The US government is considering banning the most popular home-internet router on Amazon over security concerns. The TP-Link routers could be banned as early as January, when president-elect Donald Trump takes office, according to TheWall Street Journal. “We welcome any opportunities to engage with the US government to demonstrate that our security practices are fully in line with industry security standards, and to demonstrate our ongoing commitment to the US market, US consumers, and addressing US national security risks,” a spokesperson for TP-Link told the publication. Here’s what consumers need to know.
RELATED: 10 Cybersecurity Tips Everyone Needs to Know.
Chinese-Made Routers
Amazon
TP-Link home internet routers are manufactured in China, and the company’s products are also used by the U.S. Defense Department and other federal government agencies, according to the WSJ report. A spokesperson for TP-Link tells CBS Moneywatch "security practices are fully in line with industry security standards in the U.S. We implement rigorous secure product development and testing processes, and take timely and appropriate action to mitigate known vulnerabilities.”
Cyberattack Threats
ShutterstockThe security concerns associated with TP-Link are linked to possible cyberattacks, something the company says it guards against. Experts are not convinced. "CovertNetwork-1658 specifically refers to a collection of egress IPs that may be used by one or more Chinese threat actors and is wholly comprised of compromised devices,” Microsoft published in an analysis back in October. “Microsoft assesses that a threat actor located in China established and maintains this network. The threat actor exploits a vulnerability in the routers to gain remote code execution capability.”
Microsoft Warning
ShutterstockMicrosoft is keeping an eye on TP-Link, saying hackers are stealing credentials from Microsoft users. “We continue to investigate the specific exploit by which this threat actor compromises these routers,” Microsoft says. “Microsoft assesses that multiple Chinese threat actors use the credentials acquired from CovertNetwork-1658 password spray operations to perform computer network exploitation (CNE) activities.”
RELATED: Is WhatsApp Safe? And How to Use It.
Amazon Sale
Amazon
The cheapest TP-Link router currently available on Amazon is $89.99, down from $99.99. TP-Link allegedly has around 65 percent of the U.S. market for home routers, and a ban would be the first major action against a Chinese company since the first Trump administration targeted Huawei Technologies for similar security concerns.
Justice Department Investigates
Shutterstock
The Justice Department is also investigating whether TP-Link’s low prices may be breaking the law and violating U.S. antitrust laws. The law states the company cannot sell the products for less than they cost to produce.
Update and Protect Your Router
ShutterstockIf you have a TP-Link router, take steps to protect it until a permanent decision is made by the government.“A shocking amount of cybersecurity breaches can be traced back to using the default login credentials set by the router manufacturer (or internet provider if you’re renting your equipment),” says CNET. “Most routers have an app that lets you update your login credentials, but you can also type your router’s IP address into a URL. These credentials are different from your Wi-Fi name and password, which should also be changed every six months or so. Some good rules of thumb for your passwords: Avoid common words and character combinations, longer passwords are better and don’t reuse passwords from multiple accounts.”
