The US government has initiated a national security investigation into TP-Link, a Chinese company, and is considering banning the sale of its devices. Concerns have been raised that these routers might have vulnerabilities that could be exploited by Chinese hackers for cyberattacks. TP-Link currently holds approximately 65% of the market share for home and small business routers in the United States and is a preferred brand on Amazon.com, providing network communication services to the Department of Defense and other federal government agencies.
According to The Wall Street Journal, investigators from the Departments of Commerce, Defense, and Justice have launched an inquiry into the company, with the possibility of a ban on the sale of TP-Link routers in the US next year. A subpoena has already been issued by the Department of Commerce to TP-Link.
Actions against the company could fall under the newly incoming administration of Trump, which has taken a firm stance against the Chinese Communist Party (CCP). The investigation was reportedly initiated in response to a letter from two co-chairs of the House Committee on CCP Issues in August, urging relevant agencies to investigate the “significant national security issues” posed by TP-Link’s dominant position in the US market.
Legislators highlighted concerns over CCP laws that require companies to assist in military and intelligence objectives and the frequent exploitation of routers by CCP-supported cyberattacks. Several sources have confirmed that US officials have identified TP-Link routers as among the brands utilized by CCP-supported hackers in large-scale cyberattacks such as “Volt Typhoon” and “Salt Typhoon.”
These attacks target critical US infrastructure, including water resources, transportation networks, as well as telecommunication and internet companies. Investigators have also expressed worries about a series of hacker attacks known as Camaro Dragon, supported by the CCP, which targeted European diplomatic institutions using TP-Link routers.
Informants revealed to the press that TP-Link routers often have security flaws upon delivery to customers, and the company frequently fails to address these issues despite existing vulnerabilities. While security researchers are aware of these flaws, TP-Link does not engage with them to address concerns.
TP-Link conducts sales in the US through a business unit located in California, affirming its commitment to assessing potential security risks and addressing known vulnerabilities. A TP-Link spokesperson stated, “We welcome any opportunity to collaborate with the US government to demonstrate that our security practices fully comply with industry standards.”
According to a report by Huari, spokesman Liu Pengyu from the Chinese Embassy in Washington criticized US actions against TP-Link as an attempt to “suppress Chinese companies” under the guise of national security. If TP-Link routers are banned in the US, it would mark the most significant withdrawal of Chinese telecommunications equipment since the Trump administration’s directive in 2019 to remove Huawei from domestic infrastructure.
During the pandemic, as people were forced to work from home, TP-Link’s market share in the US home and small business router market surged from around 20% in 2019 to about 65% this year. In the third quarter of this year alone, TP-Link gained an additional 5% market share.
TP-Link collaborates with over 300 network service providers in the US, sending routers to new users. Federal contract documents reveal TP-Link supplies routers to various entities ranging from NASA to the Department of Defense and Drug Enforcement Administration. These routers are also sold on military exchanges online.
Part of the company’s dominant market position stems from its relatively lower prices. Market data indicates that TP-Link routers are often priced more than half cheaper than competitors.
An informant informed Huari that the Department of Justice is investigating whether these price differences violate federal laws by selling products below cost to achieve monopolies. A TP-Link spokesperson affirmed that the company does not engage in selling products below cost and is committed to compliance with US laws, including antitrust regulations.
The Biden administration is contemplating actions against TP-Link in response to recent cyberattacks linked to the CCP. As part of the response, the government is also pushing for the complete removal of Chinese telecom subsidiaries from US telecom infrastructure. The usage of this CCP-controlled telecom company in the US has been very limited.
Insiders disclosed to Bloomberg that the Department of Defense earlier this year conducted an investigation into national security vulnerabilities of Chinese routers. In August, the House Committee on CCP Issues urged the Secretary of Commerce to investigate TP-Link due to its “unusual vulnerabilities.” In September, the House passed legislation requiring a study of national security risks posed by routers associated with foreign adversaries.
The review by the Department of Commerce is led by the Information and Communications Technology and Services Office established during the first term of the Trump administration. The office has the authority, based on national security considerations, to prohibit technology sales to the US from specific countries.
In its initial move, the office in June banned the Russian software company Kaspersky from selling products in the US. Sources indicated that if a decision is made, the office would employ similar powers to prohibit TP-Link.