US Government Announces Major Restrictions on Foreign-Made Wi-Fi Routers
In a significant move to bolster national security, US officials have unveiled sweeping new restrictions targeting foreign-manufactured Wi-Fi routers. The Federal Communications Commission (FCC) issued an alert on Monday, updating its 'covered list'—a registry of communications equipment and services deemed to pose potential risks to American networks.
National Security Concerns Drive the Decision
The FCC stated that this action aims to prevent foreign adversaries, including China and Russia, from accessing equipment used in millions of American homes and offices. According to an FCC FAQ, a router is classified as foreign-made if any key step in its production—such as manufacturing, assembly, design, or development—occurs outside the United States.
Brendan Carr, chairman of the FCC, emphasized the urgency of the measure, saying, 'I welcome this Executive Branch national security determination, and I am pleased that the FCC has now added foreign-produced routers, which were found to pose an unacceptable national security risk, to the FCC's Covered List.'
Impact on the US Router Market
This decision represents a major shake-up for the US Wi-Fi router market, where nearly every router sold nationwide is at least partially built overseas. Popular models from brands like TP-Link, Asus, and Netgear are included in this category. The move targets a global supply chain long dominated by manufacturers in China, Taiwan, and Vietnam, with China historically supplying about 60 percent of consumer-grade routers sold in the United States.
Foreign-made devices currently on store shelves can still be purchased, and routers already installed in homes remain fully usable. However, future imports of restricted equipment will face tighter controls. Officials stressed that there is no immediate threat to devices already in use, but the new restrictions aim to mitigate long-term risks.
Challenges for Internet Service Providers and Consumers
Scaling up production of fully US-made routers is expected to take time, which could pose challenges for internet service providers (ISPs) in supplying equipment to new customers. Consumers planning to switch providers may want to verify that their current router is compatible or ensure that replacement devices will be available without delays.
Background and Recent Cyberattacks
The action followed the FCC receiving a National Security Determination warning of the risks posed by routers manufactured abroad. The determination noted that cyberattacks by foreign adversaries are increasing, stating, 'Recently, malicious state and non-state sponsored cyber attackers have increasingly leveraged the vulnerabilities in small and home office routers produced abroad to carry out direct attacks against American civilians in their homes.'
It added that these attacks can disrupt network connectivity, enable local networking espionage, and lead to intellectual property theft. Several of these incidents were linked to hacking groups associated with China and Russia. The decision also follows several cyberattacks over the past two years targeting US infrastructure, which officials attributed to hackers from these countries.
In some cases, investigators found that routers used in Cisco systems, such as the RV340W, RV340, RV345, and RV345P models—commonly used in homes and small businesses and manufactured overseas—had been targeted for infiltration.
Other Items on the FCC's Covered List
In addition to the new router restrictions, the FCC's Covered List includes:
- Uncrewed aircraft systems produced abroad
- Anti-virus software developed by Kaspersky Labs
- Telecommunications services provided by China Unicom, Pacific Networks Corporation, and China Mobile International
- Surveillance equipment produced by Dahua Technology, Hytera Communications, ZTE Corporation, and Huawei Technologies
Some routers and networking equipment from these companies, such as China Unicom's 5G CPE VN007, have remained on the list for years despite partnerships with US-based firms.
Outliers and Future Implications
Elon Musk's Starlink remains an outlier among telecommunications companies, as it is one of the few major providers that has not fully outsourced router manufacturing overseas. However, many components used in its devices are still produced outside the US.
The FCC's determination concluded, 'Routers in the US must have trusted supply chains so we are not providing foreign actors with a built-in backdoor to American homes, businesses, critical infrastructure, and emergency services.' This move underscores the growing emphasis on cybersecurity and domestic production in critical technology sectors.
