Microsoft Cuts China Engineers From Pentagon Cloud Work

In a significant policy reversal, Microsoft has ceased using China-based engineers to provide technical support for the U.S. Department of Defense’s cloud computing systems. The move follows an explosive investigation by ProPublica revealing that engineers in China helped maintain Pentagon cloud infrastructure under a supervision model deemed vulnerable to cyber espionage. Defense Secretary Pete Hegseth swiftly declared the arrangement “unacceptable” and ordered a sweeping review of Pentagon cloud contracts.

The ProPublica report detailed how Microsoft’s “digital escort” system, operational since 2016, allowed China-based Azure cloud engineers to troubleshoot DoD systems while supervised remotely by U.S. citizens with security clearances. Crucially, these escorts often lacked the technical expertise to evaluate the code or commands provided by the foreign engineers they monitored. One anonymous escort acknowledged, “We’re trusting that what they’re doing isn’t malicious, but we really can’t tell”.

Security Experts Sound Alarm Over Systemic Vulnerabilities

National security authorities expressed shock at the revelations, noting that China consistently ranks as America’s “most active and persistent cyber threat” according to U.S. intelligence assessments. Harry Coker, former National Cyber Director and senior NSA/CIA executive, warned ProPublica that the arrangement represented a golden opportunity for espionage: “If I were an operative, I would look at that as an avenue for extremely valuable access. We need to be very concerned”. The risk was particularly acute because the systems involved handled “Impact Level 4-5” dadataa unclassified but highly sensitive information, directly supporting military operations, where compromise could cause “severe or catastrophic” damage.

Microsoft initially defended the program, stating it operated “consistent with US Government requirements” and utilized an internal “Lockbox” review process. However, the company reversed course within days amid intense scrutiny from the Pentagon and Senator Tom Cotton (R-Ark.), chair of the Senate Intelligence Committee. Cotton demanded a full accounting of contractors using foreign personnel for DoD systems, emphasizing China’s documented infiltration of U.S. critical infrastructure.

Business Pressures Clash With National Security Imperatives

Internal sources revealed to ProPublica that Microsoft adopted the digital escort model partly to manage costs while complying with federal mandates requiring U.S. citizens or permanent residents to handle sensitive defense data. Former Microsoft program manager Indy Crowley acknowledged the tension, explaining that hiring exclusively stateside engineers “would make a cloud transition prohibitively expensive for the government”. This cost-driven approach resulted in escorts being paid as little as $18/hour through contractor Insight Global often recruited for security clearances rather than technical proficiency.

The impacted Azure division generates over 25% of Microsoft’s revenue and represents a critical segment of its government business. Microsoft previously won a $10 billion Pentagon cloud contract in 2019 (later canceled) and shares in a subsequent $9 billion multi-vendor deal. Frank Shaw, Microsoft’s Chief Communications Officer, announced on X: “We have made changes to our support for US Government customers to assure that no China-based engineering teams are providing technical assistance for DoD Government cloud and related services”.

Ongoing Pentagon Review and Industry Implications

Secretary Hegseth has initiated a two-week department-wide review to ensure no similar arrangements exist with other contractors, declaring “China will no longer have any involvement whatsoever in our cloud services, effective immediately”. John Sherman, former DoD Chief Information Officer under President Biden, expressed dismay at the oversight gap: “I probably should have known about this,” he told ProPublica, endorsing a “thorough review” by cybersecurity agencies.

The episode underscores persistent vulnerabilities in the defense industrial base’s supply chain. While Microsoft has acted swiftly to contain fallout, questions linger about why a program repeatedly flagged internally as risky and operating below the radar of senior defense officials persisted for nearly a decade. As government agencies increasingly migrate to commercial cloud platforms, this incident may catalyze stricter oversight of how tech giants structure their global support networks for sensitive national security work.