![](\"https:\/\/media.wired.com\/photos\/67b77170169bc6235094203e\/master\/pass\/TP-Link_About-Us_Innovation-and-Quality-SOURCE-TP-Link.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Simon Hill| Date: Fri, 21 Feb 2025 13:30:00 +0000<\/strong><\/p>\n If you buy something using links in our stories, we may earn a commission. This helps support our journalism. Learn more<\/a>. Please also consider subscribing to WIRED<\/a><\/p>\n TP-Link is one of the most popular router<\/a> manufacturers in the US, but the company is facing a potential ban due to security concerns about its links to China. A December report from The Wall Street Journal<\/a> revealed that the US Commerce, Defense, and Justice Departments are investigating TP-Link, though no evidence of deliberate wrongdoing has yet emerged.<\/p>\n \u201cWe are a US company,\u201d Jeff Barney, president of TP-Link told WIRED, \u201cWe have no affiliation with TP-Link Tech, which focuses on mainland China, and we can prove our separateness.\u201d<\/p>\n The investigation was sparked by a letter from<\/a> John Moolenaar, a Republican for Michigan, and Raja Krishnamoorthi, a Democrat of Illinois. Both are on the House Select Committee on the Strategic Competition Between the United States and the Chinese Communist Party. They outlined concerns that Chinese state-sponsored hackers may be able to compromise TP-Link\u2019s routers more easily than other brands and thereby infiltrate US systems, and that TP-Link is subject to Chinese law, meaning it can be forced to hand over sensitive US information by Chinese intelligence officials.<\/p>\n TP-Link was founded in China in 1996 by two brothers, and TP-Link USA was established in 2008. It wasn\u2019t until 2022 that the Chinese and US wings began to split. The process of moving the 170 subsidiaries and all the related ownership out of Hong Kong and into the United States was delayed by the pandemic, says Barney, but it was divested and restructured by 2024.<\/p>\n TP-Link now has headquarters in California, a branch in Singapore, and manufactures in Vietnam. It researches, designs, develops, and manufactures everything except chipsets in-house, according to Barney. \u201cOur entities in China are governed directly by us, our employees badged by us, secured by us, in our own facilities.\u201d He also says TP-Link has shared documentation with investigators and that its factory in Vietnam was audited by US retail partners like Walmart, Best Buy, and Costco.<\/p>\n \u201cEverybody has a Nexus in China,\u201d Barney says. He claims that American rival Netgear uses Chinese ODMs (original device manufacturers) to build its products and that even Apple relies on manufacturing in China<\/a>. Netgear says its routers are manufactured in Taiwan, Vietnam, and Thailand, not China.<\/p>\n The WSJ report<\/a> suggests that TP-Link has a leading 64.9 percent share of the US router market<\/a>, but TP-Link disputes this. The company claims its share hovered around 20 percent for the last few years, but jumped to a 36.5 percent unit share and a 30.7 percent dollar share in 2024, according to Circana data. But even TP-Link\u2019s lower estimate shows a company in the ascendancy. This dominance has been driven by aggressively low prices and a relatively early roll-out of Wi-Fi 7<\/a> routers, perceived by some as a concerted effort to flood the US market.<\/p>\n \u201cTechnology should not be exorbitant,\u201d Barney says. \u201cWe're trying to democratize these products.\u201d<\/p>\n However, the wide product range raises questions, with many wondering how TP-Link can profit from routers sold at such low prices compared to the competition. Former CNET reviewer Dong Ngo explores this point<\/a> on the in-depth router review website, Dong Knows.<\/p>\n Concerns about the links between Chinese companies and its government are nothing new. The ban on Huawei\u2019s networking equipment<\/a> and US sanctions<\/a> came after years of cybersecurity concerns and intellectual property lawsuits brought by US companies. The TikTok ban<\/a> is not being enforced by President Donald Trump\u2019s administration<\/a>, but owner ByteDance is still under pressure to divest its US operations. These situations can be tricky for the average person to navigate because the lines between shoddy security, Chinese espionage, US protectionism, and the growing trade war are distinctly blurry and are not mutually exclusive.<\/p>\n It\u2019s no secret that US competitor Netgear has been lobbying<\/a> the US government on \u201ccybersecurity and strategic competition with China.\u201d Netgear has had a tough couple of years after adopting a premium pricing strategy that did not resonate with consumers. It has also been embroiled in litigation against TP-Link for patent infringement, resulting in TP-Link paying a $135 million settlement<\/a> in September 2024.<\/p>\n TP-Link has signed CISA\u2019s \u201cSecure by Design<\/a>\u201d pledge and is part of the Technical Exchange Group. It has a vulnerability disclosure program, where independent researchers and the security community can report potential issues to security@tp-link.com. It claims report response time was 8.4 days on average in 2023, with patches released in an average of 38.5 days. The company is also planning to launch a bug bounty program.