The chairman of the ‘Select Committee on the Chinese Communist Party’ John Moolenar, and the ranking member Raja Krishnamoorthihave formally requestedthe Commerce Department and other agencies to investigate Chinese-made networking devices, particularly those made by TP-Link, regarding the potential cybersecurity risk they pose due to their unusual degree of vulnerabilities and other reasons mentioned in the letter.
The letter mentions that TP-link manufactures multiple Wi-Fi products, including routers, and hence, it is concerning, given the documented vulnerabilities found in its Wi-Fi routers. Furthermore, TP-Link has the largest supply of Wi-Fi products worldwide, and 95% of Americans use SOHO routers as of 2023. It’s also being used in its military bases and by the military members and their families. The letter mentions companies like the ‘Army and Air Force Exchange Service’ and ‘My Navy Exchange,’ which sell products to authorized customers who are active duty military personnel, retirees, reservists, veterans, Department of Defense civilians, and family members.
The other reason, as mentioned in the letter, is the company’s compliance requirement with the Chinese government as per their law. The congressmen said,” Companies like TP-Link are required to provide data to the PRC (People’s Republic of China) government and otherwise comply with the demands of its nationalsecurityapparatus.”
The letter further emphasizes threats from theVolt Typhoonand other PRC Advanced Persistent Threat (APT) groups. The Commerce Department has the power to restrict or ban certain products that pose a threat, as it did with networking technologies made by companieslike ZTC and Huawei.
Security vulnerabilities are not exclusive to a particular company and include products other than networking devices. Multiple companies (including router manufacturers) faced situations where their vulnerabilities were exploited and patched eventually. However, the use of SOHO routers is particularly concerning in this case, given the position military personnel would have and the sensitive information passed on with any of these routers being used as a medium.
The members jointly requested that the investigation be completed by the end of August. Hence, once the investigation is complete, we should receive information from the Department of Commerce and its actions against any potential threat if warranted.
Get Tom’s Hardware’s best news and in-depth reviews, straight to your inbox.
Roshan Ashraf Shaikh has been in the Indian PC hardware community since the early 2000s and has been building PCs, contributing to many Indian tech forums, & blogs. He operated Hardware BBQ for 11 years and wrote news for eTeknix & TweakTown before joining Tom’s Hardware team. Besides tech, he is interested in fighting games, movies, anime, and mechanical watches.