FTC Brings ASUS To Heel Over Router Security Flaws

Photo of author

Tim Higgins

FTC and ASUSThe router maker is in trouble with the Feds again.

Tuesday’s settlement between the Federal Trade Commission and ASUS is the second time the U.S. government has been involved in action against the wireless router maker.

In 2013, NETGEAR sued ASUS, claiming it was shipping wireless routers that did not comply with FCC peak power limits. That suit was settled last March, with ASUS agreeing to a compliance plan requiring ASUS to file reports with the FCC for three years.

FTC stomps ASUS

Tuesday’s consent agreement resulted from a February 2014 mass compromise of ASUS routers that allowed attackers to remotely log in, mess with router settings and, in some cases, gain access to networked devices. This time, the U.S. government took action directly, with the FTC filing a complaint against ASUStek itself.

The resulting punishment is worse than that of the NETGEAR case, with ASUS agreeing to immediately implement a "comprehensive security program" that will be subject to independent audits for the next 20 years.

So why did the Feds go after ASUS, when routers from other manufacturers have (or had) similar security flaws? No reports seem to explain why. But it’s obvious given the severity of the punishment, that router manufacturers best take note and get their security design and verification processes tightened up.

Related posts

NETGEAR Makes The Nighthawk X4 Official

NETGEAR has announced its first AC2350 class router.

D-Link ships dual-band draft 11n gaming router

D-Link said today it has started shipping its DGL-4500 Draft 802.11n Xtreme N Gaming Router.

The router combines a single dual-band Draft 2.0 802.11n radio based on Atheros XSPAN technology with D-Link's "GameFuel" technology—D-Link's branding of Ubicom's "StreamEngine" auto-QoS technology.

D-Link Announces A New Mobile Companion

D-Link has introduced a second multifunction mobile AP/storage sharer.