Again on August 13, John Moolenaar, Chair of the US House Select Committee on the Chinese Communist Party, and Raja Krishnamoorthi, the committee’s Ranking Member, addressed a letter to Commerce Secretary Gina Raimondo urging an investigation into TP-Link. The lawmakers claimed that “open-source information” suggests TP-Link’s products may pose a security risk.
“TP-Link’s unusual degree of vulnerabilities and required compliance with PRC law are in and of themselves disconcerting. When combined with the PRC government’s common use of SOHO routers like TP-Link to perpetrate extensive cyberattacks in the US, it becomes significantly alarming,” the letter read.
In October, Microsoft published an analysis that highlighted that compromised TP-Link devices were integral to the activities of “CovertNetwork-1658,” a China-linked hacking operation. These routers reportedly provided a network of egress IPs that masked subsequent attacks on American critical infrastructure, part of a broader campaign dubbed Volt Typhoon.