According to the agency, TP-Link routers may no longer be available in the United States. Washington Post report last week. A potential ban is looking increasingly likely as more than a half-dozen federal departments and agencies have backed the proposal.
This news first appeared in December last year when The Wall Street Journal reported this. that investigators from the Commerce, Defense and Justice departments had opened investigations into the company due to national security risks posed by its ties to China. Since then, news about TP-Link has been relatively quiet.
The proposal has now received interdepartmental approval.
“Business officials have concluded that TP-Link Systems' products pose a risk because the U.S. company's products handle sensitive U.S. data and because officials believe they remain under the jurisdiction or influence of the Chinese government,” the Washington Post reported.
TP-Link's ties to the Chinese government are just accusations. The company, technically called TP-Link Systems, has vehemently denied being a Chinese company in the past.
“As an independent American company, no foreign country or government, including China, has access to or control over the development and manufacture of our products,” a TP-Link spokesperson told CNET.
TP-Link was founded in Shenzhen, China, in 1996 by two brothers, Jeffrey (Jianjun) Chao and Jiaxing Zhao. In October 2024, two months after members of the House Select Committee called for an investigation For TP-Link routers, the company was divided into two parts: TP-Link Technologies and TP-Link Systems.
The latter is headquartered in Irvine, California, and has about 500 employees in the United States and 11,000 in China, according to a Washington Post report. TP-Link Systems is owned by Chao and his wife.
“The unusual degree of vulnerability of TP-Link and the need to comply [Chinese] the laws themselves are confusing,” lawmakers wrote in October 2024. “In combination with [Chinese] general government use [home office] With routers like TP-Link launching massive cyberattacks in the United States, this is a major concern.”
Since the pandemic, the company has become a dominant force in the US router market. Its share has grown from 20% of total router sales in 2019 to about 65% this year, according to a magazine report. TP-Link disputed these figures in an interview with CNET, and a separate analysis of IT platform Lansweeper found that 12% of home routers currently used in the USA are manufactured by TP-Link. According to a Wall Street Journal report, more than 300 Internet service providers provide TP-Link routers to their customers.
Separately, the Justice Department's antitrust division is investigating whether TP-Link engaged in predatory pricing policy artificially lowering prices to drive out competitors.
CNET included several TP-Link models in our lists. best Wi-Fi routers and will be watching this story closely to see if we need to re-evaluate this choice.
“We do not sell products below cost. Our prices are not only above cost, but also generate significant profits for businesses,” a TP-Link spokesperson told CNET.
The potential ban has undergone interagency review and is currently under review by the Commerce Department. According to the Washington Post, sources familiar with the details of the ban said the Trump administration's ongoing negotiations with China have made the chances of a ban in the near future less likely.
“Any concerns the government may have about TP-Link are entirely resolvable through a combination of sensible measures such as strengthening development functions, investing in cybersecurity and transparency,” the spokesperson said. “TP-Link will continue to work with the U.S. Department of Commerce to ensure we understand and can respond to any government concerns.”
Never miss any of our unbiased technical content and behind-the-lab reviews. Add CNET as Google's preferred source.
How worried should you be about your TP-Link router?
I wrote a few months ago that I was in no hurry to change my TP-Link router.and, in fact, this is how I still feel.
When this news first broke last December, I asked four cybersecurity experts whether they will still use the TP-Link router. One answered with a resounding “no.” Another said there was a “risk to the consumer.” And two refused to answer the question directly.
Itai Cohen was one of the authors of the 2023 report, which identified firmware implant in TP-Link routers linked to a Chinese state-sponsored hacking group. In a previous interview, he told me that similar implants have been found on other brands of routers manufactured around the world.
“I don’t think there’s enough public evidence to support a complete shift away from routers from China,” Cohen said. “The vulnerabilities and risks associated with routers are largely systemic and affect a wide range of brands, including those made in the United States.”
I've heard this version from every cybersecurity expert I've talked to. TP-Link has security flaws, but so do all routers, and I couldn't point to any that indicated cooperation specifically with the Chinese government.
“We analyzed a huge number of TP-Link firmwares. We find different things, but we find them in everything,” said Thomas Pace, CEO of cybersecurity company NetRise and a former Department of Energy security contractor.
However, it is possible that the government is aware of vulnerabilities that the public is not aware of.
For now, I'm still comfortable using the TP-Link router, knowing that I'm following some basic network security best practicesbut my risk tolerance may be higher than others.
How to protect your network if you have a TP-Link router
If you're one of the millions of Americans who use a TP-Link router, news of a potential ban may upset you.
A Microsoft's report for last year found that TP-Link routers since August 2023 are being used for “password spraying attacks” which typically occur when the router using default password.
Here's what you can do to protect yourself right now:
Update your login credentials. A shocking number of attacks on routers occur because the user never changed the default login credentials set by the router manufacturer. Most routers have an app that allows you to update your login credentials, but you can also enter your router's IP address in the URL. These credentials are different from your Wi-Fi name and password, which should also be changed. every six months or so. As always with passwords, avoid common words and character combinations. It's best to use longer passwords and not reuse passwords from other accounts.
Use a VPN. If you're worried about prying eyes from the Chinese government or anyone else, the best thing you can do to keep your connection private is use a quality VPN. Privacy-conscious people should look for advanced features such as entanglement, Tor via VPN and dual VPN, which uses a second VPN server for an additional layer of encryption. You can even install a VPN on your router directly so that all your traffic is automatically encrypted.
Turn on your firewall and Wi-Fi encryption. They're usually enabled by default, but now is the time to make sure they're enabled. This will make it more difficult for hackers to access data transferred between your router and the devices that connect to it. You can also find these settings by logging into your router through its app or website.
Consider buying a new router. I always recommend buying your own router instead of renting one from your ISP. Basically it's saving measurebut if your ISP uses TP-Link equipment, now may be the time to switch to a different brand. The main thing is to look WPA3 certification — the most advanced security protocol for routers.
Update the firmware. Last year, a TP-Link representative told me that customers should regularly check for firmware updates to ensure the security of their router. “To do this, customers with TP-Link Cloud accounts can simply click the ‘Check for Updates’ button in their product’s firmware menu,” the spokesperson said. “All other customers can find the latest firmware on their product downloads page on TP-Link.com.”
