Tech
Why Has the US Banned Foreign-Made Routers?
The Federal Communications Commission has banned new consumer internet routers manufactured outside the US, citing national security concerns. The ban doesn’t affect any routers already in American homes or currently on sale in the US, but all new routers aimed at the consumer market will need to be approved.
While the headline is that foreign-made consumer routers are banned, manufacturers can apply for exemptions. There’s no need to throw out your router, and you’ll still find plenty of mesh systems on the store shelves. But what does this mean for you?
Why Are Foreign-Made Routers Banned?
“Malicious actors have exploited security gaps in foreign-made routers to attack American households, disrupt networks, enable espionage, and facilitate intellectual property theft,” the FCC wrote. “Foreign-made routers were also involved in the Volt, Flax, and Salt Typhoon cyberattacks targeting vital US infrastructure.”
Foreign-made consumer routers were added to the Covered List, which details equipment and services “deemed to pose an unacceptable risk to the national security of the United States.”
Which Routers Are Banned?
The ban only affects the sale of new Wi-Fi routers aimed at consumer households. The ban does not apply to existing FCC-approved routers on sale in the US. Previously purchased routers already in use in homes across the country are also fine and are not part of the ban, according to the FCC’s FAQ. These routers can continue to be sold, used, and updated with new firmware.
Any new router manufactured outside the US now requires FCC approval before it can be imported, marketed, or sold in the US. This includes routers from US companies that are manufactured overseas, which is the vast majority of the market right now.
What Does Foreign-Made Mean?
This is decidedly murky. The ban is concerned with “consumer-grade” routers and could include any that are designed or manufactured outside the US or manufactured by companies that are not completely US-owned and operated. All the major players in the market, including Netgear, TP-Link, Asus, Amazon’s Eero, Google’s Nest, Synology, Linksys, and Ubiquiti, fall under the definition. As do most, if not all, of the routers supplied by internet service providers in the US.
Just like the recent federal drone ban, the router only applies only to new routers, but manufacturers can apply for Conditional Approval from the Department of Defense and the Department of Homeland Security. Applications must include details about ownership, board membership, and country of origin for components, IP ownership, design, assembly, and firmware, among other things. The final section requests details of the applicant’s US manufacturing and onshoring plan, so there’s a clear push to persuade companies to commit to making their routers in the US.
“No routers or manufacturers have been granted a Conditional Approval so far, but as the process gets underway, we expect approvals to be granted in a timely manner,” an FCC spokesperson tells WIRED.
What About Foreign-Made Components?
Well, the FCC provides some clarification in its FAQ (“covered” here means banned):
“Non-‘covered’ devices do not become ‘covered’ simply because they contain a ‘covered’ component part, unless the ‘covered’ component part is a modular transmitter under the FCC’s rules,” it says. “Therefore, a router produced in the United States is not considered ‘covered’ equipment solely because it contains one or more foreign-made components.”
Manufacturers importing components from China but assembling them in the US will presumably be OK, though it’s far from clear. “Applicants will need to be able to have sufficient evidence that the routers were not produced in a foreign country to make this certification, but there is no specific documentation or evidence required,” according to the FCC.
Let’s look at the big three US router brands and see how they’re affected.
Will TP-Link Be Banned?
Since all of its routers are made overseas, TP-Link will have to apply for Conditional Approval or spin up manufacturing in the US to sell any new routers. Estimates vary, but TP-Link’s US consumer router market share is somewhere around 35 percent, with Netgear and Asus accounting for another 25 percent or so.
The US Commerce, Defense, and Justice departments have reportedly been investigating and considering a ban on TP-Link routers for more than a year over concerns about the company’s links to China. No ban has been enacted until now, but Texas attorney general Ken Paxton sued TP-Link in February, claiming the company allows the Chinese Communist Party to access American consumers’ devices. Detractors have also criticized perceived predatory pricing, claiming TP-Link flooded the US market with a wide range of affordable routers to establish dominance.
TP-Link has repeatedly denied any wrongdoing and claims it has divested from its Chinese roots and is now headquartered in the US with the bulk of manufacturing in Vietnam. TP-Link’s cofounder and CEO, Jeffrey Chao, recently applied for permanent US residency through President Trump’s Gold Card program, according to the Times of India.
“Virtually all routers are made outside the United States, including those produced by US-based companies like TP-Link, which manufactures its products in Vietnam,” a spokesperson from TP-Link tells WIRED. “It appears that the entire router industry will be impacted by the FCC’s announcement concerning new devices not previously authorized by the FCC.”
