The Federal Communications Commission updated its 'covered list' to include foreign-produced routers deemed to pose unacceptable national security risks, according to multiple reports. Foreign-made routers currently on store shelves can still be purchased, and routers already installed in homes remain fully usable, but future imports of restricted foreign-made routers will face tighter controls. A router is classified as foreign-made if any key step in its production, such as manufacturing, assembly, design, or development, takes place outside the U.S., according to major media. There is an exemption for routers that receive conditional approval from agencies after being deemed not to pose unacceptable risks, sources said. Nearly every router sold in the U.S. is at least partially built overseas, according to sources. It remains unknown whether foreign-made routers produced by American companies are included in the ban.
Security threats driving the policy include increasing cyberattacks by foreign adversaries, with malicious actors exploiting vulnerabilities in foreign-made routers to attack American households, according to multiple reports. Several cyberattacks linked to foreign-made routers were associated with hacking groups from China and Russia, major media reports. The FCC added that foreign-produced routers present unacceptable risks to Americans, from disrupting network connectivity to enabling local networking espionage and intellectual property theft.
This is a very real fear that is reflected in concerns from the UK's National Protective Security Authority.
Scaling up production of fully U.S.-made routers is expected to take time, potentially causing supply challenges for ISPs and consumers, multiple reports indicate. The specific timeline for scaling up U.S.-made router production and its impact on supply shortages and prices has not been confirmed, and it is unclear whether any router production by U.S. companies like Netgear and eero is currently handled in the U.S.
In the U.K., former British military intelligence officer Phil Ingram warns that foreign Wi-Fi routers and phone apps pose a very real threat to U.K. national security from China, Russia, Iran, and North Korea. According to Daily Mail - News, Phil Ingram described that foreign intelligence agencies could have a backdoor into routers built overseas, allowing data copying without user knowledge. He also noted that with Chinese equipment, backdoors are often due to poor engineering rather than deliberate state action, but states can exploit them. Ingram believes the U.K. should implement a similar ban on foreign-built Wi-Fi routers as the U.S., according to Daily Mail - News. The extent to which the U.K. government is considering such a ban is not known, and the effectiveness of current U.K. defenses against data farming espionage compared to the U.S. measures remains uncertain.
A lot of electronic systems are constantly listening to you, so your smart TV, your smart hub in your house, your smart watch is constantly listening. As it's listening, that data's going somewhere.
The U.K. has previously banned the rollout of 5G by Chinese company Huawei. In January, Sir Keir Starmer greenlit the controversial Chinese super embassy in London, located above key telecommunications lines. Security Minister Dan Jarvis said he was content any risks are being appropriately managed regarding the Chinese super embassy. Additionally, the Ministry of Defence has expressed concerns over Chinese-manufactured electric cars, according to reports.
With Chinese equipment in particular, a lot of those back doors are through poor engineering rather than deliberately being put in by the state, but the state can exploit them.
Yes, of course I think we should be doing the same in the UK.