FCC Banned Router List: 5 Chinese Companies Blocked and What It Means for Your Home Network
The FCC voted unanimously to ban new equipment authorizations from five Chinese companies, and the FCC banned router and telecom gear from names you've probably seen on your own network hardware. Huawei, ZTE, Hytera, Hikvision, and Dahua are all on what's officially called the "Covered List." That designation means no new products from these companies can be authorized for sale or import into the United States. The stated reason: "unacceptable risk to national security."
That phrase should get your attention. It got mine.
I've spent over 14 years building and securing software systems, and if there's one thing I keep relearning, it's that the weakest link in any architecture is the thing you never think about. For millions of Americans, that thing is the consumer router sitting in their living room.
What Exactly Is on the FCC Banned Router List?
The FCC's Covered List, established under the Secure and Trusted Communications Networks Act, currently names five companies:
- Huawei Technologies — telecom infrastructure and consumer networking gear
- ZTE Corporation — telecom equipment and mobile devices
- Hytera Communications — two-way radio systems
- Hikvision — video surveillance equipment
- Dahua Technology — video surveillance and security cameras
The rule was adopted with a bipartisan 4-0 vote under FCC Chairwoman Jessica Rosenworcel. It doesn't just target routers. It covers all telecommunications and video surveillance equipment from these manufacturers. But routers and networking gear from Huawei and ZTE are the pieces most likely sitting in your home or small business right now.
Here's what most people get wrong: this ban is not retroactive. Nobody is going to knock on your door and confiscate your Huawei router. You're not breaking the law by using equipment you already own. The ban stops the pipeline. No new products from these five companies can receive FCC equipment authorization, which means they can't legally be sold or imported as new devices in the US going forward.
That distinction matters. But it shouldn't make you comfortable.
Why Your Existing Banned-List Router Is Still a Problem
Here's the thing nobody's saying about the FCC banned router situation: the real risk isn't what these devices are doing today. It's what happens to them six months from now.
When a manufacturer is effectively cut off from the US market, firmware updates stop. Security patches stop. The vulnerability disclosures that would normally trigger an emergency fix just... don't get fixed. Your router becomes a frozen artifact running software that gets more dangerous every single month.
I've seen this exact pattern play out in production systems more times than I can count. A dependency gets abandoned, nobody notices for six months, and then a CVE drops and you're scrambling. Now imagine that scenario, except the "dependency" is your home network's front door, and the manufacturer has zero commercial incentive to patch it for US customers anymore.
Consumer routers are already among the most exploited devices on the internet. CISA has repeatedly flagged Huawei and ZTE equipment in advisories. The Volt Typhoon campaign, a Chinese state-sponsored hacking operation, specifically targeted small office and home routers to build botnet infrastructure across the US. An unpatched router from a sanctioned manufacturer isn't a theoretical risk. It's an active attack surface.
If you've been following the broader cybersecurity space, this connects directly to how info-stealer malware targets the weakest links in your setup. Your router is the gateway to everything on your network.
Is TP-Link Banned by the FCC?
I get this question constantly, and the answer right now is no. TP-Link is not on the FCC's Covered List. But don't get too comfortable with that.
TP-Link is headquartered in Shenzhen, China, and it's been under increasing scrutiny from US lawmakers and intelligence agencies. In late 2024, multiple reports surfaced that the Commerce Department, Defense Department, and Justice Department had all opened investigations into TP-Link over national security concerns. The Wall Street Journal reported that a potential ban was being actively considered.
Why should you care? Because TP-Link holds an estimated 65% market share for consumer routers sold through major US retailers like Amazon. If you bought a budget router in the last three years, flip it over. There's a good chance it says TP-Link on the bottom.
The company has pushed back, announcing plans to restructure through a US-based entity. But the pattern here is familiar. It's almost identical to the trajectory Huawei followed before it ended up on the Covered List. First, whispered concerns from intelligence agencies. Then congressional hearings. Then formal action.
I'm not saying TP-Link will definitely get banned. But if your threat model includes "I'd rather not replace my router under emergency conditions," think about it now.
What Makes These Routers a National Security Risk?
The concern isn't that every Huawei router ships with a backdoor and a big red button labeled "SEND DATA TO BEIJING." The actual problem is quieter than that. And harder to defend against.