TP-Link is a privately owned company and not publicly listed on any stock exchange. Chao and his wife, Hillary, are listed as the company’s sole owners.
Will Netgear Be Banned?
While it is a US-founded and headquartered company, Netgear’s routers are manufactured abroad, mostly in Vietnam, Thailand, Indonesia, and Taiwan, so it will have to apply for Conditional Approval. The company has moved away from China in recent years. Netgear has been lobbying the government on “cybersecurity and strategic competition with China.”
“We commend the administration and the FCC for their action toward a safer digital future for Americans,” a Netgear spokesperson tells WIRED. “Home routers and mesh systems are critical to national security and consumer protection, and today’s decision is a step forward.”
Netgear is a publicly traded company on the Nasdaq, mostly owned by institutional investors, including BlackRock and Vanguard. The company’s stock rose on news of the ban, suggesting that many investors believe it won’t be hit too hard.
Will Asus Be Banned?
Asus primarily makes its routers in Taiwan, though it has production facilities in China and works with several third-party manufacturers. Recent tariff pressures led the company to branch out to Thailand, Vietnam, Indonesia, Mexico, and the Czech Republic, but the bulk of its routers still come from Taiwan or China. Asus will have to apply for Conditional Approval to sell new routers. The company did not respond to WIRED’s request for comment.
The company is listed on the Taiwanese Stock Exchange and is mostly owned by public shareholders. The ban doesn’t appear to have impacted its stock price.
Are Any Routers Manufactured in the US?
The only routers I know of that are manufactured in the US are some Starlink Wi-Fi routers, which are primarily made in Texas. Starlink is part of Elon Musk’s SpaceX company, but many of the components in these routers come from East Asia.
How Will the Router Ban Impact Ordinary Folks?
It’s not entirely clear, but it probably won’t have a huge immediate impact. There is already a wide range of Wi-Fi 7 routers and mesh systems on the market that will continue to be sold—they enable speeds well in excess of what most people need at home. Whether companies spin up manufacturing in the US or find other ways to satisfy government agencies that their wares are not a security risk, the result is likely to be higher prices for consumers.
“This ruling has the potential to significantly disrupt the U.S. consumer router market,” Brandon Butler, Senior Research Manager, Network Infrastructure and Services at IDC tells WIRED. “In the near term, much will depend on how quickly conditional waivers are processed. Most vendors are likely to pursue them, but any delays could constrain supply and create upward pressure on pricing.”
If you haven’t upgraded to the latest Wi-Fi 7 standard, now might be a good time to do it.
Unanswered Questions
The ban does leave several unanswered questions. Why is it being applied only to consumer routers? Which routers or manufacturers will be granted a Conditional Approval? Why are the foreign-made routers currently on sale and in our homes deemed safe? The FCC did not address these questions.
The US Department of Defense appears to be illegally punishing Anthropic for trying to restrict the use of its AI tools by the military, US district judge Rita Lin said during a court hearing on Tuesday.
“It looks like an attempt to cripple Anthropic,” Lin said of the Pentagon designating the company a supply-chain risk. “It looks like [the department] is punishing Anthropic for trying to bring public scrutiny to this contract dispute, which of course would be a violation of the First Amendment.”
Anthropic has filed two federal lawsuits alleging that the Trump administration’s decision to designate the company a security risk amounted to illegal retaliation. The government slapped the label on Anthropic after it pushed for limitations on how its AI could be used by the military. Tuesday’s hearing came in a case filed in San Francisco.
Anthropic is seeking a temporary order to pause the designation. The relief, Anthropic hopes, would help convince some of the company’s skittish customers to stick with it just a bit longer. Lin can issue a pause only if she determines that Anthropic is likely to win the overall case. Her ruling on the injunction is expected in the next few days.
The dispute has sparked a broader public conversation about how artificial intelligence is increasingly being used by the armed forces, and whether Silicon Valley companies should give deference to the government in determining how the technology they develop is deployed.
The Department of Defense, which now calls itself the Department of War (DoW), has argued that it followed procedures and appropriately determined that Anthropic’s AI tools could no longer be relied upon to operate as expected during critical moments. It has asked Lin not to second-guess its assessment about the threat it claims Anthropic poses to national security.
“The worry is that Anthropic, instead of merely raising concerns and pushing back, will say we have a problem with what DoW is doing and will manipulate the software … so it doesn’t operate in the way DoW expects and wants it to,” Trump administration attorney Eric Hamilton said during Tuesday’s hearing.
