Two US House of Representatives members have called on the US Department of Commerce to investigate Chinese-made Wi-Fi routers deployed in the US over hacking and espionage concerns.
John Moolenaar (R-MI), chairman of the House Select Committee on the Strategic Competition Between the United States and the Chinese Communist Party, and Raja Krishnamoorthi (D-IL), a ranking member of the same group, warned in an August 15 public statement of the “growing risk posed by Chinese Wi-Fi routers in the United States manufactured by TP-Link Technologies.”
TP-Link is a Chinese company and the world’s largest provider of Wi-Fi products, selling over 160 million products annually to more than 170 countries.
Its Wi-Fi routers are manufactured in China, which has led the two Congressmen to fear that state-sponsored hackers may be able to compromise the routers and infiltrate US systems.
“Moreover, TP-Link is subject to draconian ‘national security’ laws in the People’s Republic of China (PRC) and can be forced to hand over sensitive US information by Chinese intelligence officials,” they added.
In 2023, a Chinese state-sponsored advanced persistent threat (APT) group known as Camaro Dragon was observed exploiting TP-Link routers via a malicious firmware implant.
In January 2024, it was announced that the FBI led a law enforcement operation in December 2023 to disrupt a network of hundreds of small office/home office (SOHO) routers that had been infected by the KV Botnet malware by another Chinese APT group, Volt Typhoon.
Although the US Justice Department said most compromised devices in this campaign appeared from Cisco and NetGear, Volt Typhoon, hackers may have infiltrated US systems up to five years earlier.
In a separate letter to US Secretary of Commerce Gina Raimondo, Moolenaar and Krishnamoorthi said, “TP-Link’s unusual degree of vulnerabilities and required compliance with PRC law are in and of themselves disconcerting. Combined with the PRC government’s common use of SOHO routers like TP-Link to perpetrate extensive cyber-attacks in the United States, it becomes significantly alarming.”
They asked for Secretary Raimondo’s threat assessment and mitigation plan by August 30.
Reference:
US Bipartisan Committee Urges Investigation Into Chinese Wi-Fi Routers
Latest News:
- #CyberMonth: Software Updates, A Double-Edged Sword for Cybersecurity Professionals
Software updates are critical in protecting systems from cyber threats and providing new and improved functionality to software products. They are necessary to patch vulnerabilities that can be exploited by malicious actors, ensuring that systems remain secure. Software updates are one of the four pillars of the 2024 International Cybersecurity Awareness Month campaign. As part … - Universal Music Group Admits Data Breach
Universal Music Group (UMG), one of the world’s largest music corporations, disclosed a data breach in mid-July 2024. According to a filing with the Maine Attorney General’s Office, the breach may have exposed the personal information of 680 US residents. In the filing, UMG said it detected unauthorized activity in one of its internal applications on July 15, … - Sellafield Fined for Cybersecurity Failures at Nuclear Site
Sellafield Ltd. has been fined £332,500 ($437,440) for cybersecurity failures at the Sellafield nuclear facility in Cumbria, North-West England. Westminster Magistrates Court issued the fine following a prosecution brought by the Office for Nuclear Regulation (ONR), the UK’s independent nuclear regulator. Sellafield Ltd has also been ordered to pay prosecution costs of £53,253.20 ($70,060). The offences … - Ransomware Attack Forces UMC to Divert Emergency Patients
The University Medical Center (UMC) Health System in Lubbock, Texas, has confirmed a ransomware attack that disrupted its IT infrastructure last week, forcing the diversion of emergency and non-emergency patients. UMC, the only level 1 trauma centre within 400 miles, faced significant operational challenges, with phone systems down and the patient portal inaccessible. Despite this, … - British Hacker Charged in the US For $3.75m Insider Trading Scheme
A British hacker accused of orchestrating a $3.75m insider trading scheme has been charged in the US. Robert Westbrook, 39, allegedly gained unauthorized access to corporate executives’ email accounts to profit from confidential financial information. US authorities arrested Westbrook last week in London, and he is awaiting extradition to face multiple charges, including securities fraud …