Chairman John Moolenaar (R-MI) and Ranking Member Raja Krishnamoorthi (D-IL) of the House Select Committee on the Strategic Competition Between the United States and the Chinese Communist Party have identified a growing risk posed by Chinese Wi-Fi routers in the United States, specifically those manufactured by TP-Link Technologies. They have called on the Department of Commerce to verify this threat and investigate the company.
TP-Link, established in the People’s Republic of China (PRC), is the world’s largest provider of Wi-Fi products, selling over 160 million products annually to more than 170 countries. The company and its affiliates are also leading providers of Wi-Fi routers in the United States. Concerns have been raised that state-sponsored hackers may be able to compromise these routers more easily due to their Chinese origin, potentially infiltrating U.S. systems. Additionally, TP-Link is subject to PRC's stringent national security laws, which could compel it to hand over sensitive U.S. information to Chinese intelligence officials. Last year, security researchers discovered that PRC cyber military forces used TP-Link routers in a hacking campaign targeting government officials in European countries.
In a letter to Secretary of Commerce Gina Raimondo, Moolenaar and Krishnamoorthi wrote: “TP-Link’s unusual degree of vulnerabilities and required compliance with PRC law are in and of themselves disconcerting. When combined with the PRC government’s common use of SOHO [small office/home office] routers like TP-Link to perpetrate extensive cyberattacks in the United States, it becomes significantly alarming.”
They continued: “Given the PRC’s data and national security laws, the proliferation of PRC-made SOHO routers in the United States, and the demonstrated willingness of the PRC government to sponsor hacking attempts against the United States using PRC-affiliated SOHO routers like those made by TP-Link, we request that Commerce verify the threat posed by PRC-affiliated SOHO routers—particularly those offered by the world’s largest manufacturer, TP-Link—and consider using its ICTS [information and communication technology services] authorities to properly mitigate this glaring national security issue.”
Chairman Moolenaar and Ranking Member Krishnamoorthi have requested Secretary Raimondo's threat assessment and mitigation plan by August 30th.
