US could ban best-selling TP-Link routers over national security concerns — TP-Link routers tied to Chinese government-backed cyberattacks

News
By
published

The most popular router brand in the U.S. is in trouble.

TP-Link Deco BE5000 Wi-Fi 7 mesh router
(Image credit: Tom's Hardware)

Washington is investigating TP-Link, the most popular home internet router brand in the U.S., because of its links to recent cyberattacks. According to the Wall Street Journal, the Chinese company currently owns about 65% of the home and small business router market in the U.S.—up from 20% in 2019—and its products are also used by the Department of Defense and several other federal agencies, including NASA and the DEA.

Reports say three government bodies—the Department of Commerce, Department of Defense, and Department of Justice—have opened inquiries into TP-Link. The Commerce Department has already sent subpoenas to the company. Furthermore, some sources suggest that the White House could ban the popular router brand next year, especially as Donald Trump takes office in January with his aggressive trade policies.

The recent Salt Typhoon attacks on several U.S. telecommunications providers primarily targeted Cisco gear. Even so, this is one reason why the investigation against TP-Link is picking up steam. Microsoft reported that a Chinese hacking group uses an extensive network of compromised TP-Link routers to launch cyberattacks against Western targets. These targets include public and private entities, think tanks and contractors for the Department of Defense.

Earlier this month, Deputy National Security Advisor Anne Neuberger said the government was “looking to take action to mitigate risks to the supply chain within the telecommunications sector.” This investigation and potential ban of TP-Link is reminiscent of the 2019 move the Trump administration made against Huawei when the brand wasn’t just banned from selling its products in the U.S. Still, all of its hardware was removed from American infrastructure. Even today, the government is still spending billions of dollars to swap out legacy Huawei and ZTE equipment that some American telecommunications companies still use.

TP-Link is a popular router brand partly because of its low prices, which often undercut competitors like D-Link and Netgear by more than 50%. Many internet service providers also offer new subscribers TP-Link routers as a standard. Since most users are already satisfied with the included router, they often use it until it breaks or they change providers.

Nevertheless, the company hasn’t taken these accusations lying down. A company spokesperson said, “We welcome any opportunities to engage with the U.S. government to demonstrate that our security practices are fully in line with industry security standards and to demonstrate our ongoing commitment to the U.S. market, U.S. consumers and addressing U.S. national security risks.” TP-Link has even moved its headquarters to the U.S. to move the company away from China.

Despite the company's move away from its Chinese roots, the Chinese Embassy in Washington commented that the White House’s investigation and ban are intended to “suppress Chinese companies,” especially as TP-Link is currently dominating the home router market.

At the moment, the U.S. government has not released any evidence that TP-Link knowingly allowed its products to be used for Chinese state-sponsored cyberattacks. But if it does proceed with a ban on this popular brand, many American router manufacturers are ready to take advantage of the vacuum it will leave behind.

See more Routers News
Jowi Morales
Jowi Morales
Contributing Writer

Jowi Morales is a tech enthusiast with years of experience working in the industry. He’s been writing with several tech publications since 2021, where he’s been interested in tech hardware and consumer electronics.

More about routers
Eero Pro 7

Eero launches new Wi-Fi 7 mesh routers starting at $169
Netgear Orbi 870

Netgear's Orbi 870 rounds out its premium Wi-Fi 7 mesh router family
Raspberry Pi

Maker builds Raspberry Pi-powered temperature gun using a Pico 2
See more latest
22 Comments Comment from the forums
  • JamesJones44
    I had no idea TP-Link had grown so much. Reviews of their equipment were typically so-so, I didn't think they had grabbed so much of the market.
    Reply
  • Notton
    This is reminiscent of the Windows vs. Apple vs. Linux and perceived vs. actual security.
    Are TP-link routers the target of attacks because they are popular, because they are easily exploited, or a mix of both?

    Can they be patched with OpenWRT or similar?
    Reply
  • TheSecondPower
    Because of TP Link's China roots, I don't buy any TP Link products, which is actually kind of hard. TP Link has the largest selection and the lowest prices. It's no surprise that it controls so much of the market today.
    Reply
  • bill001g
    It was not long ago asus also had a major flaw in there firmware. Even cisco commercial routers had issue. It might just be the media twisting things for clicks. I doubt the government uses cheap consumer grade equipment for anything that has actually national security concerns. Have to assume any device can have a software issue and is why good security design has mulitple layers and assumes no single device failure can bypass your security. The largest issue is still the humans not the technology.

