Lawmakers on the House Select Committee on the Strategic Competition Between the United States and the Chinese Communist Party are urging the Commerce Department to investigate security risks associated with Chinese-manufactured Wi-Fi routers. The inquiry specifically targets TP-Link, the world’s largest provider of consumer Wi-Fi devices, alongside other mainland China-based networking firms like Tenda. Representative John Moolenaar and Senior Member Raja Krishnamoorthi expressed concerns that these devices could be exploited for state-sponsored cyberattacks against U.S. critical infrastructure.
The push for federal oversight follows several high-profile security incidents involving Chinese networking hardware. In 2023, Check Point Research identified a malicious firmware implant used by a Chinese state-sponsored group, known as Camaro Dragon, which targeted TP-Link routers to facilitate espionage. While these vulnerabilities are often patched through firmware updates, the underlying concern involves the potential for hidden backdoors or the legal requirement for Chinese companies to cooperate with national intelligence requests. TP-Link, which maintains headquarters in both Singapore and the United States, continues to manufacture the vast majority of its hardware in mainland China.
For consumers and enterprise users prioritizing supply chain security, the networking landscape offers several alternatives headquartered in the U.S. or allied nations. Netgear and Linksys remain the primary American-based options for consumer and prosumer gear. Amazon-owned Eero also designs its mesh systems in the United States, though like most consumer electronics, physical assembly often occurs overseas. Analysts distinguish between the location of hardware assembly and the location where firmware development and security audits take place.
Taiwanese and European alternatives
Taiwanese manufacturers such as Asus and Synology represent significant alternatives to mainland Chinese brands. Asus remains a dominant player in the high-performance gaming segment with its ROG Rapture line, while Synology focuses on security-centric features and private cloud integration. Because Taiwan operates under a different legal framework than mainland China, these brands are generally excluded from the specific national security warnings issued by U.S. intelligence agencies regarding the PRC. Similarly, GL.iNet, while popular for its travel routers, faces increasing scrutiny due to its roots in Hong Kong, leading some security-conscious users to look toward European brands like AVM or MikroTik.
The Department of Commerce has not yet announced a formal ban on these products, but the regulatory pressure mirrors the actions previously taken against Huawei and ZTE. In those cases, the FCC eventually prohibited the authorization of new equipment from companies deemed a threat to national security. Current legislative proposals, including the ROUTER Act, aim to establish a more transparent rating system for consumer networking equipment to inform buyers about the origin of their device's software and hardware components.
The focus on router security is part of a broader strategy to secure the edge of the domestic network. As Wi-Fi 7 adoption increases, the complexity of modern firmware provides a larger attack surface for sophisticated actors. Cybersecuirty experts recommend that users currently owning devices from manufacturers under scrutiny should ensure automatic firmware updates are enabled and consider disabling remote management features to mitigate external exposure. Future procurement for government and military contractors already strictly prohibits the use of equipment from several of the brands mentioned in the recent congressional inquiry.
