While the headline is that foreign-made consumer routers are banned, manufacturers can apply for exemptions. There’s no need to throw out your router, and you’ll still find plenty of mesh systems on the store shelves. But what does this mean for you?
Why Are Foreign-Made Routers Banned?
“Malicious actors have exploited security gaps in foreign-made routers to attack American households, disrupt networks, enable espionage, and facilitate intellectual property theft,” the FCC wrote. “Foreign-made routers were also involved in the Volt, Flax, and Salt Typhoon cyberattacks targeting vital US infrastructure.”
Foreign-made consumer routers were added to the Covered List, which details equipment and services “deemed to pose an unacceptable risk to the national security of the United States.”
Bogdan Botezatu, director of Threat Research at cybersecurity firm Bitdefender, says this ban is a step to harden the cybersecurity readiness of US households, given ongoing geopolitical tensions.
“Consumer routers sit at the edge of every home network, which makes them an attractive target and a strategic risk if compromised at scale,” he says. Asked whether he thinks the risk is real, Botezatu says the risk is real, though there’s no easy way to prove intent. “[Internet of Things] devices, including routers, are a weak point across the internet.”
Which Routers Are Banned?
The ban only affects the sale of new Wi-Fi routers aimed at consumer households. The ban does not apply to existing FCC-approved routers on sale in the US. Previously purchased routers already in use in homes across the country are also fine and are not part of the ban, according to the FCC’s FAQ. These routers can continue to be sold, used, and updated with new firmware.
Any new router manufactured outside the US now requires FCC approval before it can be imported, marketed, or sold in the US. This includes routers from US companies that are manufactured overseas, which is the vast majority of the market right now.
What Does Foreign-Made Mean?
This is decidedly murky. The ban is concerned with “consumer-grade” routers and could include any that are designed or manufactured outside the US or manufactured by companies that are not completely US-owned and operated. All the major players in the market, including Netgear, TP-Link, Asus, Amazon’s Eero, Google’s Nest, Synology, Linksys, and Ubiquiti, fall under the definition. As do most, if not all, of the routers supplied by internet service providers in the US.
Just like the recent federal drone ban, the router only applies only to new routers, but manufacturers can apply for Conditional Approval from the Department of Defense and the Department of Homeland Security. Applications must include details about ownership, board membership, and country of origin for components, IP ownership, design, assembly, and firmware, among other things. The final section requests details of the applicant’s US manufacturing and onshoring plan, so there’s a clear push to persuade companies to commit to making their routers in the US.
“No routers or manufacturers have been granted a Conditional Approval so far, but as the process gets underway, we expect approvals to be granted in a timely manner,” an FCC spokesperson tells WIRED.
What About Foreign-Made Components?
Well, the FCC provides some clarification in its FAQ (“covered” here means banned):
“Non-‘covered’ devices do not become ‘covered’ simply because they contain a ‘covered’ component part, unless the ‘covered’ component part is a modular transmitter under the FCC’s rules,” it says. “Therefore, a router produced in the United States is not considered ‘covered’ equipment solely because it contains one or more foreign-made components.”
Manufacturers importing components from China but assembling them in the US will presumably be OK, though it’s far from clear. “Applicants will need to be able to have sufficient evidence that the routers were not produced in a foreign country to make this certification, but there is no specific documentation or evidence required,” according to the FCC.
Let’s look at the big three US router brands and see how they’re affected.
Will TP-Link Be Banned?
Since all of its routers are made overseas, TP-Link will have to apply for Conditional Approval or spin up manufacturing in the US to sell any new routers. Estimates vary, but TP-Link’s US consumer router market share is somewhere around 35 percent, with Netgear and Asus accounting for another 25 percent or so.
The US Commerce, Defense, and Justice departments have reportedly been investigating and considering a ban on TP-Link routers for more than a year over concerns about the company’s links to China. No ban has been enacted until now, but Texas attorney general Ken Paxton sued TP-Link in February, claiming the company allows the Chinese Communist Party to access American consumers’ devices. Detractors have also criticized perceived predatory pricing, claiming TP-Link flooded the US market with a wide range of affordable routers to establish dominance.