Lin said that it was Defense Secretary Pete Hegseth’s role—not hers—to decide whether Anthropic is an appropriate vendor for the department. But Lin said it’s up to her to determine whether Hegseth violated the law by taking steps beyond simply canceling Anthropic’s government contracts. Lin said it was “troubling” to her that the security designation and directives more broadly limiting use of Anthropic’s AI tool Claude by government contractors “don’t seem to be tailored to stated national security concerns.”
As Anthropic’s spat with the government escalated last month, Hegseth posted on X that “effective immediately, no contractor, supplier, or partner that does business with the United States military may conduct any commercial activity with Anthropic.”
But on Tuesday, Hamilton acknowledged that Hegseth has no legal authority to bar military contractors from using Anthropic for work unrelated to the Department of Defense. When asked by Lin why Hegseth would have posted that, Hamilton said, “I don’t know.”
Lin further questioned Hamilton about whether the Pentagon had considered taking less punitive measures to move the department away from using Anthropic’s tools. She described the supply-chain-risk designation as a powerful authority typically reserved for foreign adversaries, terrorists, and other hostile actors.
Michael Mongan, a WilmerHale attorney representing Anthropic, said it was extraordinary for the government to go after a “stubborn” negotiating partner with the designation.
The Pentagon has said it is working to replace Anthropic technologies over the coming months with alternatives from Google, OpenAI, and xAI. It also said it has put measures in place to prevent Anthropic from engaging in any tampering during the transition. Hamilton said he didn’t know if it was even possible for Anthropic to update its AI models without permission from the Pentagon; the company says it is not.
A ruling in the other case, at the federal appeals court in Washington, DC, is expected to come soon without a hearing.
Cyber security professionals must embrace a narrow window of opportunity to develop safeguards around AI-enhanced software generation – popularly known as vibe coding – or risk losing control of the narrative and exposing organisations to cyber attacks and other disruptions, National Cyber Security Centre (NCSC) chief executive Richard Horne has said.
In a keynote speech delivered at the annual RSAC Conference in San Francisco today, Horne called on the security community to work together to develop safeguards around vibe coding, highlighting how modern-day society faces ongoing and fundamental issues with technology thanks to exploitable vulnerabilities.
However, Horne also argued that while it was true insecure software produced without human eyes on the code could propagate vulnerabilities far and wide, well-trained AI tooling could yet create software that is secure-by-design, which would be transformative for cyber security outcomes throughout its lifecycle.
“The attractions of vibe coding are clear. Disrupting the status quo of manually produced software that is consistently vulnerable is a huge opportunity, but not without risk of its own,” he said.
“The AI tools we use to develop code must be designed and trained from the outset so that they do not introduce or propagate unintended vulnerabilities.”
Horne said cyber pros also have a responsibility to ensure that the future in which vibe-coding and other AI code-generation tools are widely adopted proves to be a “net positive”.
New paradigm
In a thought leadership blog published alongside Horne’s speech today, senior NCSC technical leadership argued that while vibe-coding poses an “intolerable risk” for many organisations as things stand, the trend offers “glimpses of a new paradigm”.
Indeed, wrote the agency’s architecture CTO, AI-backed coding could ultimately prove to be as much a technological revolution as software-as-a-service (SaaS) – pioneered at the turn of the century by the likes of Salesforce – proved to be.
While careful not to state that organisations will suddenly use AI to whip up a replacement for their CRM tools or other platforms, the NCSC said there are now clear indications that the cost versus effort curve for ‘bespoke enough’ software is shifting and as such, more and more organisations will soon begin to make different choices when it comes to software.
Given the many security concerns around SaaS – such as appropriate authentication and access controls, misconfigurations, and third-party risks – which have never really been fully addressed to the satisfaction of all, this therefore raises the question of what technology, guardrails, platforms and assurances does the security community need to have in place to ensure that the vibe-coded future is safer than the status quo.
Things to consider
Some of the safeguards that security leaders need to start to advocate for are obvious, said the NCSC. For example, AI models must be schooled in security-by-design, humans need to have confidence in the provenance of the model and trust that it hasn’t been badly-developed, and thought needs to be given to how AI can be used to review both human- and AI-generated code.
But there are also more nuanced questions, such as how to use deterministic architectures to limit what code can do should it prove malicious, compromised or unsafe, what platforms need to be designed to host AI-generated services that implement the needed controls to protect data and users, and how AI might be used to ensure the security hygiene of software through practices such as documentation, test cases, fuzzing, or updating threat models.
