Microsoft’s “digital escorts” raise alarms over DOD data security

A little-known Microsoft practice known as "digital escorting" is raising significant national security concerns, as a ProPublica investigation reveals the method exposes sensitive Defense Department data to potential Chinese cyber-espionage.

For nearly a decade, Microsoft has maintained its US government cloud systems by using American subcontractors to supervise engineers in China. These “digital escorts” possess security clearances but often lack deep technical skills. When Chinese engineers propose maintenance actions, the escorts input commands into government systems—sometimes without fully understanding what those commands do.

A current digital escort acknowledged, “We’re trusting that what they’re doing isn’t malicious, but we really can’t tell.” Critics warn this creates a backdoor for cyberattacks, as escorts may miss subtle but dangerous instructions.

This system was critical to Microsoft’s landing of lucrative federal cloud contracts, according to interviews with company insiders and former DOD officials. The scheme was largely unknown, even to some Defense Department cybersecurity leaders. It is used for data labeled "Impact Level 4 and 5," which includes highly sensitive information supporting US military operations.

Cybersecurity experts noted the glaring threat. Harry Coker, a former CIA and NSA executive, told ProPublica, “If I were an operative, I would look at that as an avenue for extremely valuable access.” Given Chinese laws that compel companies to cooperate with state intelligence, pairing underqualified US escorts with advanced Chinese engineers heightens the potential for compromise.

Despite repeated warnings from within Microsoft and its contractors, little has changed. A government review into complaints about the escort system quietly ended without reforms. Microsoft maintains that additional security monitoring controls exist, but details remain vague.