Routers from China-based TP-Link a national security threat, US lawmakers claim
U.S. lawmakers are urging an investigation into TP-Link routers over cybersecurity vulnerabilities, citing national security concerns related to Chinese data laws and potential exploitation by hackers, including the Volt Typhoon group.
Read original article
U.S. lawmakers are urging the Commerce Department to investigate the cybersecurity risks associated with routers from the Chinese company TP-Link Technologies. Representatives John Moolenaar and Raja Krishnamoorthi expressed concerns in a letter to Commerce Secretary Gina Raimondo, highlighting the "unusual degree of vulnerabilities" found in TP-Link routers. They requested a response by the end of August regarding whether these products should be restricted in the U.S. The lawmakers pointed to China's stringent data protection laws, which they argue compel companies like TP-Link to comply with government demands, raising national security concerns. They also referenced cyber activities by the Chinese APT group Volt Typhoon, which has targeted home routers to launch attacks on U.S. critical infrastructure. Past incidents have shown that vulnerabilities in TP-Link routers have been exploited by hackers to create botnets and disrupt services. TP-Link has stated that it does not sell routers in the U.S. and has undergone a global restructuring to separate its operations in China from its U.S. entity. U.S. national security agencies have long been wary of Chinese regulations that may allow government hackers to exploit vulnerabilities before they are disclosed publicly.
- U.S. lawmakers are calling for an investigation into TP-Link routers due to cybersecurity vulnerabilities.
- Concerns are raised about compliance with Chinese government data demands.
- The Chinese APT group Volt Typhoon has been linked to attacks using compromised routers.
- TP-Link claims it does not sell routers in the U.S. and has restructured its operations.
- National security agencies worry about Chinese regulations affecting vulnerability reporting.
Related
Linksys Velop routers send Wi-Fi passwords in plaintext to US servers
Linksys Velop routers, including Velop Pro 6E and 7 models, transmit Wi-Fi login details to Amazon servers in plaintext, risking man-in-the-middle attacks. Linksys has not effectively addressed the issue despite alerts. Testaankoop advises against purchasing affected routers.
UK cyber-boss slams China's bug-hoarding laws
The UK's NCSC CEO criticized China's cyber laws, citing concerns over cyber activities. AWS denied business issues in China. Japan found remnants of a supernova. India succeeded in telecom manufacturing incentives. Mt Gox repaid investors. Singapore intervened in Grab's acquisition. Australia ordered a tech review. Various alliances and deals occurred in the Asia-Pacific region, reflecting cybersecurity, tech advancements, and regulations.
Linksys Velop Routers Caught Sending WiFi Creds in the Clear
Velop Pro routers by Linksys sent WiFi data unencrypted to a remote server during setup, exposing SSID and encryption key. Linksys failed to address the issue despite warnings, prompting criticism. Users advised to configure routers locally to avoid data exposure.
Is Lenovo a blind spot in US anti-China security measures?
Lenovo's involvement in the Joint Cyber Defense Collaborative raises concerns about its Chinese origins amid U.S. scrutiny of Chinese firms, despite its denial of government control and commitment to cybersecurity.
U.S. lawmakers urge probe into security risks of Chinese TP-Link Wi-Fi routers
U.S. lawmakers are urging an investigation into TP-Link routers due to cybersecurity vulnerabilities and potential compliance with Chinese government demands, amid concerns over attacks linked to the Volt Typhoon hacking group.
2 commentsMy sense is "no, it wouldn't".
Related
Linksys Velop routers send Wi-Fi passwords in plaintext to US servers
Linksys Velop routers, including Velop Pro 6E and 7 models, transmit Wi-Fi login details to Amazon servers in plaintext, risking man-in-the-middle attacks. Linksys has not effectively addressed the issue despite alerts. Testaankoop advises against purchasing affected routers.
UK cyber-boss slams China's bug-hoarding laws
The UK's NCSC CEO criticized China's cyber laws, citing concerns over cyber activities. AWS denied business issues in China. Japan found remnants of a supernova. India succeeded in telecom manufacturing incentives. Mt Gox repaid investors. Singapore intervened in Grab's acquisition. Australia ordered a tech review. Various alliances and deals occurred in the Asia-Pacific region, reflecting cybersecurity, tech advancements, and regulations.
Linksys Velop Routers Caught Sending WiFi Creds in the Clear
Velop Pro routers by Linksys sent WiFi data unencrypted to a remote server during setup, exposing SSID and encryption key. Linksys failed to address the issue despite warnings, prompting criticism. Users advised to configure routers locally to avoid data exposure.
Is Lenovo a blind spot in US anti-China security measures?
Lenovo's involvement in the Joint Cyber Defense Collaborative raises concerns about its Chinese origins amid U.S. scrutiny of Chinese firms, despite its denial of government control and commitment to cybersecurity.
U.S. lawmakers urge probe into security risks of Chinese TP-Link Wi-Fi routers
U.S. lawmakers are urging an investigation into TP-Link routers due to cybersecurity vulnerabilities and potential compliance with Chinese government demands, amid concerns over attacks linked to the Volt Typhoon hacking group.