TP-Link has repeatedly denied any wrongdoing and claims it has divested from its Chinese roots and is now headquartered in the US with the bulk of manufacturing in Vietnam. TP-Link’s cofounder and CEO, Jeffrey Chao, recently applied for permanent US residency through President Trump’s Gold Card program, according to the Times of India.
“Virtually all routers are made outside the United States, including those produced by US-based companies like TP-Link, which manufactures its products in Vietnam,” a spokesperson from TP-Link tells WIRED. “It appears that the entire router industry will be impacted by the FCC’s announcement concerning new devices not previously authorized by the FCC.”
TP-Link is a privately owned company and not publicly listed on any stock exchange. Chao and his wife, Hillary, are listed as the company’s sole owners.
Will Netgear Be Banned?
While it is a US-founded and headquartered company, Netgear’s routers are manufactured abroad, mostly in Vietnam, Thailand, Indonesia, and Taiwan, so it will have to apply for Conditional Approval. The company has moved away from China in recent years. Netgear has been lobbying the government on “cybersecurity and strategic competition with China.”
“We commend the administration and the FCC for their action toward a safer digital future for Americans,” a Netgear spokesperson tells WIRED. “Home routers and mesh systems are critical to national security and consumer protection, and today’s decision is a step forward.”
Netgear is a publicly traded company on the Nasdaq, mostly owned by institutional investors, including BlackRock and Vanguard. The company’s stock rose on news of the ban, suggesting that many investors believe it won’t be hit too hard.
Will Asus Be Banned?
Asus primarily makes its routers in Taiwan, though it has production facilities in China and works with several third-party manufacturers. Recent tariff pressures led the company to branch out to Thailand, Vietnam, Indonesia, Mexico, and the Czech Republic, but the bulk of its routers still come from Taiwan or China. Asus will have to apply for Conditional Approval to sell new routers. The company did not respond to WIRED’s request for comment.
The company is listed on the Taiwanese Stock Exchange and is mostly owned by public shareholders. The ban doesn’t appear to have impacted its stock price.
Are Any Routers Manufactured in the US?
The only routers I know of that are manufactured in the US are some Starlink Wi-Fi routers, which are primarily made in Texas. Starlink is part of Elon Musk’s SpaceX company, but many of the components in these routers come from East Asia.
Botezatu says what matters more than geography is the security model behind the product. Companies that invest in “long-term firmware support, vulnerabilitgy management, and built-in protection layers” offer stronger security.
How Will the Router Ban Impact Ordinary Folks?
It’s not entirely clear, but it probably won’t have a huge immediate impact. There is already a wide range of Wi-Fi 7 routers and mesh systems on the market that will continue to be sold—they enable speeds well in excess of what most people need at home. Whether companies spin up manufacturing in the US or find other ways to satisfy government agencies that their wares are not a security risk, the result is likely to be higher prices for consumers.
“This ruling has the potential to significantly disrupt the US consumer router market,” Brandon Butler, a research manager of Network Infrastructure and Services at IDC tells WIRED. “In the near term, much will depend on how quickly conditional waivers are processed. Most vendors are likely to pursue them, but any delays could constrain supply and create upward pressure on pricing.”
If you haven’t upgraded to the latest Wi-Fi 7 standard, now might be a good time to do it. But it’s worth keeping in mind what you’re buying. Botezatu says consumers should “stick with reputable manufacturers that have a track record of issuing updates and maintaining their devices. Check that your router is still supported and runing the latest firmware.”
Unanswered Questions
The ban does leave several unanswered questions. Why is it being applied only to consumer routers? Which routers or manufacturers will be granted a Conditional Approval? Why are the foreign-made routers currently on sale and in our homes deemed safe? The FCC did not address these questions.
You must be logged in to post a comment Login