where Metro transports one-third of the federal workforce, not to mention lawmakers and the military.
He penned an op-ed in the Washington Post this week.
"They’re a huge threat to our national security not only because they’re putting the equipment on our cars but because of the location," Adams said.
CRRC has become controversial in the transit industry by building trains at prices significantly lower than competitors, becoming the front-runner for manufacturing contracts. The company already has contracts for Chicago, Boston and Los Angeles public transit improvements.
Metro wants 256 new rail cars to replace its 40-year-old 2000 and 3000 series cars. WMATA is directing bidders to show how local companies and contractors will be used for at least 8% of the deal.
"We’re not sure even if you build them in the region with the parts coming from China that our cyber security is safe," Congresswoman Eleanor Holmes Norton of Washington, D.C. said.
Norton and four other local congressmen penned a letter to Metro leaders, asking the transit agency to consult with the Department of Defense and the Department of Homeland Security to assess each bid’s cybersecurity risks. Just last week, Norton proposed an amendment to a bill which would effectively block Metro from buying Chinese railcars.
"The only way we can know if we’re safe is to go to the federal agencies involved," Norton said. "We as a region would like to hear what they have to say."
Norton says Metro has not responded to her letter. Metro General Manager Paul Wiedefeld did respond to a similar letter by local members of the U.S. Senate.
Metro insists it does not take cybersecurity lightly. It follows federal standards laid out by NIST to combat multiple threats "with particular focus on supply chain security," a spokesperson for the transit agency said.
"WMATA is developing enhanced cybersecurity requirements and security standards certifications in its procurements, including -- but not limited to -- the 8000-series railcars," agency spokesperson said.
The transit agency said its request for proposal requires that all code be reviewed for vulnerabilities and that full penetration tests of the completed railcars be conducted by an independent, DoD-cleared third party.
"The decision to enhance cybersecurity requirements was made months ago as a result of Metro's own internal assessment and is not specific to the 8000-series railcars but applies broadly," Metro said.
Builder bids are due May 31. Chinese train opponents fear their chance to keep the area safe is quickly leaving the station.
"It’s not worth the extra cheaper dollar versus the security of Metro and its riders," Olson said.
Opponents organized a petition in hopes to block Metro from selecting rail cars built CRRC, which as of Monday night 85 people had signed.