U.S. Weighs Ban on Chinese made TP-Link router and China Telecom

Posted on by Alan Weissberger

Today, the Wall Street Journal (WSJ) reported that the U.S. is considering banning the sale of China made TP-Link internet routers over concerns the home networking devices pose a security risk. Government authorities may ban the popular routers which have been linked to Chinese cyberattacks.  TP-Link has roughly 65% of the U.S. market for routers for homes and small businesses. It is also the top choice on Amazon.com, and powers internet communications for the Defense Department and other federal government agencies.

Investigators at the U.S. Commerce, Defense and Justice departments have opened their own probes into the company, and authorities could ban the sale of TP-Link routers in the U.S. next year, according to people familiar with the matter. An office of the Commerce Department has subpoenaed TP-Link, some of the people said. If its routers are banned from the U.S., it would mark the biggest extraction of Chinese telecom equipment from the country since the Trump administration in 2019 ordered Huawei Technologies ripped out of American infrastructure.

TP-Link routers are routinely shipped to customers with security flaws, which the company often fails to address, according to people familiar with the matter. While routers often have bugs, regardless of their manufacturer, TP-Link doesn’t engage with security researchers concerned about them, the WSJ said.  However, TP-Link told CBS MoneyWatch that the company’s “security practices are fully in line with industry security standards in the U.S.”

 

                                                                                                                                                             TP-Link router. Photo: Meghan Petersen/WSJ

…………………………………………………………………………………………………………………………………………………………………………………………………………

TP-Link has also joined with more than 300 internet providers in the U.S. to be the router that is mailed to new homes that sign up for their services. Federal contracting documents show TP-Link routers supply everything from the National Aeronautics and Space Administration to the Defense Department and Drug Enforcement Administration, and the routers are sold at online military exchanges.  The company’s market dominance has been achieved in part through lower prices. Its routers are cheaper than competitors, often by more than half, according to market data.

TP-Link sells in the U.S. through a business unit based in California. According to business records, TP-Link co-founder Zhao Jianjun is the chief executive of the California operation and he and his brother still ultimately control all global TP-Link entities. A spokeswoman for that unit said TP-Link assesses potential security risks and takes action to address known vulnerabilities.

“We welcome any opportunities to engage with the U.S. government to demonstrate that our security practices are fully in line with industry security standards, and to demonstrate our ongoing commitment to the U.S. market, U.S. consumers, and addressing U.S. national security risks,” the spokeswoman said.

Asked to comment about potential actions against TP-Link, Liu Pengyu, a spokesman for the Chinese Embassy in Washington, said the U.S. was using the guise of national security to “suppress Chinese companies.” He added that Beijing would “resolutely defend” the lawful rights and interests of Chinese firms.

TP-Link’s U.S. growth took off during the pandemic, when people were sent home to work and needed reliable internet. The company climbed from around 20% of the U.S. market for home and small-business routers in 2019 to around 65% this year. It took an additional 5% of the market in just the third quarter of this year, according to industry data. The TP-Link spokeswoman disputed the industry data but said the company’s market share has grown in the U.S.

An analysis from Microsoft published in October found that a Chinese hacking entity maintains a large network of compromised network devices mostly comprising thousands of TP-Link routers. The network has been used by numerous Chinese actors to launch cyberattacks. These actors have gone after Western targets including think tanks, government organizations, nongovernment organizations and Defense Department suppliers.

The Defense Department earlier this year opened an investigation into national-security vulnerabilities in Chinese routers, according to people familiar with the matter. The House Select Committee on the Chinese Communist Party in August urged the Commerce Secretary to investigate TP-Link because it presents an “unusual degree of vulnerabilities.” The House of Representatives in September passed legislation that called for a study of the national-security risks posed by routers with ties to foreign adversaries, on which the Senate has yet to act.

