Attend IT Blog

Attend IT Limited has been serving the Brentford area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Categories
Tags
Categories:   All Categories
Suggested keywords
x

What the American Ban on Foreign-Produced Routers Means for Businesses

What the American Ban on Foreign-Produced Routers Means for Businesses

One month ago, the United States Federal Communications Commission put forth a ban on the sale of all Wi-Fi routers made outside the US, giving manufacturers the option to apply for a conditional approval exemption on the agency’s website.

Let’s talk about what this ban is going to mean to your business (and to your entire team’s personal lives) as things progress. Fair warning, things aren’t going to be simple.

Virtually All Consumer-Grade Routers are Now Included on the Covered List

So, what’s the Covered List?

The FCC maintains a list of communications equipment and services deemed to pose a danger to the safety and security of the United States and its residents. Once something is added to the list, its import for either sale or use is banned. As of March 23rd, this list included all foreign-made routers (which turned out to be nearly all of them), as the “foreign-made” distinction encompasses all major manufacturing processes.

For example, let’s say ACME designed a router in Minneapolis, manufactured its components outside Taipei, and assembled it in Fort Lauderdale. That router would be considered foreign-made and could not be used or sold in the US without conditional approval.

While all currently owned or authorized devices are grandfathered in, all new hardware (except Starlink devices and now conditionally-approved NETGEAR and Adtran routers) will not meet these requirements. Furthermore, these exempt devices will only be allowed to receive updates until March 1, 2027. After that, the software and firmware will remain stagnant, allowing these devices to swiftly become inexcusably insecure.

This Situation is a Cybercriminal’s Dream

Part of a cybercriminal’s job is to undermine the security that protects our daily drivers, all the software and devices that modern businesses rely on. In their efforts, these cybercriminals will collaborate and share their findings via the Dark Web, crowdsourcing attack vectors and vulnerabilities. Likewise, developers work to identify and resolve these vectors and vulnerabilities as quickly as possible—ideally, before the threat is actively exploited. It’s effectively the new space race, just waged without borders as compared to world superpowers and taking place in cyberspace.

The other difference is that we already know the ongoing outcome: eventually, a technology is deemed no longer worth the effort to protect, and it is left to the mercy of attackers as developers shift their attention to newer innovations. As a result, the abandoned tech effectively becomes a minefield with more and more buried traps.

Why Were All These Routers Banned?

Based on what the FCC has publicly stated, the White House convened an interagency executive body which determined that sufficient risks were present to place all foreign-produced routers on the Covered List. This was allegedly due to the fact that routers were the infrastructure that allowed the Volt, Flax, and Salt Typhoon cyberattacks. FCC Chair Brendan Carr shared a statement saying that this ban is an effort to protect cyberspace from attacks, along with critical US infrastructure and supply chains.

It is important to note that just two percent or so of consumer routers are compliant with the requirements this action places on networking hardware, and if it evolves to explicitly include business-grade devices, 91.2 percent would suddenly have their status called into question.

Hardware Shortages are Most Likely Imminent

As we mentioned, Texas-based Starlink is the only manufacturer inherently exempt from this measure, although NETGEAR has successfully obtained conditional approval for a variety of its products until October of 2027. TP-Link and ASUS have also come out in support of a ban, being in a favorable position to shift their manufacturing processes to abide by these new restrictions and/or also secure conditional approval.

Even so, it will not be easy for these companies to shift their operations enough for compliance before the October 2027 expiration date for conditional approval.

How Does this Impact Businesses?

At the time of writing, this ban is still restricted to consumer-grade routers, but who knows how things will ultimately shake out… and even so, there will be some level of impacts that come back around to your business operations.

If the ban does extend to enterprise-grade routers, your business will need to adopt a compliant tool in order to operate. Even so, many businesses use “consumer-grade networking devices that are primarily intended for residential use and can be installed by the customer” for their connectivity needs, and will need to switch to a device not included on the covered list. Plus, your team members may work remotely at times. If they do so by using an owned device from one of the following brands…

  • ASUS
  • D-Link
  • Eero
  • Linksys
  • Nest
  • Razer
  • Synology

…or a rental via their ISP from…

  • Arcadyan
  • Wistron
  • Arris
  • Technicolor
  • Askey
  • Sagemcom
  • Humax
  • Nokia

…they will soon have no choice but to obtain a compliant option, either purchasing it for themselves or renting a new device from their Internet service provider. Either way, they will likely be paying more, as scarcity will likely increase prices in stores and to help the ISP offset their costs.

