A report by Pro Publica revealed Microsoft was using engineers in China to maintain cloud computing systems for the US Department of Defense. Defense Secretary Pete Hegseth said his agency would look into Microsoft’s use of foreign-based engineers maintaining the highly sensitive cloud systems.
The Secretary of Defense wrote on X, “Foreign engineers — from any country, including of course China — should NEVER be allowed to maintain or access DoD systems.”
Hours later, Microsoft’s chief communications officer Frank X. Shaw announced, “In response to concerns raised earlier this week about US-supervised foreign engineers, Microsoft has made changes to our support for US Government customers to assure that no China-based engineering teams are providing technical assistance for DoD Government cloud and related services.”
ProPublica explains that since 2011, cloud computing companies like Microsoft that wanted to sell their services to the U.S. government were required to establish how they would ensure that personnel working with federal data would have the requisite “access authorizations” and background screenings. Additionally, the Defense Department requires that people handling sensitive data be U.S. citizens or permanent residents.
Microsoft responded earlier, stating that the company’s global workers “have no direct access to customer data or customer systems. US Escorts with the appropriate clearances and training provide direct support. These personnel are provided specific training on protecting sensitive data, preventing harm, and use of the specific commands/controls within the environment.”
However, the ProPublica Investigation documented how Microsoft had engineers in China, helping maintain the Defense Department’s computer systems, with minimal supervision by US personnel. Allegedly, this policy left some sensitive US data vulnerable to hacking or spying from its leading cyber adversary.
