Popular TP-Link routers could be banned after risks exposed

A major national security debate is unfolding, and it affects more than government networks. It touches your home, your devices, and the Wi-Fi your family uses every day. The Commerce Department has proposed blocking new sales of TP-Link products after a months-long review into the company’s ties to China, citing a growing TP-Link security risk. Multiple agencies, including Homeland Security and Defense, supported that proposal. They believe the company’s connections could expose American networks to foreign influence.

Security experts warn that foreign-backed hackers have targeted home and office routers for years. These devices often act as silent stepping stones that help attackers move deeper into sensitive systems. When compromised, they can expose everything connected to them, including computers, smart home gear, military devices used on base, and more.

This potential ban would be one of the biggest consumer tech actions in U.S. history. It comes as lawmakers raise fresh alarms about Chinese-made cameras, routers, and connected home products sold on military exchanges and in homes across the country.

Why military families are even more vulnerable 

Lawmakers from both parties say military households face extra risk. Sen. Joni Ernst (R-Iowa), who leads a bipartisan group of 23 lawmakers, warns that TP-Link cameras and networking devices sold on Army, Navy, and Air Force exchange sites could expose sensitive footage from base housing and dorms. Rep. Ashley Hinson (R-Iowa) echoed that concern, saying these devices could act as a backdoor for Chinese intelligence to collect information on service members and their families. Even when products appear out of stock, officials worry they remain popular in military communities.

These lawmakers say Chinese laws could force companies to share data or push hidden software changes that weaken U.S. networks. They argue that this creates a real risk for households on or near military installations. While TP-Link disputes every allegation and states that it stores U.S. data inside America, lawmakers want a deeper investigation.

“China will use any way to infiltrate us, and we must ensure they cannot access our homeland or military bases,” said Ernst.“High-tech security cameras sending video and audio directly back to Beijing must be treated like the grave threat that they are. We have seen this playbook from China before, with Huawei Technologies, and need the Trump administration to investigate and determine if TP-Link is a trojan horse compromising our national security.”

How Congress is responding to TP-Link security risks

Sen. Ernst is pressing the Commerce Department to finish its investigation by November 30. Sen. Tom Cotton (R-Arkansas), who chairs the Senate Intelligence Committee, says TP-Link could give the Chinese government access to American networks and wants faster action. Their concerns reflect past decisions involving Huawei and Kaspersky, which lost access to the U.S. market due to national security risks.

Congressional leaders say foreign-made smart home devices sold on military bases should face strict scrutiny. They see routers, cameras, and other connected home gear as critical targets in a time when cyberthreats continue to grow.

We reached out to TP-Link Systems Inc., and a spokesperson provided CyberGuy with the following statement,

“TP-Link Systems Inc. (TP-Link), an American company based in California, refutes the claims in this letter. This letter repeats false and misleading media reports and attacks that have been thoroughly debunked.

TP-Link emphatically objects to any allegation it is tied to the Communist Party of China, dependent on the Chinese government, or otherwise subject to interference under Chinese national security laws. The company is not controlled by any government, foreign or domestic. TP-Link has split from and has no affiliation with the China-based TP-LINK Technologies Co. Ltd., which is separately owned and operated.

This letter has nothing to do with security and everything to do with a competitor trying to remove TP-Link Systems’ products from the marketplace. The “open source information” the members reference is actually a manufactured echo chamber of false and misleading attacks that the media has parroted over the past year. Instead of directly engaging with TP-Link Systems, these members essentially pressed “copy and paste” on unsubstantiated claims about our American company.

TP-Link has not been contacted by policymakers to discuss the alleged concerns, but if we were to meet with them, they would learn that TP-Link has located its core security functions and data infrastructure in the United States. U.S. user data is securely stored on Amazon Web Services infrastructure in Virginia, under the full control of the company’s U.S. operations.

TP-Link Systems currently holds a very small share of the U.S. security camera market, representing approximately 3% of the consumer market segment according to Circana checkout data. The company has virtually no business presence in the enterprise segment. Additionally, TP-Link Systems’ router market share in the U.S. has been inaccurately reported as being much higher than it actually is. Recent market research from Dell’Oro Group, Inc., found that TP-Link Systems’ market share of residential Wi-Fi router sales in North America is under 10%.

TP-Link does not enable foreign surveillance of U.S. networks or users. The company’s operations are built to prevent potential attempts to subvert its business by outside influence. TP-Link’s substantial security investments cover its entire product portfolio, including security cameras and routers.

TP-Link continually monitors its products and services and takes timely and appropriate action to address vulnerabilities it becomes aware of. TP-Link has not identified any reliable information regarding new vulnerabilities in its products in connection with this letter.”

Steps to protect yourself from this growing threat

Even as the debate continues, you can take simple steps to secure your home. These easy moves help defend against threats tied to any router brand.

1) Check your router and update it

Look at the brand on your router. Then update the firmware through the official app or web dashboard. If your device is several years old or no longer supported, replace it. Check out our article on the top routers for the best security. 

2) Change your Wi-Fi and admin passwords

Default passwords are dangerous. Create strong, unique passwords for both your Wi-Fi and the router’s admin panel. Consider using a password manager, which securely stores and generates complex passwords, reducing the risk of password reuse.

Next, see if your email has been exposed in past breaches. Our #1 pick, NordPass, includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

3) Use strong antivirus protection on every device

Threats like this continue to grow. Install strong, real-time antivirus protection on every computer, phone, and tablet in your home. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. See our 2025 review of the Best AntiVirus Protection here.

4) Turn off any of these features you do not need

Disable remote access, WPS, and extra features you never use. These settings can open doors for attackers.

5) Put smart home devices on a guest network

Keep laptops and phones on your main network. Put cameras, plugs, TVs, and IoT devices on a separate guest network so they cannot reach your sensitive devices.

Related Links: 

• FBI warns of hackers exploiting outdated routers, check yours now
• When one Wi-Fi router isn’t enough: Top mesh networking winners
• How to remotely reset your router: Steps for easy troubleshooting

Kurt’s key takeaways

The debate around TP-Link shows how something as routine as a home router can become part of a broader security conversation. Whether or not the government issues a ban, this moment is a clear reminder that cybersecurity starts at home. Small steps make a meaningful difference in how well your devices stand up against foreign-backed hacking groups.

What do you think? Should the government ban router brands linked to foreign influence, or should consumers decide for themselves? Let us know your thoughts in the comments below. 

FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

Copyright 2025 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.