Trump administration bans import of new foreign-made routers over security risks

The Trump administration has banned imports of new, foreign-made routers, with the Federal Communications Commission saying the devices pose supply-chain and cybersecurity risks. The FCC’s action updates a “covered list” of communications equipment and services that the agency says “to pose an unacceptable risk to the national security of the U.S. or the safety and security of Americans.”

In its notice, the FCC said the newest addition to the covered list targets consumer-grade routers—the boxes that carry traffic between home computers, phones and smart devices and the internet. The FCC said the risk concerns center on how malicious actors can exploit security gaps in foreign-made routers.

The FCC said “Malicious actors have exploited security gaps in foreign-made routers to attack American households, disrupt networks, enable espionage, and facilitate intellectual property theft.” The agency said it cited several examples of foreign-made routers that were involved in cyberattacks targeting U.S. infrastructure.

The FCC also said the ban includes an exemption for routers that government agencies have granted conditional approval after determining the devices do not pose unacceptable risks. Producers of consumer-grade routers, the FCC said, can apply for conditional approval under that process.

For consumers, the agency said the updated restrictions apply to new device models. It said people can continue to use routers they already purchased, and it said previously authorized router models remain available for sale through retailers.

The FCC noted that if consumers delay upgrading their home networking hardware, shortages could emerge as older, authorized stock is sold through and producers restructure supply chains and seek U.S. approval for new models. In the same context, the FCC said the overall regulatory approach is aimed at the next wave of devices rather than eliminating access to routers already in use.

The FCC also said it was not clear whether any of the router production for U.S.-branded products is currently handled in the United States, or whether foreign-made routers produced by American companies are included in the ban. It cited examples of U.S. hardware companies such as Netgear and eero while describing that router production is “almost exclusively handled overseas,” according to the report.

The FCC said its updated restrictions reflect concerns about security vulnerabilities tied to foreign-made routers and the associated risks to households and U.S. networks.