All Things Considered, Security Just Became Even More Important

While this ban appears to currently be limited to consumer-grade hardware, this in no way means your business can rest on its laurels. Cyberattacks across the board are likely going to get a lot worse as a result of these bans. After all, too few people keep their home infrastructure up-to-date as it is… what happens when routers are far more scarce and expensive to procure than they are now? This is also without even mentioning that many businesses utilize consumer-grade hardware, despite the necessary features of enterprise-grade options.

As a result, we recommend that all businesses commit to a few key protective measures:

  • Switch to professional-grade hardware now. Even if this ban hadn’t put an expiration date on all consumer-grade routers, your business deserves to use the right hardware for its needs. Enterprise routers are more secure and more capable by design than their consumer-focused counterparts.
  • Update your firmware. While your router is still usable, make sure you keep it fully patched and up-to-date. This minimizes the window an attacker has to successfully breach your IT.
  • Maintain your credentials. Many devices, particularly networking hardware, come with default passwords set. You need to immediately change these passwords to sufficiently secure alternatives using complex passphrases.
  • Enable encryption. Using a VPN (virtual private network) allows you to shield your business’ traffic from prying eyes, even if they manage to intercept it.

Want Help Dealing with Your Business IT? Reach Out!

As we move forward, hardware procurement will get more complicated before it ever gets easier. We can be there for you to help you manage your essential tech, ensuring you have what you need and can rely on it.

Find out more by reaching out at 020 8626 4485.

Tags:
Current Events Hardware Internet
Why Vendor Management Can Save Your Sanity
A Very Simple 5-Step Guide to Turn Your Vision int...

About the author

Adam Shailes

Adam Shailes

Attend IT Limited has been serving the Brentford area since 2003, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Author's recent posts

