Support NeoGAF

[winjer]

US bans foreign-made routers from entering domestic market

The United States government has introduced a new regulatory policy that restricts the sale of routers designed and manufactured outside the country, citing national security and supply chain concerns. The Federal Communications Commission (FCC) confirmed that new router models originating from foreign development will no longer receive certification required for sale in the U.S. market. The decision does not impact existing products. Routers already approved, sold, or currently in use will remain unaffected, ensuring continuity for consumers and businesses. The restriction applies strictly to new devices entering the market. This means retailers can continue selling current inventory, while users can keep operating their installed hardware without disruption.

Rather than targeting specific brands, the FCC has defined compliance based on design origin. Routers designed within the United States may still qualify for certification, even if manufacturing takes place overseas. This creates a distinction between development and production, allowing some global manufacturers to adapt their workflows to meet regulatory requirements.

However, the policy introduces a level of ambiguity. Companies must self-declare compliance during the certification process, raising questions about how strictly these rules will be enforced. Vendors with established U.S.-based design operations are expected to remain active in the market, while others that rely on overseas development could face barriers.

The FCC justifies the move as part of a broader national security strategy. According to the agency, foreign-controlled supply chains could introduce vulnerabilities capable of disrupting critical infrastructure, economic systems, and defense operations. By limiting the entry of such hardware, the government aims to reduce exposure to potential cybersecurity threats.

The long-term impact on product availability remains uncertain. Depending on how manufacturers respond, the range of routers available in the U.S. market could shift significantly. For now, the policy signals a clear direction: tighter control over networking hardware as part of a wider effort to secure digital infrastructure.

Source: FCC

I guess the FCC found a lot of spyware on Chinese routers.

 

[spons]

Receipts please. Still waiting for proof on the whole Huawei fiasco. "Yeah they spy for the Chinese government. What? Data that supports that claim? Well you just have to believe us". Well I don't.

 

[Baemono]

Receipts please. Still waiting for proof on the whole Huawei fiasco. "Yeah they spy for the Chinese government. What? Data that supports that claim? Well you just have to believe us". Well I don't.

I thought it was proven since, European countries also stopped using Huawei products due to that.

 

[LyricalShrike]

I thought it was proven since, European countries also stopped using Huawei products due to that.

Combo. Spyware firmware was uncovered that sent data back to china every few days. The devices are also riddled with bugs and vulnerabilities which may be been left there intentionally to facilitate spying later.

 

[Pejo]

US bans foreign-made routers from entering domestic market

I guess the FCC found a lot of spyware on Chinese routers.

I hope they officially publish their findings. I'd like to see exactly what they found and how bad it is.

There was a "Determination" document but it just gave more generalizations without getting into anything technical.

*edit*

I guess this part is kinda relevant:

Unsecure and foreign-produced routers are prime targets for attackers and have been used inmultiple recent cyberattacks to enable hackers to gain access to networks and use them aslaunching pads to compromise critical infrastructure. The Cybersecurity and InfrastructureAgency has labeled edge networking devices, including routers, as the "attack-vector of choice"for hackers and cybercriminals.10 In Salt Typhoon attacks, state-sponsored cyber threat actorsleveraged compromised and foreign-produced routers to jump to embed and gain long termaccess to certain networks and pivot to others depending on their target.11 As CISA wrote in aSeptember 2025 Cybersecurity Advisory, Advanced Persistent Threat (APT) actors are"modifying router configurations for lateral movement pivoting between networks and usingvirtualized containers on network devices to evade detection."12 This allows APTs to find andtarget critical networks such as telecommunications, government, transportation, lodging, andmilitary infrastructure networks.

Additionally, in September 2024, the Federal Bureau of Investigation (FBI), Cyber NationalMission Force (CNMF), and National Security Agency (NSA) published a joint cybersecurityassessment outlining how cyber actors have compromised foreign-produced routers to create "anetwork of compromised nodes (a "botnet") positioned for malicious activity. The actors maythen use the botnet as a proxy to conceal their identities while deploying distributed denial ofservice (DDoS) attacks or compromising targeted U.S. networks."13 Unsecure foreign-producedrouters in homes and American businesses are enabling hackers to create massive networks thatcan be leveraged to carry out password spraying, unauthorized network access, and act as proxiesfor espionage.

 

[The Cockatrice]

Chinese spying on Americans: no way, ban this trash!
Americans spying on Americans and selling the data to Chinese: FUCK YEAH MURICA!

 

[Unknown Soldier]

The part these Average Media headlines are leaving out is that there is a standard process where manufacturers whose routers are found to not contain Chinese spyware or mysteriously excessive vulnerabilities are exempted from the blanket ban

So basically almost all companies not named TP Link will be exempted soon enough. That's what this is really about, since TP Link routers are always filled with unpatched vulnerabilities for some reason and they have been undercutting every other company to snatch market share. Something like 30-40% of all routers sold on Amazon are TP Link branded now. If it's not a Chinese government attempt to fill the US with routers they can take control of and insert spyware or just disable during a war between the two countries, I don't know what is

 

[Unknown?]

