The U.S. government is intensifying its scrutiny of Chinese-manufactured TP-Link routers, which dominate the market for home and small-business networks. Amid rising concerns about cyberattacks, officials are investigating whether these devices pose a national security threat. The Departments of Commerce, Justice, and Defense are considering banning TP-Link router sales in the U.S., which could disrupt millions of households and businesses reliant on these routers for internet access.
Cybersecurity Risks Linked to TP-Link
The potential ban follows alarming findings from Microsoft. In October 2024, Microsoft revealed that a Chinese hacking operation, CovertNetwork-1658, exploited TP-Link routers’ vulnerabilities to create a compromised device network. This network has been linked to password spray attacks that targeted Microsoft customers in North America and Europe. These attacks allowed Chinese threat actors to steal credentials and infiltrate sensitive systems.
According to Microsoft, TP-Link routers have been exploited to gain remote code execution, enabling hackers to control these devices remotely. This vulnerability has jeopardized individual users and small businesses relying on TP-Link’s affordable solutions.
A Broader Pattern of Cyber Espionage
This investigation into TP-Link is part of a more significant U.S. effort to counter pervasive Chinese cyber espionage. Earlier warnings from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) highlighted the scale and sophistication of Chinese hacking efforts. From targeting critical infrastructure like water plants and energy grids to compromising telecommunications networks in the Salt Typhoon operation, Chinese actors have demonstrated a significant capacity for digital espionage.
FBI Director Christopher Wray has repeatedly emphasized the scale of the threat, noting that Chinese hackers outnumber FBI cyber personnel by at least 50-to-1. Despite years of warnings, experts argue that the U.S. has been slow to act, allowing vulnerabilities to compound over decades of reliance on Chinese technology.
Impact on the Router Market
According to data from Lansweeper, TP-Link currently holds a 12% share of the U.S. home Wi-Fi router market. The potential ban could leave internet providers and consumers scrambling for alternatives. The outcome of the ongoing investigation could reshape the networking hardware landscape in the U.S.
Congress Steps Up on Broader Telecom Threats
In parallel, Congress has allocated $3 billion for a “rip-and-replace” program targeting Chinese telecom giants Huawei and ZTE. This program aims to remove their equipment from rural telecommunications networks years after both companies were identified as national security risks.
The move follows international efforts led by the U.S. to block Huawei and ZTE from 5G networks, with American allies warned that failure to comply could jeopardize intelligence-sharing agreements.
Protecting Against Future Threats
As investigations into TP-Link progress, U.S. cybersecurity agencies urge individuals and businesses to take immediate protective measures. Recommendations include switching to encrypted communication platforms, adopting hardware-based security keys for authentication, and using password managers to strengthen account security.
With digital threats growing more sophisticated, the U.S. faces a critical juncture in addressing vulnerabilities in its technology supply chain. Whether through banning compromised hardware or fortifying cyber defenses, these actions underscore the urgency of securing the nation’s digital infrastructure.