The inquiries include allegations that TP-Link routers, widely used in homes and small businesses, may have been exploited in cyberattacks
The U.S. government is weighing a potential ban on TP-Link routers starting next year, citing concerns over their involvement in cyberattacks and potential national security risks. This follows ongoing investigations by the Departments of Justice, Commerce, and Defense, according to a report by The Wall Street Journal (WSJ).
Focus Of Investigations
The inquiries include allegations that TP-Link routers, widely used in homes and small businesses, may have been exploited in cyberattacks. One office within the Commerce Department has already subpoenaed the company for more information.
Additionally, the Department of Justice (DOJ) is reportedly probing TP-Link’s market dominance in the U.S., which has grown to approximately 65 per cent in the small office and home office (SOHO) router segment. Investigators are questioning whether this market share was achieved through pricing strategies that involve selling devices below manufacturing costs.
Widespread Use Across U.S. Networks
Over 300 U.S. internet service providers currently issue TP-Link routers as standard equipment for home internet users. Moreover, TP-Link devices have reportedly found their way into the networks of government agencies such as the Department of Defense, NASA, and the Drug Enforcement Administration (DEA).
In response to the scrutiny, a spokesperson for TP-Link’s U.S. subsidiary told the WSJ:
“We welcome any opportunities to engage with the U.S. government to demonstrate that our security practices are fully in line with industry security standards, and to demonstrate our ongoing commitment to the U.S. market, U.S. consumers, and addressing U.S. national security risks.”
Microsoft’s Report On Botnet Exploitation
The investigations follow a Microsoft report in October that identified a botnet, known as Quad7 or CovertNetwork-1658, predominantly comprising hacked TP-Link SOHO routers. The botnet, operated by Chinese threat actors, has been used in password-spraying attacks to gain unauthorised access to systems.
“Microsoft assesses that multiple Chinese threat actors use the credentials acquired from CovertNetwork-1658 password spray operations to perform computer network exploitation (CNE) activities,” the company noted.
Broader U.S. Measures Against Chinese Technology
The potential TP-Link ban comes as part of a larger crackdown by the U.S. government on Chinese technology companies over national security concerns.
Earlier this week, the New York Times reported that the Biden administration is moving to ban the last remaining U.S. operations of China Telecom. This follows accusations of Chinese state-sponsored hackers breaching multiple U.S. telecom networks.
In a series of measures since 2022, the Federal Communications Commission (FCC) has revoked the licences of several Chinese firms, including Huawei and ZTE, over “unacceptable risks to national security.” The FCC has also prohibited the sale of equipment from companies such as Hikvision and Dahua Technology for similar reasons.
What’s Next?
If the investigations substantiate concerns about TP-Link routers, the U.S. government may enforce a ban that could reshape the SOHO router market. Such a move would likely have significant implications for internet service providers, government agencies, and consumers relying on these devices.
As the situation unfolds, TP-Link’s ability to address U.S. government concerns will be crucial in determining its future in the American market.
