Regulation - US Targets Foreign-Made Routers Amid Security Concerns
Basically, the US is banning some foreign routers to improve security, but experts say it won't fix all problems.
The FCC has banned certain foreign-made routers due to security concerns. This impacts manufacturers and users alike. Experts warn that existing vulnerabilities remain a significant risk.
What Happened
The US Federal Communications Commission (FCC) has recently expanded its Covered List to include specific foreign-made consumer routers. This decision means that new models will not receive equipment authorization, effectively blocking their import and sale in the United States. This regulatory action reflects growing concerns about supply chain security and the potential for foreign state interference in critical network infrastructure. Routers serve as gateways for vast amounts of data, making them crucial in both home and enterprise environments.
However, cybersecurity experts caution that focusing solely on the origin of devices might overlook more pressing security challenges. Shane Barney, CISO at Keeper Security, emphasized that while the regulatory move signifies a shift in focus, it risks oversimplifying the broader security landscape. Routers are often treated differently from other IT assets, despite their critical role in network security.
Who's Affected
The FCC's action primarily impacts manufacturers and consumers of foreign-made routers. While it prevents new models from entering the market, millions of existing routers remain in use, many of which are outdated and lack support. Rik Ferguson, VP of Security Intelligence at Forescout, pointed out that the action does not magically secure the vast number of routers already deployed. These devices often remain operational long after their support has ended, creating significant vulnerabilities.
The installed base of routers presents a considerable attack surface for cybercriminals. Many of these devices are susceptible to exploitation due to weak management interfaces, reused credentials, and slow patching cycles. This situation is compounded by users' reluctance to interact with their routers, further exposing networks to potential threats.
What Data Was Exposed
Recent findings indicate that routers and network infrastructure devices have become the riskiest category of IT assets, surpassing endpoints in terms of vulnerability. Daniel dos Santos, VP of Research at Forescout, noted that these devices are increasingly targeted for both vulnerability exploitation and weak credentials. Compromised routers can be used to build botnets for distributed denial-of-service attacks or as proxy infrastructure.
While the FCC's decision aims to mitigate risks associated with foreign-manufactured routers, it does not address the existing vulnerabilities that many users face. Experts stress that there are legitimate concerns about state influence and potential covert communication channels embedded in hardware or firmware, highlighting the need for consistent security standards across all manufacturers.
What You Should Do
To enhance security, organizations must adopt a zero-trust architecture for their network infrastructure. This means treating routers as critical components that require continuous verification and control. Barney suggests that organizations implement strong identity governance, privileged access management, and prioritize least privilege access to minimize risks.
Practical steps to secure routers include:
- Replacing unsupported devices
- Applying firmware updates
- Disabling remote management interfaces
- Enforcing strong and unique credentials
- Segmenting IoT devices from business systems
By focusing on these immediate actions, organizations can reduce risks regardless of the device's origin. As hybrid working environments blur the lines between corporate and home networks, addressing these vulnerabilities becomes increasingly critical.
IT Security Guru