Your Home Router Just Became a National Security Issue

The router sitting in your living room just became a geopolitical flashpoint.

The Federal Communications Commission has banned the sale of new consumer Wi-Fi routers manufactured outside the United States, effective immediately. Every major brand you've ever bought—TP-Link, Netgear, Asus, Eero, Google Nest, Linksys—falls under the new rule. So does virtually every router your internet provider has ever handed you.

This isn't a targeted strike at one Chinese company. It's a sweeping redefinition of what counts as a security risk inside your home.

What the Ban Actually Does (and Doesn't Do)

Let's be precise, because the headlines are murkier than the policy. The ban applies only to new consumer routers not yet approved for sale in the US. If you bought a router last month, it's fine. If your ISP installed one last year, that's fine too. The FCC has been explicit: existing devices can continue to be sold, used, and updated with firmware.

What changes is the pipeline. Any router manufactured outside the US—including those made by American companies in overseas factories—now needs Conditional Approval from the Department of Defense and the Department of Homeland Security before it can be imported, marketed, or sold. Applications must disclose ownership structures, board membership, component origins, IP ownership, assembly locations, and firmware sourcing. The final section asks for a US manufacturing and onshoring plan. The message is unmistakable: make it here, or explain why you shouldn't have to.

As of today, not a single router or manufacturer has received Conditional Approval.

Why Routers, Why Now

The FCC pointed to three specific cyberattack campaigns: Volt Typhoon, Flax Typhoon, and Salt Typhoon—all linked to Chinese state-sponsored actors, all exploiting vulnerabilities in foreign-made networking hardware to penetrate US power grids, telecom networks, and government systems. These weren't theoretical threats. Salt Typhoon alone reportedly compromised major US telecommunications carriers for months before detection.

The timing also tracks with a broader pattern in Washington. The US has already moved to restrict Chinese-made drones, Huawei equipment in telecom infrastructure, and semiconductors from adversarial nations. Consumer routers are the next link in that chain—and arguably the most intimate one, sitting inside 140 million American homes.

Sponsored

Advertise with Us

[email protected]

Sponsored

TP-Link has been under investigation by the Commerce, Defense, and Justice departments for over a year. Texas Attorney General Ken Paxton sued the company in February, alleging it enables Chinese Communist Party access to American devices. TP-Link's co-founder and CEO, Jeffrey Chao, recently applied for US permanent residency through the Trump administration's Gold Card program—a move widely read as a bid to reframe the company as American-rooted.

TP-Link holds roughly 35% of the US consumer router market. Netgear and Asus account for another 25% combined. There is essentially no router brand of significance that isn't caught in this net.

Who Wins, Who Loses

The clearest short-term winner is Netgear, whose stock rose on the news. Investors appear to be betting that as a US-headquartered, Nasdaq-listed company with manufacturing already shifted to Vietnam, Thailand, and Taiwan, it's better positioned to navigate the approval process than competitors. Netgear called the decision "a step forward" for national security. Whether that's conviction or strategic positioning is worth considering.

TP-Link faces the steepest climb. Despite its insistence that it's now a US-headquartered company manufacturing in Vietnam, its Chinese origins remain a political liability that no amount of rebranding has fully neutralized. The company's argument—that "virtually all routers are made outside the United States"—is factually accurate but strategically unhelpful when you're the one most associated with the threat narrative.

Asus, headquartered in Taiwan, sits in an interesting middle ground. Taiwan is a US ally, but the company still produces a significant share of its routers in China and Taiwan. Its stock didn't move much on the news, suggesting markets aren't sure what to make of it yet.

The only company making routers in the US at any meaningful scale? Starlink, part of Elon Musk's SpaceX, manufacturing Wi-Fi routers in Texas. Even those rely heavily on East Asian components.

For consumers, the near-term impact is limited. Shelves aren't going empty tomorrow. But if manufacturers can't get Conditional Approval and can't quickly spin up US production, supply will tighten. When supply tightens, prices rise. Wi-Fi 7 routers already retail between $200 and $600. Add reshoring costs, and that ceiling could move significantly higher.

The Questions the FCC Didn't Answer

The ban leaves several gaps that matter. Why does it apply only to consumer routers and not enterprise networking equipment, which is arguably more critical infrastructure? If the routers currently on store shelves are safe enough to keep selling, what exactly changed overnight that makes the next shipment dangerous? And if a router is assembled in the US from Chinese-made chips—which is the dominant component supply chain—does it qualify as domestic?

The FCC's own FAQ acknowledges the ambiguity: "Applicants will need to be able to have sufficient evidence that the routers were not produced in a foreign country... but there is no specific documentation or evidence required." That's a standard without a measuring stick.

These aren't minor implementation details. They're the difference between a policy that reshapes the industry and one that creates a compliance theater while the underlying security vulnerabilities remain unaddressed.