If you’ve purchased a Wi-Fi router in the past year, chances are it’s made by TP-Link. This may not be possible in 2025.
Investigators from the Departments of Commerce, Defense, and Justice All probes open One person said it was considering a possible ban on sales of TP-Link routers due to the company’s ties to Chinese cyberattacks. Wall Street Journal Article Released last week.
Since the pandemic, TP-Link has grown in dominance of the U.S. router market. According to the Wall Street Journal, its share of total router sales has grown from 20% in 2019 to about 65% this year. TP-Link disputes these numbers from CNET, and a separate analysis by IT platform Lansweeper found: 12% of home routers In the US it’s TP-Link.
Although there have been high-profile cyberattacks involving TP-Link routers, this potential ban has more to do with the company’s ties to China than it has, according to cybersecurity researchers I spoke with. Publicly identify specific safety issues.
“People expect there to be some smoking gun or something in these devices from Chinese manufacturers, but ultimately you find that every device has the exact same problem,” said Thomas, CEO of cybersecurity company NetRise and a former security contractor for the Department of Energy. Pace told CNET that the Chinese equipment is not obviously unsafe: “It’s not a risk. Risks are built into the corporate structure of every Chinese company.
TP-Link was founded in 1996 in Shenzhen, China by brothers Zhao Jianjun and Zhao Jiaxing. In October, two months after the House of Representatives announced an investigation into the company, the company moved its headquarters to Irvine, California. The company told CNET it previously had dual headquarters in Singapore and Irvine. New headquarters in Shenzhen Won the 2017 Architecture Award.
Look at this: The Best Wi-Fi Routers of 2024: Buying Guide
In my conversations with TP-Link representatives over the past few days, they have repeatedly distanced themselves from their relationship with China.
“TP-Link has a secure, vertically integrated, U.S.-owned international supply chain,” a TP-Link representative told CNET. “Nearly all products sold in the U.S. are made in Vietnam.”
Even so, the U.S. government appears to still view TP-Link as a Chinese entity. In August, the House Select Committee on Chinese Communist Party urged an investigation into the company.
“TP-Link’s unusually serious vulnerability and the need to comply with (Chinese) law are troubling in themselves,” legislators wrote. “When combined with the (Chinese) government’s widespread use of (home office) routers like TP-Link to conduct widespread cyberattacks in the United States, this becomes very alarming.”
Asked for comment, a TP-Link representative told CNET: “Like many consumer electronics brands, TP-Link Systems’ routers have been identified as potential targets for hackers. However, there is no evidence that our products More vulnerable than other brands of products.
CNET has several TP-Link models in our list The best Wi-Fi routers And will be watching this story closely to see if we need to re-evaluate these options. While our review of the hardware hasn’t changed, we’re suspending our recommendation for TP-Link routers until we know more.
The ban is more about TP-Link’s relationship with China than known technical issues
Cybersecurity experts I spoke to agreed that TP-Link had security flaws, but so did all router companies. It is unclear whether the government has discovered new problems that could lead to a sales ban on TP-Link.
The Wall Street Journal article cited federal contract documents showing that TP-Link routers were purchased by NASA, the Department of Defense and the Drug Enforcement Administration, among others.
The potential ban comes amid growing bipartisan support in Washington for extracting Chinese products from the U.S. telecommunications industry. In an attack dubbed “Salt Typhoon” disclosed in October, Chinese hackers Reportedly broke into the network US internet providers such as AT&T, Verizon and Lumen (which owns CenturyLink and Quantum Fiber).
Brendan Carr, Trump’s nominee for FCC chairman Interviewed by CNBC Recent intelligence briefings on the onslaught of Typhoon Yan “made me want to smash my phone by the end.”
“In many ways, the horse is out of the barn at this point,” Carr said. “We need everyone to come together to try to address and control this problem.”
TP-Link has not yet been linked to the Typhoon Yan attack, but it does show the current temperature of the perceived threat from China.
The government may have discovered the TP-Link vulnerability, but we don’t know for sure
Several cybersecurity experts I spoke to believe that intelligence agencies may have discovered something in TP-Link worth banning.
“I think this comes from deeper intelligence within the U.S. government. Typically this happens before the information becomes public,” Guido Patanella, senior vice president of engineering at Lansweeper, told CNET.
