Multiple federal agencies are investigating Chinese router maker TP-Link Technologies Co., the Wall Street Journal reported today.

At least one of the probes focuses on the potential cybersecurity risks posed by the company’s devices. Another investigation, which is being led by the Justice Department, focuses on whether TP-Link has used anticompetitive product pricing practices. It’s believed the investigations could lead to a ban of the company’s routers next year.

Shenzhen-based TP-Link is one of the world’s top router manufacturers. It also competes in several other parts of the consumer electronics market. The company makes network cables, smart home appliances and accessories such as USB hubs, which can turn one of a computer’s USB ports into several.

TP-Link routers have reportedly surged in popularity during the pandemic. According to research cited by the Journal, the company’s share of the U.S. market for home and small business routers has more than tripled from 20% in 2019 to 65% this year. This growth is driven partly by distribution agreements with internet providers. Many telecommunications companies ship TP-Link routers to consumers when they sign up for an internet plan.

According to today’s report, the Justice Department is one of the agencies investigating the electronics maker. In some cases, TP-Link routers cost less than half what competitors charge. Justice Department officials are reportedly probing whether the company breached a law that prohibits monopolies from selling products for less than what they cost to make.

Separately, the Defense Department is reportedly investigating whether TP-Link’s routers contain national security vulnerabilities. Officials reportedly launched the probe earlier this year.

TP-Link has also drawn scrutiny from the Commerce Department’s Office of Information and Communications Technology and Services, or OICTS. The office has the authority to ban companies in designated countries from selling technology products to U.S. customers. OICTS has reportedly issued a subpoena to TP-Link, but it’s currently unclear what information officials sought from the company.

Today’s report cited sources as saying that that TP-Link “routinely” ships routers with vulnerabilities. Products from rivals sometimes also contain cybersecurity issues. However, TP-Link reportedly “doesn’t engage with security researchers concerned” about the problems in its hardware.

Word of the investigations comes not long after Microsoft Corp. discovered a router botnet comprised mostly of TP-Link devices. In a blog post earlier this month, the tech giant detailed that the devices are used by Chinese state-backed hackers to launch cyberattacks.

Microsoft detailed that the hackers gain access to routers using a vulnerability and then download malicious code. According to the company, the botnet includes about 8,000 routers at any given time. They’re being used to launch password spray attacks, cyberattacks in which hackers attempt to access user accounts by entering common passwords.

According to Microsoft, the login credentials that the hackers steal using the compromised routers are leveraged by several other Chinese state-backed actors in cyberattacks. One of those actors, which is tracked as Storm-0940, is known to target government agencies, defense industrial base companies and a range of other organizations.

The Journal reported that U.S. officials could block domestic sales of TP-Link routers next year. The ban would be implemented by OICTS, the Commerce Department office leading one of the investigations into the company. The office previously blocked Russian cybersecurity company Kaspersky from selling its software in the U.S.

Photo: Pixabay