US lawmakers urge probe of WiFi router maker TP-Link over fears of Chinese cyber attacks

WASHINGTON - Two U.S. lawmakers want the Biden administration to probe China's TP-Link Technology Co and its affiliates for potential national security risks from their widely used WiFi routers over fears they could be used in cyber attacks against the U.S.

Republican Representative John Moolenaar and Democratic Representative Raja Krishnamoorthi, who lead the House Select Committee on China, requested a Commerce Department probe in a Tuesday letter seen by Reuters.

According to research firm IDC, TP-Link, which focuses on the consumer market, is the top seller of WiFi routers internationally by unit volume.

In calling for an investigation, the U.S. legislators cited known vulnerabilities in TP-Link firmware and instances of its routers being exploited to target government officials in European countries.

"...We request that Commerce verify the threat posed by (China-affiliated small office/home office) routers —particularly those offered by the world's largest manufacturer, TP-Link," according to the letter to Commerce Secretary Gina Raimondo.

They called it a "glaring national security issue."

The Commerce Department said it would respond to the letter through appropriate channels. The Chinese Embassy said it hopes authorities will "have enough evidence when identifying cyber-related incidents, rather than make groundless speculations and allegations."

TP-Link, founded in China in 1996 by two brothers and based in Shenzhen, said in a statement that the company does not sell any router products in the United States and that its routers do not have cybersecurity vulnerabilities.

The letter is a sign of mounting concerns that Beijing could exploit Chinese-origin routers and other equipment in cyber attacks on American governments and businesses.

The U.S., its allies and Microsoft last year disclosed a Chinese government-linked hacking campaign dubbed Volt Typhoon. By taking control of privately owned routers, the attackers sought to hide subsequent attacks on American critical infrastructure.

The vast majority of affected routers, however, appeared to be from Cisco and NetGear, the Justice Department said in January.

Last year, the U.S. Cybersecurity and Infrastructure Agency said TP-Link routers had a vulnerability that could be exploited to execute remote code.

Around the same time, U.S. security company Check Point reported that hackers linked to a Chinese state-sponsored group used a malicious firmware implant for TP-Link to target European foreign affairs officials.

The Commerce Department has broad powers to ban or restrict transactions between U.S. firms and internet, telecom and tech companies from "foreign adversary" nations like China, Russia, Cuba, Iran, North Korea and Venezuela if their products pose a national security risk.