Despite Europe’s push to strengthen its digital sovereignty, a significant share of the continent’s internet traffic still passes through Chinese-made routers, raising concerns about potential cyberespionage risks.
According to a new report by the Sovereign Alliance for European Network Technologies (SAFENet) and the Innovate Europe Foundation (IE.F), the European Union still lacks a comprehensive strategy to reduce its dependence on Chinese-made routers.
The report estimates that ZTE, Huawei, TP-Link, Xiaomi, and Tenda account for around 37% of all home networking devices used across the EU, giving their equipment potential access to approximately 95 million European households.
Researchers warn that a compromised router could provide attackers with access to virtually all digital activity within a home or business. Such a compromise could enable data interception at the firmware level, potentially putting even encrypted communications at risk.
Another concern is that infected routers can be recruited into botnets – large networks of internet-connected devices that hackers remotely control to launch cyberattacks, carry out fraud, or conceal malicious operations.
The report also highlights China’s National Intelligence Law, which requires Chinese companies to assist and cooperate with the country’s intelligence services. This legislation has long fueled concerns that Chinese technology could be used for espionage against foreign governments, businesses, and citizens.
Against this backdrop, the European Union continues its efforts to gradually phase out Huawei and other Chinese vendors from 5G networks and other critical infrastructure.
Cybersecurity agencies from 16 countries, including the United States and the United Kingdom, recently warned that China-linked hackers are hijacking home routers and smart devices to build covert networks that help conceal cyberattacks targeting critical infrastructure worldwide.
At the same time, experts stress that routers from any manufacturer can become targets. As an example, they point to last year’s campaign in which China-linked hackers turned around 50,000 Taiwan-made ASUS home routers into a large-scale espionage network.
The study also found widespread public distrust of foreign networking equipment manufacturers. According to a YouGov survey commissioned by German electronics company FRITZ!, 67% of Europeans distrust Russian router manufacturers, 52% distrust Chinese brands, and 38% distrust American manufacturers.
The report’s authors describe customer networking equipment, particularly home routers, as “the most obvious gap in the EU’s digital sovereignty architecture” and argue that addressing this weakness would be one of the bloc’s simplest and most effective cybersecurity policy measures.
“While Europe has legislated on cloud sovereignty and semiconductor supply chains, the very first and last hardware hop of Europe’s digital activity has remained a critical supply chain blind spot,” the report states.
