Microsoft halts use of China-based engineers for DOD cloud

Defense One is reporting that Microsoft has announced it will cease employing China-based engineers to support its cloud services for the Department of Defense (DOD), following revelations that alarmed US officials over potential cybersecurity risks. The decision, issued on 19 July 2025, comes days investigation by ProPublica revealed Microsoft’s use of a controversial “digital escort” program—where US citizens with security clearances, but not necessarily technical expertise, input code and commands provided remotely by foreign engineers, many based in China.

The escort system, intended to prevent direct access by non-US personnel to sensitive Defense cloud infrastructure, has proven problematic. Many escorts lack the technical background needed to review the code they execute, raising the specter that sophisticated vulnerabilities or malicious scripts could be implanted undetected.

The fallout was swift. Senator Tom Cotton, chair of the Senate Intelligence Committee, publicly demanded stricter oversight and a comprehensive review of DOD contractors’ use of foreign personnel. Defense Secretary Pete Hegseth announced an urgent review across the Pentagon, emphasizing, “China will no longer have any involvement whatsoever in our cloud services, effective immediately.”