FCC bans foreign-made routers from US market over ‘unacceptable risk’

Steven

FCC bans foreign-made routers from US market over ‘unacceptable risk’

Summary

The Federal Communications Commission has blocked the future import of consumer routers manufactured outside the US unless a maker obtains a formal exemption, calling such devices an “unacceptable risk” to US national security and the safety of US persons. The rule covers new imports only; devices already in homes remain usable.

The decision follows a National Security Determination issued on 20 March, which said reliance on foreign-made routers creates supply-chain vulnerabilities and “severe cybersecurity risk.” The FCC cited examples where compromised routers were used for surveillance, data exfiltration, botnets and as pivot points in state-sponsored campaigns such as the Salt Typhoon attacks. The ban mirrors a December FCC restriction on foreign-made drones.

Manufacturers seeking to continue imports must obtain a “specific determination” from the Department of Homeland Security or the Department of War (as referenced in the determination) that their products do not pose security risks. Vendors such as TP-Link — which notes most routers are manufactured outside the US — warned the whole industry will be affected. The FCC also acknowledged that US-made routers have been exploited when unsupported or unpatched.

Key Points

  • The FCC will prohibit future imports of consumer routers made outside the US unless an exemption is granted.
  • The measure targets supply-chain and cybersecurity risks blamed for enabling espionage, botnets, password-spray attacks and unauthorised network access.
  • Existing routers already in US homes are not affected by the ban.
  • Manufacturers must secure a “specific determination” from DHS or the Department of War to be exempted.
  • Major vendors warn the policy could disrupt the global router market because most devices are built overseas.
  • The ban follows similar action on foreign-made drones and builds on warnings from CISA, FBI, NSA and private-sector findings.
  • The FCC acknowledged that US-made routers have also been exploited when not maintained with patches and updates.

Why should I read this?

Because this could change what routers you can buy and how vendors operate — fast. If you’re buying kit, running a small network, or managing procurement for an organisation, this decision matters. We’ve pulled out the bits that explain who’s affected, what stays the same (your existing kit), and how vendors must prove they’re safe to keep selling into the US.

Context and relevance

This is a significant regulatory escalation tying consumer networking hardware directly to national-security policy. It signals tougher scrutiny of global supply chains and could push manufacturers to shift production or seek formal security clearances. The move reinforces growing collaboration between federal agencies (FCC, DHS, CISA, FBI, NSA) and follows prior actions like the foreign-drone ban.

Practical implications: expect supply disruptions, potential price rises, and a scramble for exemptions or relocation of manufacturing. For security teams, the ruling underscores the need to inventory edge devices, ensure timely patching, and plan for vendor risk assessments. For consumers, the immediate takeaway is that owned devices remain usable but replacement choices may narrow.

Source

Source: https://therecord.media/fcc-routers-banned-security-china