Nicole Perlroth

And these zombie routers, they're just dusty, ordinary looking devices in living rooms and small offices, quietly moving packets for Chinese state hackers halfway across the world. Cyber experts have a Marvel-esque name for these compromised routers. They call them orbs, short for operational relay boxes.

And these zombie routers, they're just dusty, ordinary looking devices in living rooms and small offices, quietly moving packets for Chinese state hackers halfway across the world. Cyber experts have a Marvel-esque name for these compromised routers. They call them orbs, short for operational relay boxes.

So literally, you could be home right now baking apple pie and have zero idea that your home router is being used by China as a conduit to hack the U.S. power grid. From China's point of view, this approach is elegant. From ours, it's dangerous. For one, it's the perfect disguise.

So literally, you could be home right now baking apple pie and have zero idea that your home router is being used by China as a conduit to hack the U.S. power grid. From China's point of view, this approach is elegant. From ours, it's dangerous. For one, it's the perfect disguise.

It's like the Wisconsin welding shop, leveled up.

It's like the Wisconsin welding shop, leveled up.

And it's not just one botnet using these orbs to hack us. China has employed nearly a dozen that we know about. They're managed by mid-level Chinese contractors like iSoon and Chengdu 404, who lease them out to Volt Typhoon and these other Chinese APTs. It's layers on layers, like a hall of mirrors, each one giving Beijing just enough distance to shrug and say, wasn't us.

And it's not just one botnet using these orbs to hack us. China has employed nearly a dozen that we know about. They're managed by mid-level Chinese contractors like iSoon and Chengdu 404, who lease them out to Volt Typhoon and these other Chinese APTs. It's layers on layers, like a hall of mirrors, each one giving Beijing just enough distance to shrug and say, wasn't us.

Second, routers are easily replaceable. If one gets burned, hackers can just hop to the one next door.

Second, routers are easily replaceable. If one gets burned, hackers can just hop to the one next door.

Third, these routers are really hard to monitor. Rarely do they have logs or any kind of security. Bull Typhoon has used routers from U.S. companies like Cisco, Fortinet, Netgear, and others, many of them unpatched, still running those default passwords, or others that have reached end of life and been abandoned by their vendors.

Third, these routers are really hard to monitor. Rarely do they have logs or any kind of security. Bull Typhoon has used routers from U.S. companies like Cisco, Fortinet, Netgear, and others, many of them unpatched, still running those default passwords, or others that have reached end of life and been abandoned by their vendors.

But these days, American brands are getting squeezed out by a Chinese giant.

But these days, American brands are getting squeezed out by a Chinese giant.

While the White House dithers back and forth on TikTok, few Americans have ever even heard of TP-Link. And I get it. When you buy a home router, you don't care what brand you get. You just want it to work. TP-Link's routers are ubiquitous and easily forgotten. If you've bought a home or small office router recently, chances are your data is flowing through TP-Link. In fact, go on Amazon right now.

While the White House dithers back and forth on TikTok, few Americans have ever even heard of TP-Link. And I get it. When you buy a home router, you don't care what brand you get. You just want it to work. TP-Link's routers are ubiquitous and easily forgotten. If you've bought a home or small office router recently, chances are your data is flowing through TP-Link. In fact, go on Amazon right now.

Search the words home router. And Amazon's overall pick is a TP-Link router. It's by far the cheapest option, as in less than half the cost of its next closest competitor. TP-Link's share of the U.S. router market has exploded from 10% in 2019 to over 60% today. That's according to the Wall Street Journal, which found that TP-Link's share of next-gen Wi-Fi systems is even higher, 80%.

Search the words home router. And Amazon's overall pick is a TP-Link router. It's by far the cheapest option, as in less than half the cost of its next closest competitor. TP-Link's share of the U.S. router market has exploded from 10% in 2019 to over 60% today. That's according to the Wall Street Journal, which found that TP-Link's share of next-gen Wi-Fi systems is even higher, 80%.

And as early as October 2023, China's Volt Typhoon hackers started using TP-Link routers to burrow into U.S. infrastructure. Now, to be clear, TP-Link isn't the only brand they've used. But what makes TP-Link different is this. It's a Chinese company. It was started by two Chinese brothers and for three decades operated from Shenzhen. But last year, TP-Link split in two.

And as early as October 2023, China's Volt Typhoon hackers started using TP-Link routers to burrow into U.S. infrastructure. Now, to be clear, TP-Link isn't the only brand they've used. But what makes TP-Link different is this. It's a Chinese company. It was started by two Chinese brothers and for three decades operated from Shenzhen. But last year, TP-Link split in two.