Microsoft to Cease Using China-Based Engineers for US Department of Defense Work

Microsoft has confirmed it will cease employing China‑based engineers to support cloud‑computing systems used by the US Department of Defence, following an investigative report by ProPublica and mounting political pressure.

The change was announced on Friday by Microsoft Communications Chief Frank X. Shaw on social media platform X, ensuring that “no China‑based engineering teams are providing technical assistance” for any Defence Department cloud or related services.

The ProPublica investigation revealed that Microsoft had subcontracted Chinese nationals, working under US “digital escorts” with security clearances but limited technical expertise, to maintain sensitive DoD systems.

In response, Defence Secretary Pete Hegseth ordered a two‑week review of all Pentagon cloud contracts, declaring on X that “foreign engineers, from any country, including of course China, should NEVER be allowed to maintain or access DoD systems.”

Arkansas Republican Senator Tom Cotton, chair of the Senate Intelligence Committee and member of the Armed Services Committee, also weighed in. In a letter to Secretary Hegseth, Cotton requested a list of all contractors employing foreign personnel and details on training provided to digital escorts charged with monitoring those workers.

“China’s cyber capabilities pose one of the most aggressive and dangerous threats to the United States,” Cotton wrote, urging the military to “guard against all potential threats within its supply chain, including those from subcontractors.”

Microsoft has been a major provider of cloud services to the US government, including Department of Defence contracts valued at billions of dollars. The company told ProPublica it disclosed its use of China‑based engineers during the government’s authorisation process (known as FedRAMP) but insisted that its digital escorts mitigated any risk.

However, critics noted that these escorts often lacked the necessary technical background to evaluate the engineers’ work or detect sophisticated cyber threats.

In his video announcement, Secretary Hegseth emphasised immediate action: “China will no longer have any involvement whatsoever in our cloud services, effective immediately. We will continue to monitor and counter all threats to our military infrastructure and online networks.” The Pentagon’s two‑week review will determine whether similar arrangements exist elsewhere in the Defence Department’s cloud ecosystem.