The FCC has extended a deadline for firmware updates on foreign-made drones and routers, originally set for March 1, 2027, now allowing updates until January 1, 2029. This decision, announced by the FCC’s Office of Engineering and Technology, adds nearly two years to the initial cut-off date. Concerns from the American government include potential espionage, unauthorized surveillance, and data breaches, facilitated by backdoor exploits in both drones and routers. The ongoing Volt Typhoon APT is an example of such threats, using compromised hardware to steal data and establish control over American cyber infrastructure.
Despite drones being newer than routers, corporate espionage involving drones has been ongoing since at least 2022. In the U.S., about 60% of routers are made in China, as reported by Reuters, and over 80% of operational drones were also designed and built in China, according to the Wall Street Journal. For consumers who recently purchased these devices, the sudden government ban could be troubling. In response, the Consumer Technology Association urged the FTC to clarify and reconsider which products the ban affects, likely influencing the extension decision.
Moving forward, expect supply chains and manufacturers to adapt in light of the cybersecurity concerns, potentially relocating production as threats become more defined.