US Authorities Investigating TP-Link Over Connection to China-backed Cyberattacks

[TheLostSwede]

Popular router manufacturer TP-Link is being investigated by US authorities over an alleged connection to cyberattacks emanating from the PRC. According to the Wall Street Journal, the Commerce, Justice and Defense departments are all investigating the company and the Commerce Department has gone as far as issuing a subpoena to TP-Link. The WSJ states that TP-Link holds close to a 65 percent market share in the US consumer router market, which puts the company in a unique market position.

The end results of the investigations, assuming either US authority finds any wrongdoings, could lead to TP-Link being banned from selling its routers in the US. A spokeswoman for TP-Link in the US issued the following statement to the WSJ "We welcome any opportunities to engage with the U.S. government to demonstrate that our security practices are fully in line with industry security standards, and to demonstrate our ongoing commitment to the U.S. market, U.S. consumers, and addressing U.S. national security risks".




At this point in time, it's unclear on what grounds TP-Link is being investigated beyond being a PRC based company and the WSJ mentions that no US officials have disclosed any obvious means of the PRC being able to leverage TP-Link routers to perform cyberattacks on US targets. Almost all router manufacturers, regardless if they target consumers or corporations, have suffered from various vulnerabilities that hackers have taken advantage of in the past, to create massive DDOS attacks, but these investigations don't appear to be going after sloppy firmware releases.

Instead, it sounds like the US authorities are suspecting something more sinister here, but if that truly is the case, then there ought to be indications from other nations that similar activity is happening there and so far, this has not been reported to be the case, but both Taiwan and India have banned the use of TP-Link products in government facilities, calling the devices a security risk. Time will tell what the Commerce, Justice and Defense departments digs up, but neither authority is expected to deliver their findings until sometime next year.

View at TechPowerUp Main Site | Source

 

[CrAsHnBuRnXp]

Id be interested in seeing how this plays out.

 

[_JP_]

The WSJ states that TP-Link holds close to a 65 percent market share in the US consumer router market

If I'm not mistaken, the fall of Linksys had to do with this market-share move. Netgear and others were close behind, but were usually the more expensive option.

Whatever sinister stuff it is, just point-out that almost all of their SOHO models are moddable to DD-WRT/Open-WRT.
Which is kind of the common sense approach when TP-Link has always sold cheaper choices, but the real price was paid when product support is spotty and their firmware updates extend to the devices' warranty period, at best.
Their hardware is okay, the earlier revisions of models, at least.
You buy cheap, you get cheap.

 

[TheLostSwede]

If I'm not mistaken, the fall of Linksys had to do with this market-share move. Netgear and others were close behind, but were usually the more expensive option.

D-Link very much as well and most like Belkin as well. Foxconn has really dropped the ball on Linksys/Belkin.
Netgear, as you say, are too costly to be a big player and their cheaper products are very much meh.

Whatever sinister stuff it is, just point-out that almost all of their SOHO models are moddable to DD-WRT/Open-WRT.
Which is kind of the common sense approach when TP-Link has always sold cheaper choices, but the real price was paid when product support is spotty and their firmware updates extend to the devices' warranty period, at best.
Their hardware is okay, the earlier revisions of models, at least.
You buy cheap, you get cheap.

Yeah, that's why a lot of their products have been popular with more knowledgeable buyers.
My major issue is their lack of support for most of their products, that only get 3-4 firmware updates and then they release a new hardware revision and start over.
The hardware is indeed not terrible, especially for the asking price for many of them, but the software is far from great.

Id be interested in seeing how this plays out.

There are a lot of additional details in the WSJ piece, including a bit of back story on TP-Link as a company.
They apparently moved their HQ to Singapore a few years ago, to try and appear less xinese...

 

[Onasi]

My major issue is their lack of support for most of their products, that only get 3-4 firmware updates and then they release a new hardware revision and start over.

Another annoyance is that for many products they have region-based firmware and there are some times when a newer FW would be listed on their global site, have fixes that are immediately needed (say, security), but one’s device won’t report any new updates since the team that is responsible for YOUR particular regional version is dragging their feet. But the HW is indeed almost unbeatable for the price and using open-source alternative FW solves that issue, so… eh.

 

[CrAsHnBuRnXp]

If I'm not mistaken, the fall of Linksys had to do with this market-share move.

When did this happen?

 

[Scrizz]

When did this happen?

It was like a decade ago. You'll still see the Linksys name, but that's all there is really left of it. Linksys was Linksys until Belkin ruined it and Foxconn the same. After that, it was just a name.


Edit: just looked it up. I was right.

Linksys - Wikipedia

en.wikipedia.org

 

[kondamin]

So what will they be buying to replace everything? Everything is being made by foxcon.

 

[mechtech]

Hope this doesn't happen to asus routers.............................