In 2019, then-President Trump issue executive order The bill effectively bans U.S. companies from using network equipment from Huawei, another Chinese company that has been criticized for national security concerns.
NetRise CEO Pace told me that he believes there may be a “zero-day” vulnerability in TP-Link equipment — a term that refers to a hidden flaw that requires a zero-day to fix it — but he was quick to point out that there is no evidence to support it. at this point.
“But at least this statement is based on some reality that we know, which is that the People’s Republic of China is involved in every Chinese company. That’s undeniable,” Pace said.
TP-Link has known security vulnerabilities, as do all router companies
TP-Link representative walks us through the Cybersecurity and Infrastructure Security Agency (CISA) list Known exploited vulnerabilities (KEV). TP-Link recorded two of these incidents, while Netgear and D-Link had eight and 20 respectively; other popular router brands such as Asus, Linksys and Eero had none.
By that measure, the TP-Link is not exceptional in either respect, but that may not be a measure of it.
“The question with the CISA KEV (list) is, if everything is on the list, how good is the list?” Pace said. “Basically every telecommunications device on the planet has at least one vulnerability in CISA KEV. This is a big question with no good answer yet.
There have also been several cybersecurity reports specifically targeting TP-Link. The most notable one came in October, when Microsoft Announce details It has been tracking password spray attacks for more than a year. In this type of attack, hackers use a common password to access multiple accounts.
Microsoft called the attack a “nation-state threat actor campaign” and said most of the routers used were made of TP-Link.
In May 2023, Check Point Research also Firmware implant identified in TP-Link routers linked to a Chinese state-backed hacker group. In this case, the campaign targeted European diplomatic entities. Nonetheless, the researchers emphasized that the attack was written in a “firmware-agnostic manner” and was not specifically designed to exploit TP-Link.
“While our analysis focused on the vulnerability in modified TP-Link firmware, previous incidents have shown that similar implants and The backdoor has been used on devices from various manufacturers, including those in the United States.
“The broader implication is that this placement was not targeted at a specific brand but was part of a larger strategy to exploit systemic vulnerabilities in the internet’s infrastructure.”
Cohen said he didn’t think the TP-Link ban would significantly improve safety. As I’ve heard from other researchers, the security issues discovered are not unique to any one company.
“The vulnerabilities and risks associated with routers are largely systemic and apply to multiple brands, including those made in the United States,” Cohen said. “We do not believe that TP-Link was aware of the implant we discovered, nor that The implant is not believed to have been intentionally inserted as a backdoor into its products.”
Is it safe to use a TP-Link router?
There are real risks with using a TP-Link router, but no matter what brand of router you use, there is always some level of risk. Overall, cyberattacks linked to Chinese actors have targeted think tanks, government organizations, non-governmental organizations and Department of Defense vendors, according to the Wall Street Journal.
“I don’t think the average person is burdened with such a huge goal,” Pace told CNET. “They tend to pursue what they want to pursue.”
That said, such attacks are often indiscriminate and aim to establish a chain of nodes between a compromised router and the hacker.
“This means that ordinary users have the potential to be part of a broader attack campaign, even if they are not individually targeted,” said Check Point security researcher Cohen.
How to protect yourself if you own a TP-Link router
To ensure your network security, you should follow the same steps whether you have a TP-Link or any other brand of router. Here’s what experts recommend:
- Keep firmware updated: One of the most common ways hackers gain access to your network is through outdated firmware. TP-Link tells us that customers with a TP-Link cloud account can simply click the “Check for Updates” button in their product’s firmware menu when logging into the TP-Link app or website. You can also find the latest updates in TP-Link Download Center.
- Strengthen your credentials: If you have never changed the default login credentials on your router, now is the time to do so. Weak passwords are responsible for many of the most common attacks. “Devices that use preset or weak passwords are easy targets,” Cohen told CNET. “Preset or simple passwords can be easily brute-forced or guessed.” Most routers have an app that allows you to Update your login credentials there, but you can also enter the router’s IP address in the URL. These credentials are separate from your Wi-Fi name and password, which should also be changed every six months or so. The longer and more random the password, the better.
- Consider using a VPN service: For an added layer of protection, a VPN will encrypt all of your web traffic and prevent your internet provider (or anyone else) from tracking the websites or apps you’re using. You can find CNET’s picks The best VPN services are here.
#TPLink #routers #banned #year #dangerous
Leave a Reply