Microsoft on Friday announced it will no longer allow engineers based in China to provide technical support for US Department of Defense (DoD) cloud systems, following concerns about foreign involvement in sensitive Pentagon systems.
Security Review Sparked By Investigative Report
The change was prompted after a detailed ProPublica report published earlier this week raised alarms over potential cybersecurity risks tied to the companyโs overseas workforce. The report revealed that Microsoft had long relied on engineers in China to help support Pentagon cloud systems, with the supervision of US-based โdigital escorts.โ
While these escorts hired through subcontractors have security clearances, according to ProPublica, they lacked the technical skills to fully understand or assess the work of the Chinese engineers they were overseeing posed a cybersecurity threat to the United States.
The arrangement raised serious concerns among US lawmakers and defense officials. Pete Hegseth, U.S Secretary of Defense, in a video posted on X, calledย the practice “obviously unacceptable,” especially in todayโs heightened cyber-threat environment.
Hegseth described the system as outdated, calling it โa legacy system created over a decade ago, during the Obama administration.โ He confirmed that the Department of Defense would conduct a full internal review to uncover any similar practices across its networks. Additionally, the department has started evaluating other cloud service providers to ensure similar outsourcing arrangements arenโt being used elsewhere.
The Defense Secretary has also announced a two-week review of all Pentagon cloud agreementsย to ensure that “China will no longer have any involvement whatsoever in our cloud services, effective immediately. He added, โWe will continue to monitor and counter all threats to our military infrastructure and online networks.โ
Microsoft Responds Swiftly
In response, Microsoftย promptly updated its internal protocols to address the concerns.
“In response to concerns raised earlier this week about US-supervised foreign engineers, Microsoft has made changes to our support for US Government customers to assure that no China-based engineering teams are providing technical assistance for DoD Government cloud and related services,” Frank Shaw, Microsoft’s Chief Communications Officer,ย wrote in a post on X.
Broader Implications For U.S. Cloud Security
Microsoftโs decision directly impacts its Azure cloud division, which competes with Amazon Web Services (AWS) and Google Cloud, and is heavily integrated into the U.S. government and defense infrastructure. In 2022, Microsoft secured a share of a $9 billion multi-vendor contract awarded by the Defense Department alongside Amazon, Google, and Oracle.
Before the ProPublica investigation, the company had emphasized that its engineers and contractors complied with US government laws at all times, but has acknowledged that growing public concern called for tighter security measures moving ahead.
โWe remain committed to providing the most secure services possible to the US government, including working with our national security partners to evaluate and adjust our security protocols as needed,โ Shaw said.
