"The Federal Communications Commission (FCC) has extended waivers covering certain foreign-made routers (and drones) already operating in the US, pushing the update deadline to at least January 1, 2029. Without the extension, updates would have been blocked as early as 2027. Back in March, the FCC updated its Covered List to include all foreign-made consumer routers, prohibiting the approval of any new models. This effectively banned any new kit made in other countries from being sold, but did not prevent the import, sale, or use of existing models that had previously been authorized."
"The policy stems from fears that foreign-made router pose a security threat. Because they handle network traffic, they could introduce vulnerabilities exploitable against critical infrastructure, and in the words of the FCC represent "a severe cybersecurity risk that could harm Americans." Miscreants have exploited security flaws in routers to disrupt networks or steal intellectual property, and routers are implicated in the Volt, Flax, and Salt Typhoon cyberattacks."
"Blocking firmware updates, which typically deliver security patches for newly discovered flaws, also seemed a peculiar own goal for a regulator whose stated motivation is reducing network vulnerability. The FCC has belatedly recognized this, stating that its policies wo"
The FCC extended waivers for certain foreign-made routers and drones already operating in the US, moving the update deadline to at least January 1, 2029. Without the extension, updates could have been blocked as early as 2027. In March, the FCC updated its Covered List to include all foreign-made consumer routers, preventing approval of new models while still allowing existing authorized models to be imported, sold, and used. The policy was driven by concerns that foreign-made routers pose severe cybersecurity risks to Americans and critical infrastructure. Router vulnerabilities have been exploited to disrupt networks and steal intellectual property, and routers have been linked to major cyberattacks. The extension reflects recognition that blocking firmware updates would leave devices unpatched and increase risk.
Read at theregister
Unable to calculate read time
Collection
[
|
...
]