FCC Bans Chinese Telecom Equipment From Huawei, ZTE, Others Over Security Risks
Key Takeaways The U.S. Federal Communications Commission (FCC) has implemented a comprehensive ban on the import and sale of all telecommunications equipment from specific Chinese manufacturers. This...
Key Takeaways
- The U.S. Federal Communications Commission (FCC) has implemented a comprehensive ban on the import and sale of all telecommunications equipment from specific Chinese manufacturers.
- This decision targets companies like Huawei, ZTE, and Hikvision, which are on the FCC’s “Covered List” due to national security concerns.
- The ban closes a loophole, now prohibiting both new and previously approved legacy equipment from these vendors in the U.S. market.
- The move aims to mitigate cybersecurity risks, including unpatched vulnerabilities and potential espionage capabilities in older devices.
FCC Implements Sweeping Ban on Chinese Telecom Gear Over Security Fears
The U.S. Federal Communications Commission (FCC) has enacted a broad prohibition on the importation and sale of certain telecommunications hardware originating from China, citing significant cybersecurity risks and the potential for espionage. This decisive action, announced on June 26, 2026, targets products from entities identified on the FCC’s “Covered List,” which includes prominent firms such as Huawei, ZTE, and Hikvision, all deemed threats to national security.
Table Of Content
This latest regulatory update addresses a long-standing gap that previously permitted these manufacturers to continue supplying older, pre-approved equipment within the U.S. market. While restrictions on newer products from these vendors have been in place since 2022, legacy systems had until now remained legally importable and deployable across American networks. The revised rule now explicitly revokes these prior authorizations, effectively banning all such equipment, irrespective of its original approval date.
Closing the Legacy Loophole
According to the FCC, the continued presence of these older devices poses substantial cybersecurity threats. Legacy systems are frequently plagued by unpatched vulnerabilities, outdated firmware, and insecure communication protocols, rendering them attractive targets for malicious exploitation. Furthermore, some of these products are suspected of containing covert capabilities that could facilitate unauthorized data access or remote surveillance, raising serious national security alarms.
The ban encompasses a wide array of telecommunications and surveillance equipment, including various routers, base stations, video monitoring systems, and other critical network infrastructure components. However, the FCC clarified that organizations currently operating already deployed equipment will not be mandated to immediately remove or replace it. Despite this, the agency acknowledged the inherent risks associated with the continued use of such compromised systems.
Broader Strategy to Secure Critical Infrastructure
This action by the FCC forms part of a larger U.S. strategy aimed at bolstering critical infrastructure defenses against foreign cyber threats. Merely one day before this announcement, the FCC introduced new licensing requirements for submarine cable landing stations—essential infrastructure responsible for handling the vast majority of global internet traffic. These regulations are designed to prevent adversarial nations, particularly Chinese entities, from gaining unauthorized access to or disrupting sensitive data flows.
The FCC has also extended its restrictions to other technology sectors. In recent months, the agency has implemented prohibitions on foreign-made drones and routers, citing recurring connections between certain Chinese manufacturers and cyber intrusion campaigns targeting U.S. networks. Companies such as TP-Link, DJI, and Autel Robotics have been specifically highlighted in security assessments that underscore the risks of data exfiltration and network compromise associated with their products.
Security experts emphasize that previously authorized equipment often shares the same fundamental architectural weaknesses as newer models that have already been banned. These vulnerabilities include hardcoded credentials, insecure update mechanisms, and inadequate encryption standards. Consequently, allowing legacy devices to remain operational created a persistent and exploitable attack surface within domestic networks, undermining overall cybersecurity posture.
While the FCC’s decision significantly enhances supply chain security, analysts suggest that additional measures are necessary. These recommendations include restricting Covered List entities from providing telecommunications services within the U.S. and limiting network interconnections with high-risk providers. Such proactive steps would further diminish the likelihood of adversarial access to sensitive national infrastructure.
The FCC’s expanded regulatory role reflects growing concerns over state-sponsored cyber threats and the imperative for more stringent controls on foreign technology deployed within critical U.S. systems.
What You Should Do
- Inventory Existing Equipment: Organizations should conduct a thorough audit of all telecommunications and surveillance equipment currently in use to identify any devices from vendors on the FCC’s “Covered List” (e.g., Huawei, ZTE, Hikvision).
- Assess Risk: Evaluate the cybersecurity risks associated with continued use of identified legacy equipment, considering its age, known vulnerabilities, and potential for compromise.
- Plan for Replacement: While immediate removal isn’t mandated, begin planning for the phased replacement of high-risk equipment with approved alternatives from trusted vendors.
- Isolate and Monitor: If immediate replacement isn’t feasible, consider isolating legacy devices on separate network segments and implementing enhanced monitoring to detect unusual activity.
- Stay Informed: Keep abreast of further FCC guidance and advisories regarding prohibited equipment and best practices for securing network infrastructure.
Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.



No Comment! Be the first one.