US House Passes Bill to Assess Threats Posed by Foreign Routers

Posted on by

A new bill requiring the US Commerce Department to assess the national security risks associated with routers and modems controlled by adversarial nations is one step closer to becoming law after passing the House of Representatives.

The House passed the Removing Our Unsecure Technologies to Ensure Reliability and Security (ROUTERS) Act on April 28, advancing the legislation after it was cleared by the House Energy and Commerce Committee three weeks earlier.

The proposed legislation mandates an investigation, led by the Assistant Secretary for Communications and Information at the Commerce Department, into networking equipment that originates from or is under the control of nations deemed a threat. It has a specific focus on China’s involvement in state-backed cyberattacks that have compromised American networks.

Such legislation is part of several bipartisan initiatives to free US communication systems from untrusted equipment.

It follows warnings from the Justice and Homeland Security departments, as well as the Office of the Director of National Intelligence, about Chinese state-backed intrusions exploiting routers and modem security vulnerabilities.

Congressman Bob Latta (R-Ohio), who unveiled the ROUTERS Act alongside Rep. Robin Kelly, (D-Ill), said on his website: “Routers and modems are critical components of our communications network—they serve as the gateway through which the public accesses the Internet.”

“Today’s House passage of my bill, the ROUTERS Act, brings us one step closer to protecting American privacy by ensuring that bad actors cannot exploit vulnerabilities in routers to infect users’ computers, steal their information, or disrupt their networks,” he added.

The exploitation of network edge devices, especially routers, by cyber adversaries to gain initial access, leading to further system intrusions, has grown significantly over the past few years, ranking among the top initial access vectors, according to reports from Sophos and Verizon.

This tactic has been notably employed in major Chinese-backed cyber intrusion campaigns, including Volt Typhoon and Salt Typhoon, highlighting the significance of addressing router security vulnerabilities.

In 2023, another Chinese state-sponsored group known as Camaro Dragon was observed exploiting Chinese-made TP-Link routers via a malicious firmware implant.