Washington is investigating TP-Link, the most popular home internet router brand in the U.S., because of its links to recent cyberattacks. According to the Wall Street Journal, the Chinese company currently owns about 65% of the home and small business router market in the U.S.—up from 20% in 2019—and its products are also used by the Department of Defense and several other federal agencies, including NASA and the DEA.
Reports say three government bodies—the Department of Commerce, Department of Defense, and Department of Justice—have opened inquiries into TP-Link. The Commerce Department has already sent subpoenas to the company. Furthermore, some sources suggest that the White House could ban the popular router brand next year, especially as Donald Trump takes office in January with his aggressive trade policies.
The recent Salt Typhoon attacks on several U.S. telecommunications providers primarily targeted Cisco gear. Even so, this is one reason why the investigation against TP-Link is picking up steam. Microsoft reported that a Chinese hacking group uses an extensive network of compromised TP-Link routers to launch cyberattacks against Western targets. These targets include public and private entities, think tanks and contractors for the Department of Defense.
Earlier this month, Deputy National Security Advisor Anne Neuberger said the government was “looking to take action to mitigate risks to the supply chain within the telecommunications sector.” This investigation and potential ban of TP-Link is reminiscent of the 2019 move the Trump administration made against Huawei when the brand wasn’t just banned from selling its products in the U.S. Still, all of its hardware was removed from American infrastructure. Even today, the government is still spending billions of dollars to swap out legacy Huawei and ZTE equipment that some American telecommunications companies still use.
TP-Link is a popular router brand partly because of its low prices, which often undercut competitors like D-Link and Netgear by more than 50%. Many internet service providers also offer new subscribers TP-Link routers as a standard. Since most users are already satisfied with the included router, they often use it until it breaks or they change providers.
Nevertheless, the company hasn’t taken these accusations lying down. A company spokesperson said, “We welcome any opportunities to engage with the U.S. government to demonstrate that our security practices are fully in line with industry security standards and to demonstrate our ongoing commitment to the U.S. market, U.S. consumers and addressing U.S. national security risks.” TP-Link has even moved its headquarters to the U.S. to move the company away from China.
Despite the company's move away from its Chinese roots, the Chinese Embassy in Washington commented that the White House’s investigation and ban are intended to “suppress Chinese companies,” especially as TP-Link is currently dominating the home router market.
At the moment, the U.S. government has not released any evidence that TP-Link knowingly allowed its products to be used for Chinese state-sponsored cyberattacks. But if it does proceed with a ban on this popular brand, many American router manufacturers are ready to take advantage of the vacuum it will leave behind.
