U.S. lawmakers urge probe into security risks of Chinese TP-Link Wi-Fi routers
U.S. lawmakers are urging an investigation into TP-Link routers due to cybersecurity vulnerabilities and potential compliance with Chinese government demands, amid concerns over attacks linked to the Volt Typhoon hacking group.
Read original article
U.S. lawmakers are urging the Commerce Department to investigate the cybersecurity risks associated with routers from the Chinese company TP-Link Technologies. Representatives John Moolenaar and Raja Krishnamoorthi expressed concerns in a letter to Commerce Secretary Gina Raimondo, highlighting the "unusual degree of vulnerabilities" found in TP-Link routers. They requested a response by the end of August regarding potential security risks and whether TP-Link products should face restrictions in the U.S. The lawmakers pointed to China's stringent data protection laws, which they argue compel companies like TP-Link to comply with the Chinese government's demands. They also referenced cyber activities by the Chinese hacking group Volt Typhoon, which has targeted U.S. critical infrastructure by infiltrating home routers. Past incidents have shown that vulnerabilities in TP-Link routers have been exploited by hackers to launch attacks or create botnets. TP-Link has stated that it does not sell routers in the U.S. and has undergone a global restructuring to separate its operations in China from its U.S. entity. U.S. national security agencies have raised alarms about Chinese regulations that may allow government hackers to exploit vulnerabilities before they are disclosed publicly.
- U.S. lawmakers are calling for an investigation into TP-Link routers due to cybersecurity concerns.
- The request is based on vulnerabilities in TP-Link products and potential compliance with Chinese government demands.
- The Chinese hacking group Volt Typhoon has been linked to attacks involving home routers.
- TP-Link claims it does not sell routers in the U.S. and has restructured its operations.
- National security agencies are wary of Chinese regulations affecting vulnerability reporting.
Related
Linksys Velop routers send Wi-Fi passwords in plaintext to US servers
Linksys Velop routers, including Velop Pro 6E and 7 models, transmit Wi-Fi login details to Amazon servers in plaintext, risking man-in-the-middle attacks. Linksys has not effectively addressed the issue despite alerts. Testaankoop advises against purchasing affected routers.
UK cyber-boss slams China's bug-hoarding laws
The UK's NCSC CEO criticized China's cyber laws, citing concerns over cyber activities. AWS denied business issues in China. Japan found remnants of a supernova. India succeeded in telecom manufacturing incentives. Mt Gox repaid investors. Singapore intervened in Grab's acquisition. Australia ordered a tech review. Various alliances and deals occurred in the Asia-Pacific region, reflecting cybersecurity, tech advancements, and regulations.
Linksys Velop Routers Caught Sending WiFi Creds in the Clear
Velop Pro routers by Linksys sent WiFi data unencrypted to a remote server during setup, exposing SSID and encryption key. Linksys failed to address the issue despite warnings, prompting criticism. Users advised to configure routers locally to avoid data exposure.
Avoid ISP Routers
Using ISP-provided routers is discouraged due to security vulnerabilities, default passwords, restricted settings, and potential backdoors. Investing in independent routers enhances security and control over network settings.
Is Lenovo a blind spot in US anti-China security measures?
Lenovo's involvement in the Joint Cyber Defense Collaborative raises concerns about its Chinese origins amid U.S. scrutiny of Chinese firms, despite its denial of government control and commitment to cybersecurity.
2 commentsRelated
Linksys Velop routers send Wi-Fi passwords in plaintext to US servers
Linksys Velop routers, including Velop Pro 6E and 7 models, transmit Wi-Fi login details to Amazon servers in plaintext, risking man-in-the-middle attacks. Linksys has not effectively addressed the issue despite alerts. Testaankoop advises against purchasing affected routers.
UK cyber-boss slams China's bug-hoarding laws
The UK's NCSC CEO criticized China's cyber laws, citing concerns over cyber activities. AWS denied business issues in China. Japan found remnants of a supernova. India succeeded in telecom manufacturing incentives. Mt Gox repaid investors. Singapore intervened in Grab's acquisition. Australia ordered a tech review. Various alliances and deals occurred in the Asia-Pacific region, reflecting cybersecurity, tech advancements, and regulations.
Linksys Velop Routers Caught Sending WiFi Creds in the Clear
Velop Pro routers by Linksys sent WiFi data unencrypted to a remote server during setup, exposing SSID and encryption key. Linksys failed to address the issue despite warnings, prompting criticism. Users advised to configure routers locally to avoid data exposure.
Avoid ISP Routers
Using ISP-provided routers is discouraged due to security vulnerabilities, default passwords, restricted settings, and potential backdoors. Investing in independent routers enhances security and control over network settings.
Is Lenovo a blind spot in US anti-China security measures?
Lenovo's involvement in the Joint Cyber Defense Collaborative raises concerns about its Chinese origins amid U.S. scrutiny of Chinese firms, despite its denial of government control and commitment to cybersecurity.