US bans foreign-made internet routers citing cybersecurity and espionage risks

The United States has moved to ban new foreign-made consumer internet routers, citing mounting national security concerns over cyber vulnerabilities and potential espionage risks.

The decision, announced by the Federal Communications Commission (FCC), adds consumer-grade routers manufactured outside the US to its list of restricted equipment, placing them alongside foreign-made drones, which were banned last year.

The move does not affect routers already in use but applies to all new device models entering the market. Any router built overseas will now require explicit approval before it can be imported, marketed or sold in the US.

Regulators say the decision reflects growing evidence that internet routers, which sit at the heart of home and business networks — have become a key entry point for cyberattacks.

“Malicious actors have exploited security gaps in foreign-made routers to attack American households, disrupt networks, enable espionage, and facilitate intellectual property theft,” the FCC said.

The agency pointed to a series of cyber incidents between 2024 and 2025, known as Volt, Flax and Salt Typhoon, in which compromised networking equipment was allegedly used to target US infrastructure. Investigations by US authorities have linked the attacks to actors associated with the Chinese government.

Under the new framework, manufacturers producing routers outside the US must apply for conditional approval. This process will require companies to disclose foreign ownership or influence and outline plans to shift production to the United States.

Exemptions may be granted in limited cases if equipment is cleared by national security bodies such as the Department of Defense or Department of Homeland Security, although no specific devices have yet been approved.

The ban applies regardless of where a product is designed, meaning even US-based brands that manufacture abroad will be affected.

The decision has significant implications for the global electronics supply chain. The vast majority of consumer routers are currently produced outside the US, particularly in China and Taiwan.

Popular brands such as TP-Link, a major global supplier, have already faced scrutiny amid concerns over cybersecurity vulnerabilities. Even US companies like Netgear, which manufacture overseas, may need to adapt their supply chains to comply with the new rules.

One notable exception is the WiFi router produced by SpaceX’s Starlink service, which the company says is manufactured in Texas.

The move is the latest step in a broader effort by the US to reduce reliance on foreign-made technology deemed critical to national infrastructure. It reflects a growing emphasis on supply chain security and domestic production, particularly in sectors linked to communications, defence and data.

Analysts say the policy could accelerate a wider decoupling in global technology markets, as governments increasingly prioritise security over cost efficiency.

For consumers and businesses, the immediate impact may be limited, but over time the shift could reshape pricing, availability and innovation in networking equipment.

As cybersecurity threats continue to evolve, the US government’s message is clear: devices at the core of digital infrastructure are now considered strategic assets, and their origin matters.

Amy Ingham

Amy is a newly qualified journalist specialising in business journalism at Business Matters with responsibility for news content for what is now the UK’s largest print and online source of current business news.

Advertisement