FCC Extends Update Deadline for Banned Foreign-Made Drones and Routers to 2029

Severity: Medium (Score: 58.0)

Sources: www.wsj.com, www.reuters.com, Sea.Mashable, www.theregister.com, www.fcc.gov

Summary

The FCC has announced an extension allowing foreign-made drones and routers to receive critical firmware updates until January 1, 2029, delaying the previous ban set for March 1, 2027. This decision addresses national security concerns regarding espionage and data exfiltration, particularly from devices manufactured in China. Approximately 60% of routers and over 80% of drones in the U.S. are made in China, raising significant cybersecurity risks. The extension is partly due to lobbying from the Consumer Technology Association, which advocated for clearer guidelines and longer update periods. The ongoing Volt Typhoon APT exemplifies the potential threats posed by compromised hardware, as it targets U.S. cyber infrastructure. This extension provides relief to consumers who invested in these devices but raises questions about future supply chain security. Key Points: • FCC extends update deadline for banned foreign-made drones and routers to 2029. • 60% of U.S. routers and over 80% of drones are manufactured in China, posing cybersecurity risks. • Consumer Technology Association's lobbying influenced the FCC's decision for a two-year extension.

Key Entities

• Volt Typhoon (apt_group)
• Data Breach (attack_type)
• China (country)
• United States (country)
• CWE-200 - Exposure of Sensitive Information (cwe)
• CWE-798 - Use of Hard-coded Credentials (cwe)
• Financial (industry)
• T1071 - Application Layer Protocol (mitre_attack)
• Confluence (platform)
• DJI Matrice 600 (tool)
• DJI Phantom (tool)
• Fluke System (tool)
• GPD Mini Laptop (tool)
• Raspberry Pi (tool)