Never use default firmware on a router. It's trash. Open-WRT or DD-WRT are the only way to go. Also don't leave your default address at 198.162.0.1 or similar default IP addresses.

 

[spookyfish]

Chinese spying on Americans: no way, ban this trash!
Americans spying on Americans and selling the data to Chinese: FUCK YEAH MURICA!

Seriously. Can we do something about "American" companies next, please?

 

[nush]

FCC can't control online sales from Temu. They can make Walmart show certs so it's not as effective as "You're banned". Tik Tok, drones or whatever are still sending data back to China.

 

[YCoCg]

Chinese spying on Americans: no way, ban this trash!
Americans spying on Americans and selling the data to Chinese: FUCK YEAH MURICA!

Of course that's allowed, the money stays in America that way! Support Local Spying Agencies!

 

[AJUMP23]

So much for TP Link.


Chinese Routers are well known for back doors and their phones have been banned for gov employees for a long time. I also think they send data back to the "home office" and monitor users traffic. I don't buy Chinese equipment like that.

 

[Pagusas]

I thought this bad was immediate? You can still buy Asus routers on amazon.

Edit: NVM, just read it fully, it only effects NEW routers, preexisting and approved models can still be sold

 

[DeepEnigma]

I thought it was proven since, European countries also stopped using Huawei products due to that.

 

[MayauMiao]

Sound more like market protectionism.

 

[terintamel]

So much for TP Link.


Chinese Routers are well known for back doors and their phones have been banned for gov employees for a long time. I also think they send data back to the "home office" and monitor users traffic. I don't buy Chinese equipment like that.

This is not just going to affect 'Chinese' routers. As of 2026 there are ZERO wifi routers that are made in the USA. USA assembled does NOT count. If you also read the order, even if one component is made outside of the USA it is banned. Does not matter if the parent company is USA owned and operated or not.

Also any existing routers that you may have will not be allowed to even get firmware updates past 2027, so to make us more secure your existing equipment won't even get patches to fix any security holes.

Banning certain foreign owned companies from selling routers without DHS/FCC vetting is understandable. Banning anything and everything not made in the USA is stupid and capricious.

 

[terintamel]

I thought this bad was immediate? You can still buy Asus routers on amazon.

Edit: NVM, just read it fully, it only effects NEW routers, preexisting and approved models can still be sold

Did you miss where existing models cannot get new fimware updates past 2027 without approval?

 

[adamsapple]

Is the ban retroactive? That's probably gonna make a vast majority of routers in the US redundant if so.

 

[Pagusas]

Did you miss where existing models cannot get new fimware updates past 2027 without approval?

Didn't miss it, just wasn't relevant to what I was speaking of at the time. I also recognise Merlin will take care of Asus firmware via unofficial means, so not worried about that for the time being.

 

[Bojji]

Aren't all routers made in China?

 

[terintamel]

The part these Average Media headlines are leaving out is that there is a standard process where manufacturers whose routers are found to not contain Chinese spyware or mysteriously excessive vulnerabilities are exempted from the blanket ban

So basically almost all companies not named TP Link will be exempted soon enough. That's what this is really about, since TP Link routers are always filled with unpatched vulnerabilities for some reason and they have been undercutting every other company to snatch market share. Something like 30-40% of all routers sold on Amazon are TP Link branded now. If it's not a Chinese government attempt to fill the US with routers they can take control of and insert spyware or just disable during a war between the two countries, I don't know what is

TP-link is not more or less secure than other router brands. They just have larger market share so they are a bigger target for hackers. Just like Windows vs Mac. Mac can get viruses but due to their smaller market share and since most business use Windows, Windows will be the primary attack vector.

FCC bans import of new consumer routers not made in the US over security threat — agency says foreign-made devices pose ‘unacceptable risk’ to US persons

This could affect nearly every major router brand

www.tomshardware.com

While this might match the context of increasing instability in global geopolitics, it does not specifically address the weakness found in many consumer Wi-Fi routers. Although TP-Link was widely used in recent cyberattacks, cybersecurity experts told CNET that this was because of its ubiquity in the market, and that the exploited vulnerabilities were also present on routers made by American companies. In fact, the U.S. government itself said that the Salt Typhoon attacks often targeted Cisco hardware. Still, this did not deter the Department of Commerce from investigating TP-Link over its close ties to China.

 

[AJUMP23]

Aren't all routers made in China?

Electronic components are made in China and Taiwan, and other Asian countries. Not just China. China is a major player though.