The national security argument rests on several layers:
Legal compulsion: Under China's 2017 National Intelligence Law, Chinese companies are required to "support, assist, and cooperate with national intelligence work." This isn't speculation. It's literally written into the law. A Chinese manufacturer could be compelled to insert surveillance capabilities into a firmware update, and they'd have no legal standing to refuse.
Supply chain opacity: Consumer router firmware is notoriously opaque. Even dedicated security researchers struggle to fully audit what these devices do at the network level. I've worked with enough embedded systems to know that "we can't see what it's doing" should never be a satisfying answer. It usually isn't one.
Strategic positioning: Routers sit at the chokepoint of all network traffic. DNS queries, unencrypted traffic, device fingerprinting, network topology. A compromised router sees everything. As David Shepardson at Reuters reported, the FCC's action reflects years of bipartisan concern that this access could be weaponized.
Botnet recruitment: Even without deliberate espionage, unpatched routers from any manufacturer become botnet nodes. When the manufacturer is cut off from the US market, patching drops to zero. The timeline for exploitation accelerates fast.
This fits the broader pattern we've seen with IoT devices becoming entry points for home network attacks. The device you think about least is usually the one that gets you.
Do I Have to Replace My Banned Router?
Legally, no. The FCC ban applies only to new equipment authorizations. If you already own a Huawei or ZTE router, you can keep using it.
But practically? Replace it. I would.
After years of building systems where security is a first-class concern, I've internalized one principle: never depend on infrastructure that has no path to getting patched. Your router is the single most critical piece of network infrastructure in your home. It routes every packet, resolves every DNS query, acts as the firewall between your devices and the open internet. Running that on abandoned firmware is like building on a foundation you know has cracks. And the contractor left town.
The good news: replacing a consumer router is one of the easiest security upgrades you can make.
For most people: ASUS and Netgear both make solid consumer routers with regular firmware updates and reasonable security track records. The ASUS RT-AX86U and Netgear Nighthawk series are well-regarded. Both companies have dedicated security response teams and publish updates on predictable schedules.
For the security-conscious: Ubiquiti's UniFi Dream Router gives you enterprise-grade network segmentation and intrusion detection in a consumer form factor. More complex to set up, but the security posture is leagues ahead of the typical consumer box.
For the "just make it work" crowd: Amazon's Eero mesh systems are dead simple, get automatic security updates, and have a solid track record. Security without thinking about it.
For the truly paranoid (I'm in this camp): Flash your router with open-source firmware like OpenWrt. You control the code, you control the updates, you can audit everything. Not for everyone. But if you're reading this blog, you can probably handle it.
The best router isn't the fastest one. It's the one that's still getting security patches.
Whatever you choose, the key criteria should be: is this manufacturer committed to long-term firmware support, and do they have a transparent vulnerability disclosure process? If you can't answer both with a confident yes, keep looking.
What the FCC Banned Router List Means Going Forward
The Covered List isn't static. The FCC has the authority to add new companies, and given the current geopolitical climate, expansion seems far more likely than contraction. TP-Link's ongoing investigation is the most obvious candidate, but companies like Tenda, another Shenzhen-based router manufacturer popular in budget segments, could face similar scrutiny.
This is also part of something bigger in tech policy. The US government is increasingly treating consumer hardware as a national security surface, not just enterprise telecom infrastructure. If you've been following how passkeys are reshaping authentication security, you know that the entire security posture of the average consumer is getting rethought from the ground up. Routers are just the most visible piece.
My prediction: within two years, we'll see some form of security certification requirement for consumer routers sold in the US, similar to what the EU is doing with its Cyber Resilience Act. The FCC ban is the stick. The certification will be the carrot. Manufacturers who can't demonstrate transparent firmware practices and supply chain integrity will find the US market increasingly hostile.
Check the bottom of your router. If it says Huawei or ZTE, it's time to shop. If it says TP-Link, start watching the news. And if it says anything at all, make sure you're running the latest firmware. The router is the one device in your house that never sleeps, sees all your traffic, and almost nobody bothers to update. That needs to change.
Originally published on kunalganglani.com
Top comments (0)