FTC Brings ASUS To Heel Over Router Security Flaws

Photo of author

Tim Higgins

FTC and ASUSThe router maker is in trouble with the Feds again.

Tuesday’s settlement between the Federal Trade Commission and ASUS is the second time the U.S. government has been involved in action against the wireless router maker.

In 2013, NETGEAR sued ASUS, claiming it was shipping wireless routers that did not comply with FCC peak power limits. That suit was settled last March, with ASUS agreeing to a compliance plan requiring ASUS to file reports with the FCC for three years.

FTC stomps ASUS

Tuesday’s consent agreement resulted from a February 2014 mass compromise of ASUS routers that allowed attackers to remotely log in, mess with router settings and, in some cases, gain access to networked devices. This time, the U.S. government took action directly, with the FTC filing a complaint against ASUStek itself.

The resulting punishment is worse than that of the NETGEAR case, with ASUS agreeing to immediately implement a "comprehensive security program" that will be subject to independent audits for the next 20 years.

So why did the Feds go after ASUS, when routers from other manufacturers have (or had) similar security flaws? No reports seem to explain why. But it’s obvious given the severity of the punishment, that router manufacturers best take note and get their security design and verification processes tightened up.

Related posts

Belkin prepping certified wireless USB hub

With Freescale gone from the UltraWideBand market, Belkin is moving on to fully join the ranks of "Certified Wireless USB" ...

Linksys Announces AC1900 Router

Linksys is previewing an AC1900 class router at IFA this week.

D-Link Announces Single-Stream Draft 11N Router and Adapter

D-Link today announced that it is shipping a single-stream Draft 802.11n router and companion USB adapter.