The U.S. government is reportedly preparing a ban on sales of TP-Link networking equipment, citing national security risks due to the company’s alleged ties to the Chinese government. This move targets a brand that holds a significant share of the home and small business router market, largely due to its competitive pricing and performance.

TP-Link has vigorously disputed these claims, stating it is a U.S.-based company that has fully separated from its former Chinese parent entity, TP-Link Technologies. The company asserts that it manufactures products in Vietnam and operates without Chinese government supervision.

Why is TP-Link Being Targeted?

The proposed ban is backed by multiple federal agencies, with officials expressing concern that TP-Link products could be influenced by Beijing. These fears are compounded by cybersecurity reports from firms like Check Point and Microsoft, which have documented Chinese state-sponsored hacking groups exploiting vulnerabilities in TP-Link routers to conduct cyberattacks. Lawmakers have also raised alarms about the presence of these devices on U.S. military bases.

Router Security Best Practices for All Users

While the focus is on TP-Link, the situation highlights a broader issue: many consumer-grade routers are insecure out of the box. Regardless of the brand, users should always change default administrative passwords and ensure the device’s firmware is updated immediately. Many modern routers automate this process through mobile apps.

For TP-Link owners concerned about the news, there may be an alternative to replacing their hardware. Many TP-Link models are compatible with open-source firmware like OpenWrt or DD-WRT. Installing this alternative firmware can replace the manufacturer’s software, potentially mitigating vendor-specific vulnerabilities and hard-coded credentials.