Defense Secretary Pete Hegseth said China will no longer be involved in his department’s cloud services after a report detailed how Microsoft uses Chinese engineers for the Pentagon’s computer systems with minimal supervision.
“This is obviously unacceptable,” Mr. Hegseth said in a video posted on X Friday, “especially in today’s digital threat environment. … We have to ensure the digital systems we use here at the Defense Department are ironclad and impenetrable.”
He said that “effective immediately,” China will no longer have a role in the department’s cloud services, with a two-week review coming to ensure something similar isn’t happening in other areas of the Pentagon.
“We will continue to monitor and counter all threats to our military infrastructure and online networks,” he said.
A ProPublica report this week outlined how Microsoft uses the Chinese engineers for the Pentagon. It said the arrangement is a decade old and was key to Microsoft winning the federal government’s cloud computing business. U.S. citizens with security clearances are supposed to oversee the work to make sure espionage and sabotage are not occurring.
Yet the report found that the “digital escorts” assigned to be watchdogs are not technically advanced enough.
The report spurred Sen. Tom Cotton, Arkansas Republican, to send a letter to Mr. Hegseth on Friday requesting information and documents about the program.
“In light of recent and concerning reports about Microsoft using engineers in China to maintain DOD systems, I’ve asked the Secretary of Defense to look into the matter,” Mr. Cotton said in an X post that shared his letter. “We must guard against all threats within our military’s supply chain.”
Mr. Cotton, who chairs the Senate Intelligence Committee and serves on the Armed Services Committee, asked for a list of contractors using China-based employees, information on the training provided to the digital escorts on how to identify suspicious activity.
Mr. Hegseth responded that it would be looked into ASAP.
The report said Microsoft uses the escort system to handle the government’s most sensitive information that falls below the classified category. That includes data that involves “the protection of life and financial ruin.”
In the Defense Department, that data is categorized as Impact Level 4 and 5, which includes information directly related to military operations, the report said.
Microsoft said Friday it would be ceasing its connections with Chinese engineering teams.
“In response to concerns raised earlier this week about U.S.-supervised foreign engineers, Microsoft has made changes to our support for U.S. government customers to assure that no China-based engineering teams are providing technical assistance for DOD government cloud and related services,” Frank Shaw, chief communications officer at Microsoft, posted on X.
“We remain committed to providing the most secure services possible to the U.S. government, including working with our national security partners to evaluate and adjust our security protocols as needed,” he said.