More posts from author
 

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Best Practices Productivity Business Computing Business Cloud Network Security Data Tip of the Week Software Efficiency IT Support Hackers Managed IT Services Data Recovery IT Services Innovation Backup Data Backup Privacy Disaster Recovery Hosted Solutions Saving Money communications Phishing Hardware Malware VoIP Small Business Email Computer Cybersecurity Internet Collaboration Mobile Devices User Tips Outsourced IT Workplace Strategy Business Continuity Ransomware Cloud Computing Business Management AI Microsoft Quick Tips Users Upgrade Workplace Tips Compliance Training BDR Remote Gadgets Passwords Automation Information Technology Productivity Communication Smartphones Internet of Things IT Support Smartphone Network Server Current Events Managed Service Artificial Intelligence Risk Management Wi-Fi Mobile Device Spam Employee-Employer Relationship Social Media BYOD Mobile Device Management Managed Service Provider Managed IT Mobility Managed IT services Budget Android Meetings Covid-19 Microsoft Office Google Save Money Wireless Password Networking Printers Human Resources Avoiding Downtime Document Management Office Printing Information Windows 7 Remote Workers VPN Remote Computing Chrome History Hosted Solution Windows Router Instant Messaging Encryption Firewall Content Filtering Computers Data Management Cost Management Windows 10 Project Management MSP Tech Term Monitoring Vendor Virtual Private Network Help Desk Time Management Remote Work Video Conferencing Laptop Physical Security Marketing Recovery Telephone Systems Government End of Support Facebook Hacker Personal Information Hard Drives Solid State Drive Virtualization Battery Automobile Telephony Holiday Big Data Two-factor Authentication Audit Employer-Employee Relationship Value Saving Time Data Breach Data Storage Data Security Mobile Software as a Service Conferencing Redundancy Maintenance Devices Proactive Computing Wireless Internet Hybrid Cloud Business Technology IT Service Machine Learning Paperless Office Backup and Disaster Recovery Voice over Internet Protocol Mobile Office Manufacturing Customer Relationship Management Printer Managed Services Mobile Computing Proactive IT Social Engineering Transportation Going Green Browser Miscellaneous Applications Private Cloud Operating System iPhone Health Money Administration Colocation Windows 10 Advertising PDF Apps Legal Wireless Technology Flexibility Update Cybercrime Black Market Shadow IT Disaster Education Application Save Time Work/Life Balance Office 365 Antivirus Entertainment HIPAA Phone System Analytics Electronic Medical Records Cleaning Hacking Smart Technology Vendor Management Samsung Company Culture App SaaS WiFi Upgrades Vulnerability The Internet of Things Dark Web Nanotechnology OneNote Business Intelligence Managed IT Service Data Protection Commerce Patch Management Regulation Professional Services Travel Word Apple User Error Data Loss File Sharing Storage Lifestyle Evernote Workers Spyware intranet Blockchain IoT Analysis Chromebook Smart Tech Connectivity Streaming Media Content Filter Management Financial Technology Gamification Students Unified Communications Remote Monitoring Wasting Money Amazon Virtual Assistant Alexa for Business WPA3 File Storage Bandwidth Telephone Access Control Utility Computing Payroll SMB Downtime E-Commerce Payment Cards Break/Fix e-waste Employees Smartwatch Development Azure Active Directory Windows Server Cybersecurty Window 10 Online Storage Fiber Optics Windows Server 2008 Copiers Voiceover Internet Protocol Business Telephone Computer Repair Troubleshooting CRM Workstations Outsource IT PCI DSS Regulations Compliance Cost Remote Working Leadership Bitcoin Finance Infrastructure Videoconferencing Streaming Customer Service Copier Authentication Hiring/Firing RMM Windows 11 Cabling Going Paperless Inventory Management Employer/Employee Relationships Outsourcing How To Microsoft Outlook Files 2FA Regulations Paperless Solutions Microsoft 365 Strategy Consulting Decision Making Ergonomics Signage Customer Experience Support Compliance IT Robot Google Drive Alert Law Enforcement Reputation Social Relocation Search Internet Exlporer Text Messaging Office Tips HaaS Video Games Scalability Humor How To Best Practice USB Virtual Reality Managing Stress Point of Sale Identity Theft Worker Commute Politics Experience Music Books Safety Emergency Worker Scam Computer Accessories Charger Computer Care Unsupported Software Television Business Strategy Unified Threat Management Consultant Touchscreen Emails Webinar IT solutions Windows 10s Hard Disk Drive iOS Computer Fan Root Cause Analysis Augmented Reality CrashOverride Settings Screen Mirroring Cast HBO IT Management IT Solutions WIndows Server 2008 Outlook Shortcut Excel Sync Adobe Licensing Tablets NFL Windows Ink Google Maps Google Docs Microsoft Excel Sports Cortana Legislation Comparison Specifications Sales Retail Gifts Credit Cards FAQ Wireless Charging WannaCry Updates Microsoft Word eWaste Device Security Tech Support Fraud Edge Ciminal IT budget Identities Language Virus Websites Data Theft App store Mobile Security Identity Data Privacy Hard Drive Google Assistant Twitter Computer Forensics Gmail PowerPoint Memory Financial Bring Your Own Device Testing Camera Projects Display Co-Managed Services Hyperlink Wasting Time Accessory Peripheral Admin Keyboard Shortcuts Security Cameras Employee 5G Medical IT YouTube OneDrive Sabotage PC Server Maintenance Investment ROI Windows Server 2008 R2 Micrsosoft Digital Signage Processor Benchmarks Myths Threats Scams Managed Services Provider Facebook Privacy eCommerce Holidays Inventory Communitications Hosted Desktop Smart Devices Keyboard Net Neutrality Internet Service Provider Workstation Telework Audits Solutions Policy Procedure Organization Innovations Reviews Biometrics Computer Tips Work Windows 8.1 Voice Supply Chain Environment Workplace Strategies Print Management Healthcare SSD Remote Management Telephone System Print Database Virtual Desktop Proactive Management eSignature Cyberattack Cameras Digital Cameras Mixed Reality Displays Stories Learning Windows PICK 3

Blog Archive