One of the most popular router brands in the U.S., TP-Link, is currently being scrutinized by the U.S. government. In fact, it’s so serious, that the routers could be banned entirely to protect national security.
TP-Link Tied to Chinese Threat Actor
Microsoft first noticed credentials being stolen from Microsoft customers back in August 2023. The company traced the attacks to a network of compromised devices. The attacks stem from Storm-0940, a Chinese threat actor, and the network of devices is referred to as CovertNetwork-1658.
Since discovering the problem, Microsoft has noticed Storm-0940 using stolen credentials. The initial credentials came from brute force and password spray attacks, as well as exploiting network edge services and devices.
Typically, this threat actor targets both government and non-government organizations, defense bases, law firms, and more in North America and Europe.
Of course, the North American targets are what the US government is worried about. The bad news for TP-Link is that most of this covert network is comprised of their small office and home office routers.
A TP-Link Router Ban Could Be Possible
With that information, government officials are now considering a ban, hoping this will drastically cut down on possible attacks through the covert network. Part of the worry also stems from the many federal agencies, not just home users, that use TP-Link routers.
Thanks to their cheap price, TP-Link is currently the best-selling router brand on Amazon. It only makes sense for threat actors to target this brand.
TP-Link Says The Claims Are Wrong
U.S. officials from the Justice, Commerce, and Defense departments are currently investigating the history of vulnerabilities, the brand’s track record of patching (or not patching) security flaws, and even the low cost of the routers. Yes, there are suspicions that TP-Link could be trying to create a monopoly by selling the routers for less than they cost to manufacture.
The brand has stated that their products meet all necessary security requirements for all U.S. government agencies. They also state that all devices are tested for security vulnerabilities, and if any issues do arise, they are mitigated as quickly as possible.
Still, former Federal Communications Commission commissioner, Michael O’Rielly, said TP-Link has a higher rate of vulnerabilities and citations than other routers. But he still doesn’t see the brand as negligent in any way.
Plus, the covert network isn’t just comprised of TP-Link routers. Other brands are included, even if they’re in the minority. Even if these routers are banned, Chinese threat actors will likely rebuild their network using vulnerabilities in other routers.
The higher rate is more than likely, as it’s such as popular brand. For instance, Windows has the market share for desktop computing, making it a much larger target than macOS. However, that doesn’t mean macOS is free from any vulnerabilities.
What This Means For You
A TP-Link router ban wouldn’t mean you have to rush out to buy a new router immediately. As you may already know, many popular Chinese brands/companies are under heavy scrutiny at the moment, especially with all the trouble surrounding TikTok.
Mainly, a ban would mean you couldn’t buy the brand any longer and government and federal agencies would cease using them. But don’t expect any official decision until early next year.
For now, continue being diligent and protect yourself while online, including using an antivirus utility.
Image credit: Flickr
