Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
TP-Link routers may not be available for much longer in the US, according to A Washington Post report Last week. A potential ban appears increasingly likely, with more than a half-dozen federal departments and agencies supporting the proposal.
The news first broke in December last year, when The Wall Street Journal reported Investigators at the Departments of Commerce, Defense, and Justice have all opened investigations into the company because of national security risks stemming from its ties to China. Since then, news on the TP-Link front has remained relatively quiet.
Now, the proposal has received interagency approval.
Read more: I asked 4 cybersecurity experts if they would continue to use a TP-Link router
Why are TP-Link routers blocked plans paid?
“Trade officials have concluded that TP-Link Systems’ products pose a risk because the U.S.-based company’s products handle sensitive American data and because officials believe they remain subject to the jurisdiction or influence of the Chinese government,” The Washington Post reported.
TP-Link’s ties to the Chinese government are merely allegations. The company — technically called TP-Link Systems — has vehemently denied to me in the past that it is a Chinese company.
“As an independent U.S. company, no foreign country or government, including China, has access to or control the design and production of our products,” a TP-Link spokesperson told CNET.
History of TP-Link routers
TP-Link was founded in Shenzhen, China, in 1996 by two brothers, Jeffrey (Jianjun) Zhao and Jiaxing Zhao. In October 2024, two months after the members of the House Select Committee are selected He called for an investigation To TP-Link routers, the company has split into two divisions: TP-Link Technologies and TP-Link Systems.
The latter is headquartered in Irvine, California, and has approximately 500 employees in the United States and 11,000 in China, according to a Washington Post report. TP-Link Systems is owned by Chow and his wife.
“TP-Link’s unusual degree of vulnerability and required compliance with (Chinese) law is troubling in and of itself,” the lawmakers wrote in October 2024. “When this is coupled with the (Chinese) government’s common use of (home office) routers like TP-Link to commit large-scale cyberattacks in the United States, it becomes hugely concerning.”
The company has become a dominant force in the US router market since the pandemic. According to the magazine’s report, it has grown from 20% of total router sales in 2019 to about 65% this year. TP-Link disputed those numbers to CNET, and a separate analysis from IT platform Lansweeper found so 12% of home routers The ones currently used in the United States are made by TP-Link. More than 300 ISPs are issuing TP-Link routers to their customers, according to a Wall Street Journal report.
Why investigate TP-Link routers?
Separately, the Justice Department’s Antitrust Division is investigating whether TP-Link was involved in this matter Predatory pricing tactics By artificially lowering their prices to keep competitors out.
CNET has several TP-Link models in our lists of Best wifi routers We’ll be watching this story closely to see if we need to reevaluate those choices.
“We do not sell products below cost. Our prices are not only above cost, but also contribute to the company’s healthy profit,” a TP-Link spokesperson told CNET.
The potential ban has gone through an interagency review and is currently in the hands of the Commerce Department. According to the Washington Post report, sources familiar with the details of the ban said that the Trump administration’s ongoing negotiations with China made the chances of imposing the ban less likely in the near future.
“Any concerns the government may have about TP-Link are fully resolvable through a logical combination of measures such as devolving development functions and investing in cybersecurity and transparency,” the spokesperson said. “TP-Link will continue to work with the US Department of Commerce to ensure we understand and are able to respond to any government concerns.”
Don’t miss any of our unbiased technical content and lab reviews. Add CNET As Google’s preferred source.
How concerned are you about your TP-Link router?
I wrote that a few months ago I was in no rush to replace my TP-Link routerThis is how I feel even today.
When the news first broke last December, I was… asked four cybersecurity experts Whether they will continue to use the TP-Link router. One of them gave a forceful “no.” Another said there was a “risk to the consumer.” Two refused to answer the question directly.
Itai Cohen was one of the authors of the 2023 report that Determined the firmware transplant process In TP-Link routers linked to a Chinese state-sponsored hacking group. He told me in a previous interview that similar implants have been found in other brands of routers manufactured around the world.
“I don’t think there’s enough public evidence to support directly avoiding routers from China,” Cohen said. “The vulnerabilities and risks associated with routers are largely systemic and apply to a wide range of brands, including those manufactured in the United States.”
I’ve heard a version of this from every cybersecurity expert I’ve talked to. TP-Link has security flaws, as do all routers, and I couldn’t point to any that specifically showed cooperation with the Chinese government.
“We’ve analyzed an amazing amount of TP-Link firmware,” said Thomas Pace, CEO of cybersecurity firm NetRise and a former security contractor for the Department of Energy. “We find things, but we find things in everything.”
However, it is entirely possible that the government is aware of vulnerabilities that the public is unaware of.
For now, I’m still comfortable using a TP-Link router knowing that I follow a few basics Network security best practicesbut my risk tolerance may be higher than it is for others.
How to protect your network if you have a TP-Link router
If you’re one of the millions of Americans who use a TP-Link router, news of a potential ban may be alarming.
A Microsoft report from last year It found that TP-Link routers have been used in “password spraying attacks” since August 2023, which typically occur when the router… Using the default password.
Here’s what you can do to protect yourself now:
Update your login credentials. A shocking amount of router attacks occur because the user never changes the default login credentials set by the router manufacturer. Most routers have an app that lets you update your login credentials, but you can too Type your router’s IP address into the URL. These credentials are different from your Wi-Fi network name and password, which must also be changed Every six months or so. As always with passwords, avoid common words and character combinations, longer passwords are better and do not reuse passwords from other accounts.
Use a VPN. If you’re worried about prying eyes from the Chinese government or anyone else, the best thing you can do to ensure your connection stays private is to Use a quality VPN. Privacy-conscious people should look for advanced features such as Jamming, Tor via VPN and a double VPN, which uses a second VPN server for an additional layer of encryption. You can even Install a VPN on your router Directly so that all your traffic is automatically encrypted.
Turn on firewall and Wi-Fi encryption. It’s usually turned on by default, but now is a good time to make sure it’s activated. This will make it difficult for hackers to access data sent between your router and devices connected to it. You can also find these settings by logging into your router from its app or website.
Consider purchasing a new router. I always recommend purchasing your own router rather than renting one from your ISP. This is mostly a A cost saving measurebut if your ISP uses TP-Link equipment, now may be a good time to switch to another brand. The main thing to look for is WPA3 certification – The latest security protocol for routers.
Update your firmware. A TP-Link spokesperson told me last year that customers should regularly check for firmware updates to keep their router secure. “To do this, customers with TP-Link Cloud accounts can simply click the ‘Check for Updates’ button in their product’s firmware menu,” the spokesperson said. “All other customers can find the latest firmware on their product downloads page at TP-Link.com.”