The NCSC noted the possibility of a future where AI code is more restricted and locked down than even the most secure on-premise or SaaS products ever were.
Ironically, it concluded, this may at long last address the unsolved security issues that still dog SaaS and that have prevented the last, most cyber-conscious hold-outs from going all in on the cloud.
Tata Communications has launched a self-healing network platform called IZO datacentre Dynamic Connectivity, which is designed to eliminate costly datacentre downtime and support the demands of an artificial intelligence (AI)-driven world.
In explaining the rationale for the launch, Tata Communications said that in the current digital economy, disruptions from cable cuts, route failures or sudden AI workload spikes can bring business to a standstill.
Specifically, that is every enterprise depends on the ability to always be connected with an uninterrupted data flow. From financial transactions, information technology-enabled services (IT-ITeS) and manufacturing to streaming platforms and online retail, the connections between datacentres keep the modern world running. Tata Communications added that when those connections are interrupted, businesses do not just slow down, they are brought to a complete standstill.
The company warned that the networks connecting many enterprise datacentres were built for a different era. Traditional datacentre (DC)-to-DC links were designed for predictable workloads and stable traffic patterns. It stressed that the current reality is far more dynamic. In this, enterprises operate across global locations and cloud environments, moving massive volumes of data in real time to support AI workloads and business needs.
In an environment shaped by increasing geopolitical constraints, cable outages, route failures or sudden spikes in demand, these can quickly cascade into service disruption and operational risk, leading to a costly downtime. In such scenarios, the response is often reactive and manual, consuming valuable time when business need certainty and speed.
The IZO datacentre Dynamic Connectivity platform is designed to address these issues by creating an intelligent network that covers key global datacentres across five continents.
Tata Communications, said that unlike conventional architectures, the new platform uses deterministic multi-path routing to deliver predictable latency and performance. It said this transforms resilience from a reactive process into an autonomous capability, changing how enterprises connect their datacentres in an increasing AI-driven and distributed world.
This means the platform is smart enough to automatically re-route traffic within seconds without manual intervention during disruptions. This is said to enable enterprises to achieve >99.99% service availability across mission-critical infrastructure that supports business-critical applications, “turning resilience from a contingency into a default state”.
The platform is also attributed with giving enterprises access over their connectivity. Through a unified digital interface and APIs, enterprises can monitor performance, receive proactive alerts and dynamically scale bandwidth as workloads evolve.
Tata Communications said the result is that business impact is a shift from crisis management to strategic growth with business leaders no longer having to guess their future needs or over-pay for “just in case” bandwidth. Instead, leaders have access to Al-driven predictive insights allowing them to forecast their capacity requirements in advance. If a sudden workload demands more capacity or choice of route, users can instantly scale their bandwidth or add route through self-service feature.
Tata Communications calculates that by moving to a flexible, consumption-based pricing model, enterprises can reduce the need for idle backup capacity and save up to 30% on operational costs. Enterprises can activate resilience and bandwidth when required, helping to optimise costs while maintaining deterministic performance across geographies.
“Datacentres are the core engines of today’s digital economy, and the connections between them must be as resilient as the networks that connect them,” said Genius Wong, chief technology officer and executive vice-president of core and next-gen connectivity services at Tata Communications. “They must be just as dynamic as the applications they support.
“With IZO DC Dynamic Connectivity, we are shifting resilience from a reactive process to an autonomous capability. By combining global reach, deterministic routing and intelligent automation, we are enabling enterprises to build a digital foundation that scales with confidence and operates without disruption.”
Food supplement adverts claiming treatment for menopause banned
Minnesota fire that killed NHL reporter and her three children not believed to be intentional, officials say
‘John Wick’ spinoff in works, to focus on another main character
-
Tech7 days agoJustice Department Says Anthropic Can’t Be Trusted With Warfighting Systems
-
Fashion1 week agoTrump signs order to combat fraudulent ‘Made in America’ labels
-
Business1 week agoStocks and pound rise as US rate call approaches
-
Business1 week agoStocks To Watch: Tata Motors, IndiGo, Jindal Stainless, GMR Airports, Hindalco, And Others
-
Business1 week agoPeloton is launching bikes and treadmills for gyms, accelerating commercial strategy
-
Business1 week agoGas supply crunch a worry for AC makers ahead of peak season – The Times of India
-
Fashion1 week agoLenzing launches TENCEL Lyocell-HV100 at Intertextile Shanghai
-
Fashion7 days agoSales at US apparel, clothing accessories stores up 4% YoY in Jan 2026