The Federal Communications Commission has prolonged the timeline for firmware updates on drones and routers produced abroad, which was originally scheduled to conclude on March 1, 2027. In an announcement from the FCC’s Office of Engineering and Technology on May 8, 2026, it was revealed that updates will now be permitted until January 1, 2029, providing nearly two additional years for updates.

The U.S. government has expressed worries regarding espionage, illicit surveillance, and data theft, which can be enabled by backdoor vulnerabilities in drones and routers. A prominent case is the Volt Typhoon “advanced persistent threat” (APT), which exploits compromised hardware to gather information and gain control over American cyber infrastructure. While drones are a more recent technology than routers, they have been utilized for corporate espionage since at least 2022, when they accessed the wireless networks of a leading American financial institution.

The risk is substantial, with approximately 60% of the country’s routers and over 80% of drones being sourced from China, according to Reuters and the Wall Street Journal, respectively. Consumers who have purchased these devices might see their investments influenced by governmental regulations. The Consumer Technology Association has represented these consumers, calling on the FTC to specify the impacted products and exhibit leniency.

This extension likely results from their initiatives, but supply chains and manufacturers are anticipated to shift back to local production as cybersecurity issues become increasingly evident.