GoKawiilThe Federal Communications Commission has updated its Covered List to include all consumer routers made in foreign countries, banning the sale of new models in the U.S.
The Covered List, created under the Secure and Trusted Communications Networks Act of 2019, is an FCC-maintained list of communications equipment and services that the U.S. government has determined to pose an unacceptable risk to national security or the safety of Americans.
The list previously included specific products and companies tied to security concerns, such as Kaspersky, Huawei, ZTE, Hikvision, and Dahua.
Adding all routers manufactured abroad to the Covered List follows a National Security Determination issued on March 20 by an Executive Branch interagency body.
According to the assessment, foreign-produced routers carry a supply-chain risk "that could disrupt the U.S. economy, critical infrastructure, and national defense." The agency determined that these devices could also be used "to immediately and severely disrupt U.S. critical infrastructure and directly harm U.S. persons."
In support of the decision, the FCC highlights that foreign-made routers helped the Volt, Flax, and Salt Typhoon hackers carry out attacks that targeted vital U.S. infrastructure.
Exemptions and alternative approval path
Conditional approval has been granted to certain routers used in the U.S. Department of War (DoW) or the Department of Homeland Security (DHS) for drone systems, which have been determined not to constitute a security risk.
Also, the new rules do not bar foreign consumer-grade router makers from seeking approval in the U.S., as long as they transparently disclose:
Corporate and ownership structure, including any foreign government financial support and influence.
... continue reading