    Huawei is a different issue they actually got caught sending call and location data back to china from the cell towers. This was a very long time ago and as big a deal as the government still makes about this I suspect is was much more than them accidentally leaving on some debugging code.
    Reply
  • thestryker
    Notton said:
    Can they be patched with OpenWRT or similar?
    Unfortunately this is usually entirely based on the SoC being used in the router.

    MediaTek based routers tend to be the only ones with good OpenWRT type support. They also tend to be late to the party for advanced wireless networking so aren't used in many of the higher end models. Broadcom is outright toxic to the open source community and Qualcomm isn't much better.

    While the information can generally be found companies don't tend to be transparent about what SoC they're using in their routers which makes it more difficult to know what you're buying.
    Reply
  • thestryker
    TheSecondPower said:
    Because of TP Link's China roots, I don't buy any TP Link products, which is actually kind of hard. TP Link has the largest selection and the lowest prices. It's no surprise that it controls so much of the market today.
    Pretty much all consumers routers are made in the same places these days so if there was a supply chain attack they'd all be vulnerable. That pretty much just leaves the possibility of compromised software. Due to the poor open source support for wireless hardware in general I made the leap to using pfsense so none of my wireless hardware is directly internet facing.
    Reply
  • bit_user
    TheSecondPower said:
    Because of TP Link's China roots, I don't buy any TP Link products,
    I would still buy their layer-2 switches, but just the "dumb" ones. Perhaps I should rethink even that policy, but it does seem like Chinese switches dominate the low end of that market quite decisively.

    Like you, I've been avoiding other networking gear from Chinese companies going on probably about a decade, now.
    Reply
  • bit_user
    bill001g said:
    Have to assume any device can have a software issue and is why good security design has mulitple layers and assumes no single device failure can bypass your security. The largest issue is still the humans not the technology.
    There's a big difference between a device having a vulnerability vs. a designed-in backdoor. If all of your equipment is potentially compromised, it's virtually impossible to build a secure network.

    Maybe Google's Zero-Trust approach is the only option left, at that point. However, lots of people and organizations use legacy devices and services which don't support such technologies. So, we do still need to care about getting devices from trusted manufacturers and we do still need to be vigilant about their vulnerabilities and any signs of compromise.
    Reply
  • DS426
    I'm thinking that they wouldn't get banned from consumer use, but for government and military agencies, yes, I'd be highly surprised at this point if they weren't.
    Reply
  • _Shatta_AD_
    Cisco, D-Link, Netgear, pretty much most of the major players in the networking world have been hacked or compromised before. So specifically singling out TP-Link because of their place of origin and using another national security veil to target a legit company just goes to show no matter what you do to try and satisfy US regulations and specs, you’ll never be out of the woods just because of where it’s started. Sounds pretty anticompetitive to me.
    Reply
Most Popular
Raspberry Pi
Maker builds Raspberry Pi-powered temperature gun using a Pico 2
Origin PC
Corsair guarantees defect-free RTX 50-series GPUs in its pre-built systems — reports only one instance of missing ROPs
Generic circuit diagram rendering
Firm says AI-assisted security analyzer found 16 bugs in OpenRISC CPU core in under 60 seconds
Raspberry Pi
This Raspberry Pi Snake console totally bites — in a good way
"One Smart AI Pen", currently launched for crowdfunding on Kickstarter.
Artificial Intelligence comes to smart pens, includes handwriting-to-text and ChatGPT
MacBook Air
Apple's MacBook Air gets M4, new color, and a lower price
Mac Studio
Apple debuts M3 Ultra in refreshed Mac Studio with up to 512GB memory
MSI GPU
Nvidia's shortages are limiting PC GPU market growth, looming tariffs also impacting sales
The new DOGE gaming PC
Photo of Elon Musk’s new gaming PC reveals odd component choices – is he rocking an RTX 4060?
Nvidia GeForce RTX 5070 Founders Edition
Nvidia RTX 5070 Founders Edition won't be available on launch day, coming 'later in March'