Bill to study national security risks in routers passes House committee
A federal study into the national security risks posed by routers, modems and similar devices controlled by U.S. adversaries moved one step closer to law Tuesday by advancing out of the House Energy and Commerce Committee.
The Removing Our Unsecure Technologies to Ensure Reliability and Security (ROUTERS) Act from Reps. Bob Latta, R-Ohio, and Robin Kelly, D-Ill., would require the Commerce Department’s assistant secretary for communications and information to oversee a study into devices that are “designed, developed, manufactured, or supplied” by or subject to the influence of a “covered country.”
The two-page bill is a companion to legislation introduced in January by Sens. Marsha Blackburn, R-Tenn., and Ben Ray Luján, D-N.M. In a press release accompanying the introduction of the Senate bill, China, Russia, Iran, North Korean, Cuba and Venezuela were called out specifically as covered countries. The Senate version was reported favorably out of the chamber’s Commerce, Science and Transportation Committee last month.
Kelly said Tuesday during the House markup that broadband infrastructure has been a top priority for her on the committee. Closing the digital dive is something she remains “deeply committed to,” but precautions for doing so must be taken.
“We must protect the privacy and security of those millions of Americans who rely on the internet to accomplish critical everyday tasks,” she said, “like online banking, educational purposes, remote sensing and monitoring, and more leisure activities like shopping and streaming.”
Kelly successfully introduced an amendment to the bill that would charge Commerce’s assistant secretary — who also serves as administrator of the National Telecommunications and Information Administration — with examining cybersecurity vulnerabilities as part of the department’s overarching study into adversarial-controlled routers and devices.
“This amendment is not only good government given the recent cyberattacks we have seen on our communications networks and personal devices, but it also corresponds with an amendment Senator Luján offered that was added to the Senate version of this bill last month,” she said. “My amendment will make a technical clarification to ensure that the secretary relies on the entire expertise of the department when conducting the study required by this bill.”
Routers have emerged as a popular target for threat actors in recent years. The Chinese-backed Volt Typhoon campaign last year leveraged privately owned Cisco and NetGear routers infected with malware in an attempt to conceal the targeting of U.S. critical infrastructure, while Salt Typhoon recently hit American telecom networks via Cisco devices.
