The U.S. government is weighing a potential ban on TP-Link routers starting next year, pending the results of ongoing investigations into their alleged involvement in cyberattacks that could pose national security risks.
According to a Wall Street Journal report, the Departments of Justice, Commerce, and Defense are examining whether TP-Link devices have been exploited in cyberattacks. The Commerce Department has reportedly issued subpoenas as part of the investigation.
TP-Link currently dominates the U.S. small office and home office (SOHO) router market, accounting for approximately 65% of sales. The DOJ is also probing whether this growth has been artificially driven by selling devices below manufacturing costs, a practice that could undermine competition.
Over 300 U.S. internet service providers supply TP-Link routers as default devices for home users. Additionally, these routers are reportedly used on networks operated by government entities, including the Department of Defense, NASA, and the DEA.
A TP-Link U.S. spokesperson told the WSJ, “We welcome opportunities to engage with the U.S. government to demonstrate that our security practices align with industry standards and show our commitment to addressing national security concerns.”
Tied to Cyberattacks
The scrutiny intensified after a Microsoft report in October linked TP-Link routers to a botnet, known as Quad7, CovertNetwork-1658, or xlogin, largely operated by Chinese threat actors. Microsoft found that TP-Link devices made up the bulk of the compromised routers in this network.
Microsoft’s analysis revealed that Chinese cybercriminals used credentials acquired from these botnet-driven password spray attacks to carry out computer network exploitation (CNE) activities, raising alarms about the devices’ vulnerabilities.
Broader Actions Against Chinese Tech
This investigation aligns with the Biden administration’s broader crackdown on Chinese technology firms over security concerns. Earlier this week, the New York Times reported that the administration plans to ban China Telecom’s remaining U.S. operations after Chinese state hackers breached several U.S. telecom networks.
The Federal Communications Commission (FCC) has already banned sales of equipment from companies like Huawei, ZTE, and Dahua Technology, citing “unacceptable risks to national security.” In June 2020, the FCC designated Huawei and ZTE as official threats to the integrity of U.S. communications infrastructure.
