The Federal Communications Commission has ordered a ban on the importation of new foreign-made consumer routers, citing cybersecurity risks.
The order, posted late Mondaysaid the import ban “will include all consumer-grade routers produced in foreign countries.” The FCC said the order does not affect imports or use of existing routers, but new devices may receive an exemption if approved by the Departments of Defense or Homeland Security.
The FCC claimed foreign-made routers “pose unacceptable risks” to US national security, citing a threat from China-backed hacking groups Volt, Salt and Flax Typhoon.
According to ReutersChina is said to have about 60% of the market for consumer routers, which connect homes and businesses to the Internet.
The FCC said it took action because malicious hackers exploited flaws in foreign-made routers to attack US households, disrupt networks and enable cybercrime and surveillance.
Government-sponsored hackers and cybercriminals have long targeted routers because they allow access to home or business networks. Hackers can also compromise routers to hit other companies or businesses with disruptive events designed to overload servers with unwanted network traffic, known as distributed denial-of-service attacks.
The FCC has not provided evidence that consumer routers manufactured in the US are more secure than routers developed abroad. An FCC spokesman did not immediately respond to a request for comment.
Techcrunch event
San Francisco, California
|
13-15 October 2026
Salt Typhoon, a Chinese-backed espionage group that has hacked dozens of phone and internet companies around the world, including in the United States, is known to exploit vulnerabilities in routers made by US networking giant Cisco. Flax Typhoon, another Chinese-backed hacking group that US authorities have accused of operating a massive botnet of hijacking devices, targeted both US-made and foreign-made routers to hack at least 126,000 devices in the United States, as well as thousands more around the world.
FCC Chairman Brendan Carr said in prepared remarks that the agency will “continue to do [sic] our role in ensuring that US cyberspace, critical infrastructure and supply chains are secure.”
Despite the spate of Chinese hacks targeting US businesses and government agencies, Carr was among two FCC commissioners who voted in November to repeal cybersecurity rules that required telecom operators to protect their legal wiretapping systems from unauthorized intrusions.
