Home routers named ‘Europe’s forgotten internet security risk’
John E. Kaye
- Published
- News, Technology

New study says home routers have escaped the scrutiny applied to 5G networks despite carrying 93 per cent of European internet traffic and sitting at the centre of the digital sovereignty debate
Home routers represent one of Europe’s biggest overlooked security risks, researchers have warned.
A new study suggests the devices, which connect homes and businesses to the internet, have become a major blind spot in Europe’s digital sovereignty debate.
Unlike 5G networks, which are run by licensed telecoms operators and subject to national-security scrutiny in Europe, home routers have largely escaped attention despite sitting at the gateway to millions of homes and businesses.
A compromised router can give attackers a route into everything connected to it, from work emails and banking passwords to CCTV footage, family photos and live baby-monitor feeds.
Experts warn that more than half of Europe’s routers and repeaters are supplied by companies based outside the EU.
Chinese manufacturers including ZTE, Huawei, TP-Link, Xiaomi and Tenda are said to account for about 37 per cent of the total EU home networking market, with the rest split between European firms and other non-EU suppliers.
According to the Sovereignty Alliance for European Network Technology, known as SAFENet, the Innovate Europe Foundation and Berlin consultancy iconomy, it gives companies theoretical access to an estimated 95 million European households.
Its report, ‘The Hidden Backbone of Digital Sovereignty: Why Europe Must Care About Internet Routers’, describes routers as the “literal first and last hardware hop of European digital activity” and says they operate largely outside the EU’s sovereignty and supply-chain security framework despite sitting at the heart of the continent’s digital infrastructure.
“While Europe legislated for cloud sovereignty and semiconductor supply chains, the literal first and last hardware hop of European digital activity became a critical supply chain blind spot,” it says.
“Installed in hundreds of millions of European homes and businesses and supplied directly by ISPs with no consumer choice over the manufacturer, these devices sit unscrutinized at the heart of Europe’s digital infrastructure.
“Trusted by default and invisible in practice, they are a potential Trojan horse that no coordinated supply chain security framework currently addresses.”
Most routers have a password to stop the wi-fi network being accessed locally or used by passers-by, neighbours or anyone else within range.
But a strong password does not protect the router itself from security flaws, weak firmware, compromised updates or remote-management systems that can be hacked remotely.
If a router is compromised, traffic passing through it can potentially be inspected, copied or redirected, while the device itself can also be hijacked and used in larger cyberattacks.
The study, published yesterday, argues that Europe already has tools for dealing with high-risk suppliers in other technology sectors but has not applied the same thinking to routers.
It says: “Compromised routers are the primary building block of botnets, large networks of hijacked devices used to launch Distributed Denial of Service attacks, distribute malware, and conduct large-scale credential theft.”
The report also warns that a weakness in one manufacturer’s equipment can quickly become a mass problem across Europe.
SAFENet said router security had been pushed out of the European debate by larger and more visible technology issues.
It said: “Router security and sovereignty has been – and continues to be – crowded out of the European debate and regulation by larger, more visible challenges. It is time to close this gap.”
The alliance is now calling for four measures including clearer labelling of country of origin and legal jurisdiction for network devices, changes to public procurement, stronger supply-chain governance and support for European industrial capacity.
READ MORE: Is Europe regulating the future or forgetting to build it? The hidden flaw in digital sovereignty. As Europe builds on the GDPR and AI Act, the next frontier lies beyond rulebooks and penalties, writes Vendan Kumararajah, who argues that digital sovereignty will endure only if governance, legitimacy and distortion detection are engineered directly into the architecture of AI systems themselves, rather than imposed from outside through compliance alone.
Do you have news to share or expertise to contribute? The European welcomes insights from business leaders and sector specialists. Get in touch with our editorial team to find out more.
Main image: Photo by Pascal via Pexels
TOP STORIES
-
Masts from Kent ‘doomsday wreck’ to be cut to prevent catastrophic explosion -
GigaCloud and Cubbit launch sovereign cloud storage for Ukraine and Poland -
Tributes paid to ‘forthright and fearless’ Ann Widdecombe -
Boeing to debut Ghost Bat drone at Farnborough Airshow -
Reeves opens ‘£2bn lifeline’ for small firms -
Babymoon boom: Rhodes crowned 2026's top pre-baby escape as Salcombe leads UK getaway list -
Xavier Niel to become Vodafone’s largest shareholder in £4.4bn deal -
Two-thirds of lawyers say strong legal claims are dropped because of cost -
UK government must "think again" about small business plan -
Lockheed Martin pushes European missile expansion at NATO summit -
Britain's new homes face 2050s heat test as experts warn of overheating crisis -
Sky agrees £1.6bn deal to buy ITV’s broadcasting and streaming arm -
Scientists crack dinosaur egg mystery by building life-size nest -
Nobel laureate Omar Yaghi launches global science network -
Cardiff drivers safest in Britain as London comes last -
Former Kyndryl Germany boss joins Infinigate in growth role -
Volunteers collect 11m rare seeds to restore Scotland’s native forests -
Trump threatens 'immediate 100pc tariffs' on European countries over tech taxes -
World’s biggest golf tour lands global eSIM deal with Yesim -
Facebook owner Meta signs Texas solar deal with Turkish renewables firm -
UK universities take top four places in European global rankings -
Hurghada gets new 442-room Red Sea resort as Britons chase year-round sun -
Home routers named ‘Europe’s forgotten internet security risk’ -
New documentary explores water safety as Europe confronts soaring drowning deaths -
Venice tourists say £43 day-trip fee will turn city into ‘playground for the rich’


























