Key Points
- U.S. authorities are investigating TP-Link routers for links to China-backed cyberattacks.
- The Commerce, Justice, and Defense departments are conducting separate probes.
- TP-Link holds 65% of the U.S. small business and home router market.
- A ban on TP-Link routers could be the largest telecom equipment removal since Huawei in 2019.
U.S. authorities are investigating TP-Link’s routers over their alleged connection to China-backed cyberattacks. According to the Wall Street Journal, the Commerce, Justice, and Defense departments are conducting separate probes, with the Commerce Department reportedly subpoenaing the company. These investigations could lead to a potential ban on TP-Link routers as early as next year.
The investigations stem from a wave of cyberattacks reported in September. During these attacks, Chinese hackers allegedly exploited vulnerabilities in TP-Link routers to target U.S. government organizations, Defense Department suppliers, non-government organizations, and think tanks. The routers, widely used by small businesses and homes in the U.S., are also employed by critical entities such as the Department of Defense and NASA.
TP-Link has been scrutinized for reportedly shipping devices with significant security flaws. The company holds approximately 65% of the U.S. market share for small businesses and home routers. Sources have indicated that the company has been slow to address these vulnerabilities and has not actively collaborated with the cybersecurity community to resolve these issues.
In response, a TP-Link spokesperson stated, “We welcome any opportunities to engage with the U.S. government to demonstrate that our security practices are fully in line with industry security standards, and to demonstrate our ongoing commitment to the U.S. market, U.S. consumers, and addressing U.S. national security risks.”
A ban on TP-Link routers would mark the most significant removal of Chinese telecom equipment in the U.S. since the Huawei ban in 2019. Such a move could disrupt the router market and force many organizations and households to transition to alternative solutions.
As the investigations continue, the case underscores broader concerns about the security of telecommunications infrastructure and potential foreign influence on critical U.S. systems. The outcome could set a precedent for how similar cases are handled.
