The United States has moved to block the import and sale of all new consumer-grade routers manufactured outside the country, in a sweeping national security measure that could reshape the global market for home and business networking equipment.
The Federal Communications Commission (FCC) on 23 March updated its Covered List to include all consumer-grade routers produced in foreign countries, following a determination by a White House-convened interagency body that such devices pose unacceptable risks to US national security and the safety of American consumers.
The ban prohibits new models of foreign-made routers from receiving FCC equipment authorisation, which is required before any electronic device can be legally imported, marketed, or sold in the United States. Routers that previously received FCC authorisation can continue to be imported and sold, and consumers who already own covered devices are not required to take any action.
The decision cited three major cyberattack campaigns as evidence of the threat. The FCC pointed to the Volt, Salt, and Flax Typhoon operations, linking them to China-backed hacking groups that exploited vulnerabilities in foreign-made routers to attack US households, disrupt networks, and enable espionage and surveillance. According to Reuters, China commands roughly 60% of the US consumer router market.
However, cybersecurity researchers have noted that the same vulnerabilities exploited in those campaigns also exist in American-brand routers. Salt Typhoon is known to have targeted Cisco hardware, a California company, while Flax Typhoon compromised at least 126,000 devices in the US spanning both foreign and domestic brands.
Researchers at GreyNoise Intelligence described the FCC decision as fundamentally flawed, arguing that the vast majority of routers are assembled or manufactured outside the US, often in Taiwan or China, and that products labelled “made in the US” are most likely only assembled domestically, with core components fabricated elsewhere.
The ban mirrors the FCC’s December 2025 decision to prohibit foreign-made drones, using an identical regulatory mechanism. As with the drone ruling, companies can apply for a Conditional Approval from the Department of War (DoW) or the Department of Homeland Security (DHS) to be exempt from the ban, but no such approvals have yet been granted for routers.
TP-Link Systems, one of the world’s largest router makers, which was founded in China and is now headquartered in California, said it was confident in the security of its supply chain and welcomed an evaluation of the entire industry. Netgear said it commended the administration and the FCC for their action toward a safer digital future.
No router is currently manufactured entirely within the United States, meaning the ban will affect every major brand operating in the market. Industry analysts expect legal challenges similar to the court petition filed by drone maker DJI after its own exclusion from the US market.
