Microsoft (MSFT.O) said Friday it will no longer use China-based engineers to provide technical assistance to the U.S. military, following a report by investigative outlet ProPublica that raised alarms in Washington and prompted a review of Pentagon cloud contracts.
The ProPublica report revealed that Microsoft had employed engineers based in China to work on U.S. military cloud computing systems. These engineers operated under the supervision of so-called “digital escorts” — U.S.-based subcontractors with security clearances who reportedly often lacked the technical expertise to assess cybersecurity risks stemming from the Chinese teams’ involvement.
Microsoft, a key technology contractor to the U.S. government, has previously been the target of cyberattacks by both Chinese and Russian hackers. The company told ProPublica that it had disclosed its operational practices, including the involvement of China-based staff, to the U.S. government during the project authorization process.
On Friday, Microsoft spokesperson Frank Shaw announced on X (formerly Twitter) that the company had updated its support structure in response to the concerns raised earlier in the week. “To assure that no China-based engineering teams are providing technical assistance” for services used by the Pentagon, Microsoft has restructured how it supports its U.S. government clients, Shaw said.
The issue drew the attention of Senator Tom Cotton, an Arkansas Republican who chairs the Senate Intelligence Committee and sits on the Armed Services Committee. Cotton sent a letter to Defense Secretary Pete Hegseth requesting a list of military contractors employing Chinese personnel and further details on how “digital escorts” are trained to detect potential cybersecurity threats.
“The U.S. government recognizes that China’s cyber capabilities pose one of the most aggressive and dangerous threats to the United States, as evidenced by infiltration of our critical infrastructure, telecommunications networks, and supply chains,” Cotton wrote. He warned that the military “must guard against all potential threats within its supply chain, including those from subcontractors.”
Defense Secretary Pete Hegseth, in a video posted on X on Friday, said he was launching a two-week review to ensure no other military cloud services contracts involve China-based personnel.
“I’m announcing that China will no longer have any involvement whatsoever in our cloud services, effective immediately,” Hegseth stated. “We will continue to monitor and counter all threats to our military infrastructure and online networks.”
