Listen to the article
The U.S. Federal Communications Commission has announced sweeping new restrictions on foreign-made internet routers, citing significant national security concerns about overseas supply chains exposing American networks to cyber threats. The agency is expanding its “covered list,” which will effectively prevent new foreign-manufactured routers from entering the U.S. market without rigorous security clearance.
Under the new regulations, routers must either be manufactured in the United States or pass a comprehensive national security review examining ownership structures, supply chains, and software controls before they can be sold domestically. The FCC defines equipment on this list as posing “an unacceptable risk to the national security of the United States or the safety and security of United States persons.”
While the ban applies broadly to foreign-made devices, it primarily targets Chinese-manufactured networking equipment. Industry estimates suggest that devices with significant Chinese supply chain connections currently account for the majority of home routers used across the United States.
“Malicious actors have exploited security gaps in foreign-made routers to attack American households, disrupt networks, enable espionage, and facilitate intellectual property theft,” the FCC stated, referencing multiple documented cases where such devices were weaponized in cyberattacks against U.S. infrastructure.
TP-Link, a prominent Chinese-founded router manufacturer and one of Amazon’s top-selling networking brands, has faced increasing scrutiny from Washington amid broader concerns about foreign-linked equipment. However, the manufacturing reality is more complex than many consumers realize.
An analysis of router manufacturing reveals that nearly all major router brands sold in the United States—even those marketed as American or allied products—rely extensively on Chinese manufacturing, engineering talent, or components. Companies that have ostensibly shifted production to countries like Vietnam often continue to depend on Chinese-owned manufacturers and engineering teams, leaving the fundamental supply chain vulnerabilities largely unchanged.
The risks associated with these supply chain dependencies have already manifested in real-world cyber operations. In 2023, the U.S. Department of Justice dismantled a network of hundreds of compromised American home and small-business routers that had been hijacked by Chinese state-backed hackers known as “Volt Typhoon.” The infected devices were used to conceal the origin of cyberattacks targeting critical U.S. infrastructure, allowing malicious traffic to appear as if it originated domestically.
The security implications are substantial. A single router typically connects dozens of devices inside a home or small business, including smartphones, laptops, security cameras, smart TVs, and baby monitors. A compromised device can provide attackers with visibility into network traffic and serve as a springboard for accessing connected systems or launching additional attacks.
U.S. officials report that the broader “Volt Typhoon” campaign targeted critical sectors including energy, water, telecommunications, and transportation—part of an effort to establish access that could potentially be activated to disrupt essential systems during a future conflict.
The FCC’s new restrictions represent the latest step in Washington’s broader push to reduce reliance on foreign—particularly Chinese-linked—technology across critical sectors. This initiative extends beyond routers to include telecommunications equipment, semiconductors, and various consumer applications.
Proponents of the policy argue it addresses longstanding supply chain vulnerabilities and reduces the potential for foreign adversaries to gain unauthorized access to U.S. networks. Critics, however, warn the rule could strain already challenged supply chains and increase consumer prices, given that most routers sold in the United States are currently manufactured overseas.
Importantly, the new restrictions do not apply to routers already legally purchased or currently in use. Companies can continue selling previously approved router models that are already in the U.S. market, but once existing inventory is depleted, new foreign-made models would be effectively blocked unless they successfully pass the national security review process.
Cybersecurity officials emphasize that the rule does not suggest that routers already in American homes are known to be compromised. However, they have long cautioned that outdated or unpatched devices can be vulnerable to exploitation and have previously been incorporated into larger botnet networks supporting cyberattacks against U.S. targets.
Fact Checker
Verify the accuracy of this article using The Disinformation Commission analysis and real-time sources.
11 Comments
While the focus on Chinese-made routers is understandable, I hope the review process is fair and objective for all foreign suppliers. Security should be the top priority, not just geopolitics.
Good point. A rigorous, impartial security review process is crucial to ensure the policy is effective and applied evenly.
Interesting development. I wonder how this will impact the router market and consumer options. Hopefully the new regulations strike the right balance between security and competition.
This move by the FCC aligns with growing concerns about the cybersecurity risks from China-linked tech components. Ensuring the integrity of US communications infrastructure is vital.
The security risks from foreign-made networking equipment are real. This policy seems like a prudent step to protect critical US infrastructure from potential compromise.
Agreed. Securing supply chains for sensitive communications technology is an essential national security priority.
This is a complex issue with geopolitical implications. I hope the FCC’s review process is transparent and grounded in objective security assessments, not just political considerations.
Securing critical communications infrastructure from cyber threats is vital. This FCC action seems like a reasonable step, though the details and implementation will be important to monitor.
This is an important move to address national security concerns around internet infrastructure. Supply chain risks from foreign-made equipment need to be carefully managed.
Agreed. Securing critical communications networks is essential for protecting US interests from cyber threats.
While I understand the national security rationale, I’m curious how this will impact consumers and small businesses who may rely on lower-cost foreign-made routers. Balancing security and affordability will be key.