Where Are TP-Link Routers Made And Why Does The US Government Want To Ban Them?

TP-Link is a major player in networking and wireless routers. According to The Wall Street Journal, the company commands a lion's share of the U.S. internet router market — 65% to be precise — but it is now facing scrutiny from multiple government agencies over national security risks. Established in China back in 1996, followed by a 2008 expansion into the U.S. and the establishment of a global headquarters in California last year, the company is now staring at a nationwide ban in the U.S.

The investigations first began late in 2024, with the U.S. Justice, Commerce, and Defense all launching their own probes. Sources for The Wall Street Journal allege that TP-Link routers ship with security flaws that the company doesn't address, and that the company doesn't engage with security experts to fix those security flaws. In early June 2025, for example, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) highlighted a high-severity security flaw in TP-Link routers.

TP-Link claims it has manufacturing and supply chain networks in multiple countries. Core production takes place in China, Vietnam, and Brazil, with the company recently expanding into India in 2022, as part of the local government's Make in India initiative. The threat to TP-Link's business is tied to its origins in China, with some claims that it is state-sponsored. However, TP-Link says that it has split from TP-LINK Technologies, which exclusively serves the Chinese market. The company that serves the global market, including the U.S., is TP-Link Systems, headquartered in California.

In May 2025, over a dozen Republican lawmakers wrote a letter to Commerce Secretary Howard Lutnick, demanding a ban on the sale of TP-Link's networking gear in the U.S. The letter labeled TP-Link "a state-sponsored networking equipment company," and alleged that it was a danger to national security. Highlighting the company's "role in embedding foreign surveillance and destructive capabilities," the lawmakers mentioned how TP-Link must adhere to China's National Security Law, supposedly enabling hackers to launch cyber attacks.

The letter, which was signed by Senators Tom Cotton and Josh Hawley, among others, demanded that the Department of Commerce immediately prohibit sales of TP-Link's networking gear. The senators also mentioned the Justice Department's 2024 antitrust investigation into the company's questionable pricing strategies to maintain market dominance. 2024 also saw the U.S. government launch a national security probe into the company, following a subpoena issued to TP-Link by the Commerce Department.

TP-Link, on the other hand, claims that there is not "a shred of evidence" that the company is linked to the Chinese government, and that any such claim about posing a threat to national security is baseless. "There is no basis for banning TP-Link when we meet or exceed the same security standards as others," the company said in a statement. While the Cybersecurity and Infrastructure Security Agency (CISA) has repeatedly warned that China-linked threat actors exploit routers, TP-Link has signed CISA's Secure by Design pledge to reduce risks and enhance security.

The Microsoft Exchange server hack from 2021 led to a heated diplomatic back-and-forth between the US and China. The software giant pinned the breach on Salt Typhoon, a Chinese-linked cyberespionage operation that has continued its attacks on software and telecom companies well into 2025. The hacker group has reportedly breached the security of nine telecom carriers, including Verizon and AT&T, as well as figures such as President Donald Trump and his campaign officials.

Routers appear to be a recurring theme in the ongoing saga. Earlier this year, the group launched an attack targeting software running on Cisco routers. One of the vulnerabilities exploited by the hackers granted root privilege, a high-level system access that allows a bad actor to take control of a device and the connected network. Late in 2024, Microsoft revealed password attacks from a network of compromised devices it dubbed  CovertNetwork-1658, including small office and home office (SOHO) routers. "SOHO routers manufactured by TP-Link make up most of this network," the company said in a statement.

When T-Mobile's infrastructure came under attack in 2024, the telecom carrier reported that hackers had targeted its routers before breaking into the wider network. In 2023, the United States National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a joint security note, in which these agencies also highlighted the critical role of routers in facilitating China-linked cyber attacks.