<\/p>\n Barney claims TP-Link\u2019s rate of vulnerabilities per product is significantly lower than many of its peers, including Netgear and Cisco, citing public data collected by Finite State, an independent US cybersecurity company, from CVE Details<\/a>, VulDB<\/a>, and CISA (Cybersecurity and Infrastructure Security Agency)<\/a>, but not everyone agrees.<\/p>\n \u201cTP-Link does not have a great reputation for patching vulnerabilities or working with security researchers, which does raise alarm bells,\u201d Pieter Arntz, malware intelligence researcher for Malwarebytes<\/a> told WIRED via email.<\/p>\n TP-Link was criticized in a recent Microsoft report<\/a> over a \u201cpassword spraying\u201d hack that mostly impacted its routers, and the report suggested Chinese \u201cnation-state threat actor activity.\u201d Barney says these were end-of-service products and that Asus and Netgear routers were also impacted.<\/p>\n Other incidents include a Check Point Research<\/a> expos\u00e9 of a malicious firmware implant for TP-Link routers, linked to a Chinese state-sponsored \u201cadvanced persistent threat\u201d group dubbed \u201cCamaro Dragon.\u201d Cyfirma researchers<\/a> also found TP-Link router vulnerabilities for sale on underground forums.<\/p>\n \u201cIt\u2019s also a challenge because regardless of the home router vendor, there will always be vulnerabilities found,\u201d Arntz says.<\/p>\n A part of the problem with older routers is that the onus is often on the user to download and install updates, and this is rarely automatic or as simple as clicking on \u201cupdate,\u201d which means many patches are never installed, creating vulnerable devices for any savvy cybercriminals or nation-states. Even months after TP-Link released patches<\/a> for a vulnerability on its popular Archer AX21 router, hackers continue to scan for<\/a> and exploit it on unpatched routers.<\/p>\n These security concerns are moot in the face of built-in backdoors. Backdoors can be pieces of code or even hardware added to the circuit board that enables remote parties to gain access and potentially control the device. There\u2019s no evidence that TP-Link devices have backdoors, but, as Ngo points out<\/a>, when you use an online account with your router, you are already giving the company access through the front door. Whether remote connectivity is justified by the need for automatic software updates, remote control access, or other features for users, it effectively gives the manufacturer access to your router.<\/p>\n Ultimately, the concern isn\u2019t so much about the Chinese government or other malicious actors spying on your web browsing habits\u2014though that is possible\u2014it\u2019s the idea they might employ your router as a part of a botnet to launch a cyberattack on a US government agency or major service provider.<\/p>\n The NSA has been concerned about Chinese hackers<\/a> for some time now, and China's Salt Typhoon spies<\/a> continue to infiltrate US internet service providers and telecommunications companies. Speaking on the NatSec Tech<\/em> podcast recently<\/a>, former special assistant to the president and cybersecurity coordinator on the US National Security Council, Rob Joyce, likened TP-Link routers to a Trojan Horse and suggested China is pre-positioning for a potentially devastating attack on US infrastructure.<\/p>\n While some cybersecurity experts suggest a ban is imminent, Barney is confident that TP-Link routers won\u2019t be banned. Investigations are ongoing. Even if the government doesn't find anything or decides against a ban, it won\u2019t publicly clear TP-Link. It\u2019s more likely the investigation will fade from the news.<\/p>\n For owners of a TP-Link router or anyone considering buying one, it all boils down to trust. We've tested and recommend several TP-Link routers<\/a> and Deco mesh systems<\/a> in our buying guides because they offer good value and great performance. But we continually update our guides and will monitor the situation before deciding whether we need to reconsider those recommendations.<\/p>\n There\u2019s no easy fix because all the major router manufacturers have issues with vulnerabilities, and most of them require you to use an online account. You can go down the rabbit hole with router security<\/a>, or seek out security-focused brands like Firewalla<\/a>, but expect to pay more for your equipment in both time and money.<\/p>\n Even if you stick with what you have, there are steps you can take to be more secure online. We recommend using a VPN service<\/a> and learning a little about router settings. Malwarebytes\u2019 Arntz says the most secure router is the one on which you are comfortable changing the settings: credentials, firewall options, and especially installing updates.<\/p>\n Here\u2019s his advice for home TP-Link router owners who are concerned:<\/p>\n TP-Link also manufactures a wide range of smart home devices marketed under the Tapo brand<\/a>, including everything from security cameras<\/a> to water leak detectors<\/a>. These are not part of the current investigation, which seems to be focused solely on routers. TP-Link says it has applied to the FCC\u2019s Cyber Trust Mark program<\/a> administered by UL Solutions<\/a>, which ensures that internet-of-things devices are tested and labeled secure. Sadly, there is no such program for routers.<\/p>\n