TP-Link is amajor player in networking and wireless routers. According toThe Wall Street Journal, the company commands a lion’s share of the U.S. internet router market — 65% to be precise — but it is now facing scrutiny from multiple government agencies over national security risks. Established in China back in 1996, followed by a 2008 expansion into the U.S. and the establishment of a global headquarters in California last year,the company is now staring at a nationwide banin the U.S.

The investigations first began late in 2024, with the U.S. Justice, Commerce, and Defense all launching their own probes. Sources for The Wall Street Journal allege that TP-Link routers ship with security flaws that the company doesn’t address, and that the company doesn’t engage with security experts to fix those security flaws. In early June 2025, for example, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) highlighted a high-severity security flaw in TP-Link routers.

TP-Link building in Canada with TP-Link sign in foreground

The call for a nationwide ban

The letter, which was signed by Senators Tom Cotton and Josh Hawley, among others, demanded that the Department of Commerce immediately prohibit sales of TP-Link’s networking gear. The senators also mentioned the Justice Department’s 2024 antitrust investigation into the company’s questionable pricing strategies to maintain market dominance. 2024 also saw the U.S. government launch a national security probe into the company, following a subpoena issued to TP-Link by the Commerce Department.

TP-Link, on the other hand, claims that there is not “a shred of evidence” that the company is linked to the Chinese government, and that any such claim about posing a threat to national security is baseless. “There is no basis for banning TP-Link when we meet or exceed the same security standards as others,” the company said in astatement. While the Cybersecurity and Infrastructure Security Agency (CISA) has repeatedly warned that China-linked threat actors exploit routers, TP-Link has signed CISA’s Secure by Design pledge to reduce risks and enhance security.

TP-Link Archer GE650 router on a white background

Routers and the threats they pose

TheMicrosoft Exchange server hackfrom 2021 led to a heated diplomatic back-and-forth between the US and China. The software giant pinned the breach on Salt Typhoon, a Chinese-linked cyberespionage operation that has continued its attacks on software and telecom companies well into 2025. The hacker group has reportedly breached the security of nine telecom carriers, including Verizon and AT&T, as well as figures such as President Donald Trump and his campaign officials.

Routers appear to be a recurring theme in the ongoing saga. Earlier this year, the group launched an attack targeting software running on Cisco routers. One of the vulnerabilities exploited by the hackers granted root privilege, a high-level system access that allows a bad actor to take control of a device and the connected network. Late in 2024, Microsoft revealed password attacks from a network of compromised devices it dubbed  CovertNetwork-1658, including small office and home office (SOHO) routers. “SOHO routers manufactured by TP-Link make up most of this network,” the companysaidin a statement.

When T-Mobile’s infrastructure came under attack in 2024, the telecom carrier reported that hackers had targeted its routers before breaking into the wider network. In 2023, the United States National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a joint security note, in which these agencies also highlighted the critical role of routers in facilitating China-linked cyber attacks.