The Federal Communications Commission on Monday moved to block new foreign-made consumer routers from receiving the equipment authorization needed for US sale, adding all consumer-grade routers manufactured outside the United States to the agency's national security blacklist. The order, based on a White House determination issued March 20, could disrupt nearly every major home-router brand. Existing models are not affected.

China controls an estimated 60% of the US home router market, according to industry data cited in the FCC's announcement. But the ban extends well beyond Chinese products. It covers any router built outside US borders, regardless of the manufacturer's nationality or headquarters. Netgear builds in Taiwan, Amazon's Eero assembles in Asia, and Google Nest WiFi ships from overseas factories. All of them are now locked out of future product launches unless they secure a government exemption that requires, among other things, a concrete plan to move manufacturing onto American soil.

FCC Chairman Brendan Carr called it a win. "I welcome this Executive Branch national security determination," he said. Carr wants more. He promised the agency would keep going after foreign-origin network gear.

What Changed

How the Covered List works

The mechanism is blunt. Back in March 2020, Trump put his signature on something called the Secure and Trusted Communications Networks Act. It gave the FCC a blacklist. Equipment that lands on the list loses its shot at authorization for sale in the US market. Huawei went on first. ZTE followed. Both lost access to new US sales in 2021. Kaspersky Lab came next.

Routers now join the list. The new entry reads, "Routers produced in a foreign country, except routers which have been granted a Conditional Approval by DoW or DHS."

Once equipment lands on the Covered List, it cannot receive new FCC equipment authorization, the certification required before a device can be imported or sold. Applicants must certify their products are not covered. No authorization, no import, no sale. Three words that sum up the practical effect for any manufacturer without a US factory.

Existing models are not affected by this order and can continue to be sold and used for now, according to Reuters and the FCC's own fact sheet. Retailers can keep moving current inventory off their shelves. But the pipeline for new products is frozen solid.

For you, if you're shopping for a router right now, nothing changes immediately. The one sitting on your desk works fine. Current stock stays on store shelves. The squeeze arrives later, when authorized inventory runs thin and no new models come in to replace it.

The attacks were real

The FCC did not invent its justification. Volt Typhoon, Flax Typhoon, and Salt Typhoon were documented, large-scale intrusion operations attributed to Chinese state-backed actors that exploited consumer routers as staging infrastructure for attacks against American targets. Salt Typhoon, exposed in 2024, compromised major US telecommunications providers. The FCC's national security determination said foreign-made routers were "directly implicated" in all three campaigns. Plug it in, forget it exists. That is how most Americans treat the one piece of hardware that connects every device in their home to the open internet.

And the sophistication of these operations keeps accelerating. Chinese state-linked groups have repurposed commercial AI tools to automate intrusion campaigns, compressing work that once took weeks into hours of autonomous probing. Routers sit at the bottom of most people's security priorities. They gather dust in a closet or behind a TV stand. That invisibility is exactly what makes them useful to attackers.

But the FCC's remedy has a conspicuous gap. The ban covers only new models going forward. Millions of foreign-made routers sit in American homes and offices today, running firmware with the exact vulnerabilities that enabled Volt Typhoon. Those devices are completely untouched by this ruling. Not one.

A security-first approach would mandate firmware audits, annual reauthorization, or patching requirements for the devices already installed. The FCC chose none of those. It blocked future competition while leaving the existing attack surface wide open.

Everybody gets caught

The timing tells part of the story. The Trump administration had been investigating TP-Link for months before the order dropped. The company started in China. Its headquarters sit in Irvine, California now. Texas attorney general Ken Paxton sued TP-Link in February. His complaint alleged deceptive marketing and accused the company of giving Beijing access to American consumer devices. TP-Link fired back. The charges were baseless, the company said, and the Chinese government holds no ownership or control over its products.

Netgear had been pushing hard in public. The company repeatedly referenced TP-Link by name when discussing router security risks. TP-Link described the effort as a "smear campaign" motivated by competitive anxiety, not genuine concern over national security. Chinese brands grabbed more than 65% of the US router market during the pandemic, according to AppleInsider. TP-Link led that wave. Netgear watched its share erode. More than three hundred American ISPs made TP-Link their default router. The pricing was that aggressive.

The security picture is mixed. Some researchers say TP-Link's vulnerability count looks similar to competitors'. Others point to critical flaws the company was slow to patch. But nobody in government has publicly shown evidence of a deliberate backdoor. That distinction matters.

Yet the ban went far broader than TP-Link. Instead of targeting one company, the FCC swept in every foreign-manufactured router on the planet. American companies doing what they have done for decades, building hardware overseas to keep costs down and margins up, got caught in the same dragnet. Netgear uses Foxconn and other contract manufacturers in Taiwan, according to its 2025 10-K filing with the SEC. Linksys, Eero, Google Nest, Asus, and D-Link all build across Taiwan, Thailand, and Vietnam.

Netgear's stock jumped 16.7% in after-hours trading on Monday evening. Wall Street read the signal before anyone had to spell it out: a US-headquartered company with a cooperative posture toward Washington stands a better chance of receiving an exemption than one with Chinese origins. One company left Monday emboldened. The other left cornered.

"While the rule doesn't name China, the direction of travel is pretty clear," Craig Singleton, a senior fellow at the Foundation for Defence of Democracies, told Bloomberg.

The onshoring requirement in the fine print

Buried in the FCC's Conditional Approval guidance is a demand that has little to do with cybersecurity. To keep selling foreign-built routers in the US, a manufacturer must disclose its full management structure and detail its supply chain from component to finished product. Then comes the real ask. The company must submit what the FCC described, per PCMag, as "a detailed, time-bound plan to establish or expand manufacturing in the United States."

