News

IT NEWS

TP-Link faces US national security probe, potential ban on devices

The US government launched a national security investigation into the popular, Chinese-owned router maker TP-Link, with a potential eye on banning the company’s devices in the United States.

The investigation comes amid heightened tension between the US and the Chinese government, and after a public letter from members of the US House of Representatives this summer that alleged that TP-Link was engaged in predatory pricing practices, driven by ulterior motives, and possibly sponsored by China. US officials noted how TP-Link undercut the competition on price to become the market leader for Small Office/Home Office (SOHO) network appliances.

In doing this, TP-Link managed to grow their market share to 60% of the US retail market for WiFi systems and SOHO routers—from 10% in 2019. And the company reportedly has almost 80% of the US retail market for WiFi 7 mesh systems.

A WiFi 7 Mesh system is the latest advancement in wireless networking, combining the features of WiFi 7 technology with the benefits of mesh networking, which uses multiple nodes that work together to provide uniform WiFi coverage throughout the home, eliminating dead zones.

Because of TP-Link’s original founding in China, claims have been made of a so-called “Huawei playbook,” referring to allegations that Huawei Technologies Co. spies for the Chinese government and that it became a dominant player in the global networking equipment sector on the back of improper state subsidies. Huawei and China both deny these allegations, though.

Nonetheless, the US imposed restrictions that make it harder for Huawei to sell equipment in the US and buy parts from American suppliers.

Perhaps because of this type of scrutiny, TP-Link has made many efforts to distance itself from its Chinese ownership. TP-Link Systems is an entity based in Irvine, California, and no longer affiliated with the Chinese TP-Link Technologies.

Part of the attention paid to TP-Link this year could also be because a Chinese-backed Advanced Persistent Threat (APT) called Volt Typhoon has been using SOHO routers as gateways to get inside sensitive infrastructure. The cybercriminals used the routers to hide the actual origin of malicious attempts to reach inside the utilities and other targets.

But that argument doesn’t make sense since many of those routers were malware-infected NetGear and Cisco SOHO devices that no longer receive updates because they have reached their End-of-Life.

TP-Link said the market share percentages were overstated, but it did recently sign deals with internet service providers (ISPs) who then supply the routers to their customers. In such deals ISPs often rebrand the routers which makes it hard for customers to know which brand and type of router they have.

Representative John Moolenaar, the co-chairman of the US House Select Committee on Strategic Competition between the United States and the Chinese Communist Party—which sent the letter prompting the TP-Link probe—stayed fast in his concerns:

“Chinese companies that, because of the technology they provide or the supply chains they impact, pose an unacceptable risk to our country’s security.”

Unfortunately, vulnerabilities in routers are very common and hardly ever patched by consumers, because they either don’t know how, or they may not even know that the patches are necessary because they don’t know which router model they have or that patches are available.

This makes it very hard to tell whether a vulnerability was an oversight or an intentional backdoor. This will make it hard for the investigators to find the “loaded gun” they are looking for.


We don’t just report on privacy—we offer you the option to use it.

Privacy risks should never spread beyond a headline. Keep your online privacy yours by using Malwarebytes Privacy VPN.