The US has banned new foreign-made consumer internet routers over national security concerns. In an update on Monday to a list of equipment seen as not secure enough for use, the Federal Communications Commission (FCC) added all consumer-grade routers made outside the US.
It puts routers - which are used widely in homes and businesses to connect computers, phones, TVs and other devices to the internet - on par with foreign-made drones, which were banned at the end of last year.
'Malicious actors have exploited security gaps in foreign-made routers to attack American households, disrupt networks, enable espionage, and facilitate intellectual property theft, said the FCC.
While people will still be able to use foreign-made routers they already own, the ban applies to all 'new device models.' The ban stems from growing concern over the last year that routers were a point of easy access for malicious actors. TP-Link, a router brand made in China that is a best-seller on Amazon, became the subject of some US political anxiety last year after a spate of cyberattacks.
Any new router made outside the US will now need to be approved by the FCC before it can be imported, marketed, or sold in the country. In order to get that approval, companies manufacturing routers outside the US must apply for conditional approval in a process that will require the disclosure of the firm's foreign investors or influence, as well as a plan to bring the manufacturing of the routers to the US.
Certain routers may be exempted from the list if they are deemed acceptable by the Department of Defense or the Department of Homeland Security, the FCC said. Neither agency has yet added any specific routers to its list of equipment exceptions. The FCC's move follows a decision on Friday by government agencies working on national security that internet routers made overseas posed unacceptable risks to the US.
Those risks include potentially far-reaching impacts to the American supply chain, and the possibility of a cybersecurity attack that could disrupt infrastructure or cause harm to people. The FCC noted that malicious access to routers was involved in three cyberattacks aimed at US infrastructure between 2024 and 2025, which investigations blamed on actors working on behalf of the Chinese government.
The vast majority of Internet routers are assembled or manufactured outside of the US, often in Taiwan or China. The FCC ban applies even if a router is designed in the US but built abroad. Notably, popular brands of routers in the US, including Netgear, manufacture their products abroad. The only notable US-made router is the Starlink WiFi router from SpaceX, which is manufactured in Texas.
It puts routers - which are used widely in homes and businesses to connect computers, phones, TVs and other devices to the internet - on par with foreign-made drones, which were banned at the end of last year.
'Malicious actors have exploited security gaps in foreign-made routers to attack American households, disrupt networks, enable espionage, and facilitate intellectual property theft, said the FCC.
While people will still be able to use foreign-made routers they already own, the ban applies to all 'new device models.' The ban stems from growing concern over the last year that routers were a point of easy access for malicious actors. TP-Link, a router brand made in China that is a best-seller on Amazon, became the subject of some US political anxiety last year after a spate of cyberattacks.
Any new router made outside the US will now need to be approved by the FCC before it can be imported, marketed, or sold in the country. In order to get that approval, companies manufacturing routers outside the US must apply for conditional approval in a process that will require the disclosure of the firm's foreign investors or influence, as well as a plan to bring the manufacturing of the routers to the US.
Certain routers may be exempted from the list if they are deemed acceptable by the Department of Defense or the Department of Homeland Security, the FCC said. Neither agency has yet added any specific routers to its list of equipment exceptions. The FCC's move follows a decision on Friday by government agencies working on national security that internet routers made overseas posed unacceptable risks to the US.
Those risks include potentially far-reaching impacts to the American supply chain, and the possibility of a cybersecurity attack that could disrupt infrastructure or cause harm to people. The FCC noted that malicious access to routers was involved in three cyberattacks aimed at US infrastructure between 2024 and 2025, which investigations blamed on actors working on behalf of the Chinese government.
The vast majority of Internet routers are assembled or manufactured outside of the US, often in Taiwan or China. The FCC ban applies even if a router is designed in the US but built abroad. Notably, popular brands of routers in the US, including Netgear, manufacture their products abroad. The only notable US-made router is the Starlink WiFi router from SpaceX, which is manufactured in Texas.