That is an industrial policy mandate dressed in a security uniform.

Look at what happened with drones. The agency blocked new foreign-made models last December using an identical Conditional Approval pathway. Three months later, Reuters reported that four drone systems had received exemptions. All four came from non-Chinese manufacturers. DJI, the dominant global consumer drone maker, remains fully blocked and has stopped selling new products in the US.

Washington has spent years systematically restricting Chinese-origin technology from American infrastructure, working through the same playbook of covered lists, conditional exemptions, and onshoring requirements. After the TikTok forced sale, a wave of Chinese-origin technology companies rerouted global operations to avoid US regulatory exposure entirely. Some abandoned the American market rather than submit to restructuring demands they viewed as politically motivated.

Router manufacturers now face the same binary choice. Apply for approval, disclose everything, commit to building US factories, and wait with no established timeline or guaranteed outcome. Or walk away from the largest consumer electronics market in the world.

What the market looks like from here

Among the few consumer routers reportedly manufactured on US soil is SpaceX's Starlink WiFi router, which the company says is built in Texas. If that holds up, it gives Elon Musk's satellite internet company a position few competitors can match in the near term.

For everyone else, the arithmetic is painful. China and Taiwan together produce an estimated 60% to 75% of the world's routers, according to figures cited by Keith Prabhu, founder of consulting firm Confidis, in comments to NetworkWorld. The US accounts for roughly 10% by Prabhu's estimate. Building domestic manufacturing capacity to close that gap means years of factory construction, supply chain reconstruction, and billions in capital expenditure that router-industry margins have never supported.

Sanchit Vir Gogia runs the analyst desk at Greyhound Research. He told NetworkWorld this goes deeper than patching vulnerabilities. "This is about control, not just compromise," Gogia said. Put differently: "Routers sit at the network edge, but functionally they are part of the control plane of the enterprise." For CISOs managing remote workforces, the bill of materials just became a geopolitical document. Procurement conversations that used to end at price and performance now extend to country of origin.

Legal challenges will arrive fast. TP-Link Systems operates as a US-incorporated subsidiary that manufactures in Vietnam, not mainland China. Companies building in Taiwan, a US ally that Washington has pledged to defend militarily, will demand to know why their supply chains receive the same scrutiny as those running through adversary nations. The FCC's position that country of production, rather than corporate nationality, is the controlling factor will face serious pressure in court.

There is also a longer-term question. In October 2025, FCC Chairman Carr said the agency would establish a process to prohibit the import and sale of already-authorized devices that later land on the Covered List. That mechanism now exists. The current order does not touch existing models. Whether the FCC eventually extends it to routers already on shelves is a question nobody at the agency has answered.

Beijing's embassy in Washington stayed silent. Netgear praised the decision. TP-Link said "the entire router industry will be impacted." Both statements are accurate. Only one company sounded anxious saying it.

The foreign-made router sitting in your home still works today. For now, no one in Washington is coming for it. The question is whether that stays true.

Frequently Asked Questions

Does this ban affect routers I already own?

No. Existing models can still be sold and used. The order only blocks new models from receiving FCC equipment authorization. Current inventory stays on store shelves. The impact arrives when that stock runs out and no new models replace it.

Which router brands are affected?

Every brand that manufactures outside the US. That includes Netgear (Taiwan), Amazon's Eero (Asia), Google Nest WiFi, Asus, D-Link, Linksys, and TP-Link. Only routers built on American soil, like SpaceX's Starlink WiFi router, appear unaffected for now.

Can manufacturers get an exemption?

Yes, through a Conditional Approval process. Companies must disclose their full management structure and supply chain, then submit a time-bound plan to move manufacturing to the United States. No timeline for approvals has been announced.

What were the Typhoon cyberattacks cited by the FCC?

Volt Typhoon, Flax Typhoon, and Salt Typhoon were Chinese state-backed intrusion operations that used consumer routers as staging infrastructure. Salt Typhoon compromised major US telecom providers in 2024. The FCC said foreign-made routers were directly implicated in all three.

Why did Netgear stock jump after the announcement?

Netgear shares rose 16.7% in after-hours trading. Investors bet that a US-headquartered company with a cooperative posture toward Washington will receive an exemption faster than Chinese-origin competitors like TP-Link, which faces a separate Texas lawsuit.

Warren Says Pentagon Blacklisting of Anthropic 'Appears to Be Retaliation,' Seeks OpenAI Contract Details
Sen. Elizabeth Warren said Monday that the Pentagon's decision to designate Anthropic a supply-chain risk "appears to be retaliation," and demanded details from both Defense Secretary Pete Hegseth and
The Implicator
Anthropic Lost the Pentagon Contract. It Won the Argument. Then Offered to Keep the Lights On.
On Thursday afternoon, the Department of Defense formally notified Anthropic that the company and its products "are deemed a supply chain risk, effective immediately." The label has historically been
The Implicator
OpenAI Signed the Pentagon Deal. Anthropic Wrote It.
Friday night, Sam Altman posted a statement so carefully calibrated it read like a legal brief disguised as a social media post. OpenAI had reached an agreement with the Department of War. Its models
The Implicator
AI News

Los Angeles

Tech culture and generative AI reporter covering the intersection of AI with digital culture, consumer behavior, and content creation platforms. Focusing on technology's beneficiaries and those left behind by AI adoption. Based in California.