………………………………………………………………………………………………………………………………………………………………………………………………

Separately, the U.S. Commerce Department is moving to further crack down on China Telecom’s U.S. unit over concerns it could exploit access to American data through their U.S. cloud and internet businesses by providing it to Beijing, a source told Reuters. The source confirmed a New York Times report that the department last week sent China Telecom Americas a preliminary determination that its presence in U.S. networks and cloud services poses U.S. national security risks and gave the company 30 days to respond.

Previously, the FCC moved to shrink China Telecom’s presence in the U.S.  In October 2021, nine months into Mr. Biden’s term, the Commission revoked all licenses for China Telecom Americas to provide ordinary phone services in the United States, saying it was “subject to exploitation, influence and control by the Chinese government.”  That left in place China Telecom’s network nodes on U.S. telecom networks and carrier neutral data centers with the power to “peer in” to internet and phone traffic. That ability would be stripped under the Commerce Department order, assuming that the Trump administration went along. China Telecom Americas did not respond to messages left at its office in Herndon, Va.

“We’ve been taking a hard look at where Chinese technologies are in the United States and asking ourselves the question of, is this an acceptable level of risk?” Anne Neuberger, the deputy national security adviser for cyber and emerging technologies, said in an interview on Monday. “For a number of years, these companies have operated networks and cloud service businesses in the U.S., which involved network equipment that’s co-located with our internet infrastructure. And while in the past we may have viewed this as an acceptable level of risk, that is no longer the case.”

The F.C.C. action to block China Telecom from most of its business in the United States did not prevent Volt Typhoon — China’s placement of malicious code in the electric grid and water and gas pipeline networks — or Salt Typhoon, the surveillance effort that was uncovered over the summer. Taken together, officials say, they amount to the most significant assault on American critical infrastructure in the digital age.

Speaking last week at the Paley Center for Media in Manhattan, Gen. Timothy D. Haugh, the director of the National Security Agency and commander of U.S. Cyber Command, said, “If I look at today, the PRC is not deterred,” using the initials for the People’s Republic of China.  He declined to say whether his forces were conducting offensive operations against China in retaliation for any of its recent incursions into American networks.

On Sunday, President-elect Donald J. Trump’s incoming national security adviser, Representative Mike Waltz, a Florida Republican, suggested on CBS’s “Face the Nation” that the new administration would be much more tempted to use offensive cyber-actions against China.  “We need to start going on offense and start imposing, I think, higher costs and consequences to private actors and nation-state actors that continue to steal our data, that continue to spy on us and that, even worse, with the Volt Typhoon penetration, that are literally putting cyber time bombs on our infrastructure, our water systems, our grids, even our ports,” he said.

Officials have said they do not believe that the Chinese hackers have been ousted from the networks of at least eight telecommunications firms, including the nation’s two largest, Verizon and AT&T. That suggests that China’s hackers retain the capability to escalate.

Since Microsoft first alerted the telecommunications firms over the summer that they had found evidence of hackers deep in their systems, the Biden administration has struggled to come up with a response. It created a task force inside the White House, and the issue is considered so serious that the group meets almost daily. Chief executives of the affected firms have been summoned to the Situation Room to come up with a joint plan of action.

https://www.wsj.com/politics/national-security/us-ban-china-router-tp-link-systems-7d7507e6?st=SEX5iL&reflink=desktopwebshare_permalink

https://www.cbsnews.com/news/tp-link-router-china-us-ban/

https://www.reuters.com/business/media-telecom/us-moves-boost-crackdown-china-telecoms-us-unit-source-says-2024-12-17/

https://www.nytimes.com/2024/12/16/us/politics/biden-administration-retaliation-china-hack.html

Aftermath of Salt Typhoon cyberattack: How to secure U.S. telecom networks?

WSJ: T-Mobile hacked by cyber-espionage group linked to Chinese Intelligence agency

China backed Volt Typhoon has “pre-positioned” malware to disrupt U.S. critical infrastructure networks “on a scale greater than ever before”

FBI and MI5 Chiefs Issue Joint Warning: Chinese Cyber Espionage on Tech & Telecom Firms

Quantum Technologies Update: U.S. vs China now and in the future

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

*

 
 

 

Archives