Foreign-built internet hardware inside American homes is now a potential entry point for attacks on the United States.
The Trump administration has blocked new imports of foreign-made consumer routers after federal officials concluded the devices can be used to spy, disrupt networks, and help launch attacks inside the country. A federal review warned that those same devices could be used to disrupt U.S. critical infrastructure at scale.
Routers handle the traffic for nearly every device on a home network and serve as the entry point for phones, laptops, cameras, TVs, and other connected systems. If that device is compromised, the rest of the network is exposed, and federal regulators say attackers have already exploited those weaknesses.
“'Malicious actors have exploited security gaps in foreign-made routers to attack American households, disrupt networks, enable espionage, and facilitate intellectual property theft,' the Federal Communications Commission said, citing multiple cyberattacks targeting U.S. infrastructure."
Officials tied those vulnerabilities to real campaigns, including Volt Typhoon and Salt Typhoon, which targeted U.S. infrastructure and exploited weaknesses in network devices to gain access. Those campaigns used compromised routers to move beyond surveillance and into larger systems, allowing attackers to remain undetected within networks.
Regulators now classify foreign-built routers as a supply chain vulnerability based on where they are built and who can access them.
"The FCC warned foreign-produced routers create a 'supply chain vulnerability that could disrupt the U.S. economy, critical infrastructure and national defense,' pointing to how compromised devices can be used as entry points into larger systems."
A large share of routers sold in the United States are built overseas, including devices sold under American brand names. Production remains concentrated abroad, including in regions the U.S. government treats as security risks.
Millions of these devices are already deployed inside American homes and businesses. Foreign manufacturers are estimated to control a majority of the U.S. router market. Unlike a compromised app or account, a compromised router sits at the network level and is harder to detect and remove once access is gained.
Read More: CCP-Linked Activist Network Targets Palantir As Beijing’s Influence Machine Hits U.S. Soil
$510M AI Smuggling Case Blows Hole in U.S. Export Controls on China
The new rule does not remove existing routers, but it blocks new models from entering the country unless they clear a national security review. Companies can still apply for exemptions, but they now have to prove the devices do not pose an unacceptable risk. Approval is no longer automatic.
"A federal review found imported routers pose 'a severe cybersecurity risk that could be leveraged to immediately and severely disrupt U.S. critical infrastructure.'”
Again, most routers are manufactured overseas, so cutting off new imports forces companies to move production, rebuild supply chains, or seek federal approval before bringing new devices to market. Fewer suppliers and new compliance hurdles will likely mean higher prices and fewer choices in the short term.
Control over the hardware that sits between American users and the internet is central to the policy. Routers handle every connection, from websites to apps to smart devices, and they see that traffic before anything else does.
If a hostile actor gains access at that level, the breach does not stay contained. It spreads across the entire network. Federal officials now treat these devices as a national security risk sitting inside American homes.
Editor’s Note: Do you enjoy RedState’s conservative reporting that takes on the radical left and woke media? Support our work so that we can continue to bring you the truth.
Join RedState VIP and use the promo code FIGHT to get 60% off your VIP membership!
Join the conversation as a VIP Member