Back to Home

FCC Ban on Router Imports: Covered List Updated

FCC updated the Covered List, prohibiting import of new consumer routers of foreign production due to national security risks. Threats include Volt Typhoon attacks and similar. Existing devices are unaffected, conditional approval procedure possible.

USA Introduces Ban on Foreign Routers: Details from FCC
Advertisement 728x90

US FCC Blocks Import of New Foreign Routers Over National Security Threats

The US Federal Communications Commission (FCC) has expanded the Covered List to include all consumer routers manufactured abroad. This decision automatically blocks approvals for new models on the US market. Devices already certified by the FCC before the list was updated are exempt.

The decision is based on assessments from relevant agencies: foreign routers pose unacceptable risks to national security. The main threats include vulnerabilities in supply chains, cyberattacks, and damage to critical infrastructure that relies on mass-market networking devices.

Real-World Threats from Foreign Routers

The FCC has documented actual incidents of vulnerabilities in these devices being exploited. Attackers have targeted households, disrupted networks, conducted espionage, and stolen intellectual property.

Google AdInline article slot

Specific examples of foreign routers being used:

  • Volt Typhoon: attacks on US critical infrastructure.
  • Flax Typhoon: campaigns against network segments.
  • Salt Typhoon: targeted operations on key facilities.

These threats highlight the role of consumer routers as entry points into broader networks. Vulnerabilities enable persistent access, data exfiltration, and use of devices in botnets.

Market and Manufacturer Impacts

Adding this category to the Covered List strips the FCC of authority to approve new imported routers. Manufacturers cannot legally sell uncertified models in the US. Existing approved devices remain on sale without restrictions—users don't need to rush to replace their equipment.

Google AdInline article slot
  • For consumers: no ban on using current routers.
  • For imports: blockade on new models with no exceptions.
  • For supply chains: need to localize production or find alternatives.

Conditional Approval Process

Manufacturers can apply for exemptions via the conditional approval mechanism. They must prove there are no unacceptable security risks. Final decisions are made by national security agencies—the Department of Defense and the Department of Homeland Security.

This process doesn't guarantee success: reviews focus on supply chains, firmware vulnerabilities, and potential for state-sponsored attacks. Developers are advised to adopt hardened-by-design approaches, including secure boot and runtime integrity checks.

Key Takeaways

  • The FCC has expanded the Covered List to cover all new foreign consumer routers, blocking their certification.
  • Threats include Volt Typhoon, Flax Typhoon, and Salt Typhoon cyberattacks on critical infrastructure.
  • Existing approved devices are unaffected; no replacement needed.
  • Conditional approval is possible but depends on the DoD and DHS.
  • The decision ramps up supply chain requirements for networking gear.

The Covered List update reflects a global trend toward stricter oversight of telecom equipment. For IT professionals, it's a call to audit network peripherals and minimize risks from legacy foreign-made devices.

Google AdInline article slot

— Editorial Team

Advertisement 728x90

Read Next