Propublica is a nonprofit newsroom that investigates power abuse. Sign up and receive the biggest story as soon as it’s published.
Microsoft says ProPublica has stopped using China-based engineers to support the Department of Defense’s cloud computing system after revealing the practice of the survey this week.
“In response to concerns raised about foreign engineers in the US earlier this week, Microsoft has assisted US government customers to ensure that US government customers are not providing technical assistance to DOD government cloud and related services,” Frank Shaw announced on Friday afternoon.
The Microsoft announcement comes after Defense Secretary Pete Hegses said his agency would consider using Microsoft’s foreign-based engineers to maintain a highly sensitive cloud system.
“Of course, foreign engineers should never be allowed to maintain or access the DOD system from any country, including China,” Heggs wrote in a post on X Friday.
In its investigation, Propublica detailed how Microsoft could help it use Chinese engineers to maintain the Department of Defense computer systems with minimal oversight by US officials. The arrangement, important to Microsoft, which acquired the federal cloud computing business a decade ago, oversees work with security clearance for US citizens and serves as a barrier to espionage and jamming.
However, these workers, known as “digital escorts,” often lack the technical expertise to police the work of far more highly skilled foreign engineers, Propublica found.
Earlier on Friday, the Republican senator from Arkansas, chair of the Intelligence Email Committee, cited Propublica in a letter to Hegseth and asked for details on how DOD contractors use Chinese to maintain departmental information and computing systems.
China is raising “one of the most aggressive and dangerous threats to the United States,” as evidenced by our critical infrastructure, communications networks and supply chain invasions.
Since 2011, cloud computing companies like Microsoft who want to sell services to the US government have had to establish ways to ensure that personnel working with federal data require “permissions” and background screening. Additionally, the Department of Defense requires that those who process sensitive data be US citizens or permanent residents.
This presented a problem for Microsoft, which relies on a vast global workforce with important activities in India, China and the European Union.
So the tech giant enlisted staffing agencies to hire US digital escorts who had security clearances that allowed them to access sensitive information and who had security clearances to take direction from overseas experts. Engineers may briefly describe the jobs to be completed. For example, check logs that update your firewall, fix bugs and install updates, or troubleshoot issues. After that, mostly in reviews, the escort copies and pastes the engineer’s commands into the federal cloud.
“We believe what they’re doing is unnatured, but we really don’t know,” one escort told Propublica.
In a previous statement in response to Propublica’s investigation, Microsoft said HR and contractors operate in a way that “aligns with US government requirements and processes.”
The company’s global workers “have no direct access to customer data or customer systems,” the statement said. The escorts “provided direct support with proper clearance and training. These personnel will be provided with specific training in protecting sensitive data, preventing harm, and using specific commands/controls within the environment.”
Additionally, Microsoft said the internal review process known as the “lockbox” has an internal review process called “to confirm that the request is considered safe or that there is a source of concern.”
Insight Global – A contractor providing digital escorts to Microsoft provided training by saying that “we will assess the technical capabilities of each resource throughout the interview process to ensure that the technical skills required are ensured.”
Lesser-known Microsoft programs could expose the Department of Defense to Chinese hackers
Doris Burke contributed to his research.
