FCC blocks foreign-made routers from US market over national security fears
The FCC on Monday expanded its national security crackdown on Chinese-linked technology, adding all foreign-made consumer-grade routers to its “Covered List,” effectively blocking new models from entering the US market.
-
The FCC is blocking new foreign-made routers from entering the US market over national security concerns.
-
Officials point to Chinese cyber groups, including Salt Typhoon, Volt Typhoon, and Flax Typhoon, as evidence the threat is already hitting US infrastructure.
-
Routers already in US homes are not affected – but new foreign-made models now face a federal block.
US regulators say the policy is designed to reduce the risk of foreign adversaries exploiting internet-connected devices that sit inside American homes and businesses.
“Malicious actors have exploited security gaps in foreign-made routers to attack American households, disrupt networks, enable espionage, and facilitate intellectual property theft, “ the FCC said in a press release announcing the newly defined classification.
The move means that new routers manufactured outside the US will no longer be eligible for equipment authorization, which is required to legally import, market, or sell communications devices in the US.
The agency said the restrictions apply to new device models, meaning previously authorized routers already being used or sold in the US are not affected.
Chinese companies already on FCC national security list
US officials say the decision follows multiple cyber campaigns in which Chinese threat groups exploited flaws in foreign-made networking devices.
The crackdown is tied to the Secure Equipment Act, a law requiring the FCC to block equipment that poses an “unacceptable risk” to US national security by providing foreign actors “a built-in backdoor to American homes, businesses, critical infrastructure, and emergency services.”
The agency cites multiple cyberattacks carried out against US critical infrastructure by several notorious China-backed threat groups – including Volt Typhoon, Flax Typhoon, and Salt Typhoon – all which involved the use of foreign-made routers.
“State and non-state sponsored cyber attackers have increasingly leveraged the vulnerabilities in small and home office routers produced abroad to carry out direct attacks against American civilians in their homes,” according to a March 20th National Security Determination by Executive Branch Agencies.
“Additionally, routers produced abroad were directly implicated in the Volt, Flax, and Salt Typhoon cyberattacks, which targeted critical American communications, energy, transportation, and water infrastructure,” the determination said.
US officials have increasingly warned that internet-connected devices – including home routers, cameras, and telecommunications gear – could be used for espionage, data access, or cyberattacks if controlled or manufactured by foreign adversaries.
The “Covered List” already names several Chinese telecommunications and surveillance giants – including:
- Huawei Technologies Company
- ZTE Corporation
- Hytera Communications Corporation
- Hangzhou Hikvision Digital Technology Company
- Dahua Technology Company
The FCC's full Covered List also includes China Mobile International USA, China Telecom (Americas), Pacifica Networks/ComNet, China Unicom (Americas), and the Russian-founded cybersecurity company Kaspersky, among others.
Furthermore, the restrictions apply to the companies mentioned, as well as subsidiaries and affiliates.
Exceptions include routers that have been granted a “Conditional Approval” by the US Department of War or the US Department of Homeland Security, the FCC said.
Check if your data has been leaked
Unlock more exclusive Cybernews content on YouTube.
