FCC Ban on Foreign-Produced Routers Targets Chinese Firms Tied to Cybersecurity Risks

The United States is pushing Chinese-produced routers off the shelf and onto a watchlist.

On March 23, the Federal Communications Commission (FCC) banned all foreign-produced routers from entering the United States, a sweeping restriction that predominantly targets Chinese firms such as TP-Link, which currently holds a large share of the U.S. consumer market.

The FCC’s efforts, if managed properly to prevent significant long-term supply chain disruptions, may be the first step in constructing a more secure supply chain for critical communications equipment.

Ban May Allow for Potential Whitelisting of Secure Firms

The FCC’s action bans the sale of all commercial routers produced outside of the United States by adding such products to its Covered List, a move typically reserved for specific firms that pose an explicit national security risk, such as the Chinese telecommunications firm Huawei. FCC Chair Brendan Carr, however, defended the decision by citing a March 20 interagency report that concluded that all foreign-produced routers pose a threat to the United States. The move also follows similar FCC actions against entire classes of foreign-produced components, such as video and communications equipment used in drone systems.  

Meanwhile, the listing provides a process for foreign firms to secure an exception to the ban by allowing the Department of Homeland Security or the Department of Defense to certify that their products do not contain security vulnerabilities before being allowed to enter the American market. However, it remains unclear whether any foreign firms have yet applied to the FCC for a reprieve from the listing. 

Chinese Routers Pose a Persistent National Security Threat

Even though TP-Link is one of the largest suppliers of router equipment in America, numerous U.S. investigations of the firm have occurred over the past two years. For example, an August 2024 congressional inquiry claimed that Chinese-linked hackers had specifically targeted TP-Link routers due to their “unusual degree of vulnerabilities.” Former FCC Commissioner Michael O’Rielly noted in March 2024 that TP-Link products contained more security flaws than routers produced by its competitors.

These issues attracted attention beyond the federal government. The office of the Texas Attorney General launched an investigation into TP-Link in October 2025 due to concerns over the company’s alleged assistance in Chinese espionage campaigns.

Concurrently, TP-Link products have been connected to alleged Chinese-linked cyberattacks against federal agencies and private firms. In May 2023, Check Point Research, a private cybersecurity firm, identified a Chinese hacking group using compromised TP-Link routers to target European foreign affairs entities and disrupt their websites. A Microsoft analysis released in October 2024 similarly identified thousands of compromised TP-Link routers used to conduct cyberattacks against government agencies, defense contractors, and civil society organizations.

FCC Should Promote Secure Alternative Supply Chains

The FCC’s decision offers a strong opportunity to build a more secure supply chain for commercial routers by issuing a presumed denial of market access until foreign firms can demonstrate the security of their devices. This type of model has previously proven effective for other types of connected products — the FCC allowed several foreign drone manufacturers to sell in the United States after previously restricting them due to security concerns.

However, this effort should not prevent the federal government from strengthening its cybersecurity efforts. At least one of China’s previous major communications hacking operations, Salt Typhoon, predominantly targeted known vulnerabilities in Western-produced devices rather than relying on new points of entry into critical systems. The FCC’s move should spark further executive branch actions aimed at implementing the Trump administration’s new national cybersecurity strategy to protect the United States from foreign adversaries in cyberspace.

Jack Burnham is a senior research analyst in the China Program at the Foundation for Defense of Democracies (FDD). For more analysis from Jack and FDD, please subscribe HERE. Follow Jack on X @JackBurnham802. Follow FDD on X @FDD. FDD is a Washington, DC-based, nonpartisan research institute focusing on national security and foreign policy.