A decade-long Microsoft (Nasdaq: MSFT) program that employs Chinese engineers to maintain Pentagon computer systems has created potential security vulnerabilities in some of the nation’s most sensitive networks, according to a ProPublica investigation published Tuesday.
The program uses American citizens holding security clearances as “digital escorts” to supervise Chinese workers, though ProPublica found these overseers frequently lack sufficient technical knowledge to effectively monitor highly skilled foreign engineers.
This involves highly sensitive Pentagon data classified as “Impact Level” 4 and 5, encompassing military operational materials and information that federal guidelines say could cause severe damage if compromised.
John Sherman, who served as chief information officer for the Defense Department during the Biden administration, said he was surprised to learn of the findings. “I probably should have known about this,” Sherman told ProPublica, calling for a “thorough review by DISA, Cyber Command and other stakeholders that are involved in this.”
The escort program was crucial to Microsoft winning federal cloud computing contracts worth billions of dollars beginning in 2016. The company developed the system to address government requirements that personnel handling sensitive data be US citizens or permanent residents, while still utilizing its global workforce.
Current and former government officials expressed alarm about the arrangement, particularly given China’s designation as the leading cyber threat to the United States. The Office of the Director of National Intelligence has called China the “most active and persistent cyber threat to US Government, private-sector, and critical infrastructure networks.”
“If I were an operative, I would look at that as an avenue for extremely valuable access,” said Harry Coker, former national cyber director and senior intelligence official. “We need to be very concerned about that.”
Many escorts are ex-military personnel with limited programming knowledge who receive wages near the minimum, according to the investigation. Their role involves executing technical instructions from Chinese engineers after receiving basic explanations of the tasks.
“We’re trusting that what they’re doing isn’t malicious, but we really can’t tell,” said one current escort who spoke anonymously, fearing professional repercussions.
About 50 American supervisors manage hundreds of monthly requests from Microsoft’s engineers in China, according to the investigation. The arrangement was so obscure that Defense Information Systems Agency personnel struggled to locate anyone knowledgeable about it.
“Literally no one seems to know anything about this, so I don’t know where to go from here,” said Deven King, spokesperson for the Defense Information Systems Agency.
Microsoft told ProPublica that its global workers “have no direct access to customer data or customer systems” and that escorts receive specific training on protecting sensitive data. The company said it has disclosed details about the escort model to the federal government.
Various people involved in the work warned Microsoft that the arrangement posed inherent risks, but the company proceeded anyway, according to the investigation.
The revelations come as tensions between the US and China have escalated over cybersecurity issues. Chinese hackers in 2023 infiltrated cloud-based mailboxes of senior US government officials, downloading approximately 60,000 emails from the State Department alone.
Related: Trump Gives TikTok 75-Day Extension After Tariffs Derail Deal
The Trump administration has expressed concerns about Chinese spying, with the State Department announcing plans to revoke visas for Chinese students and attempting to arrange the sale of TikTok over similar security concerns.
Legal experts noted that Chinese laws grant government officials broad authority to collect data from companies and individuals, potentially compelling cooperation with intelligence services.
The Defense Information Systems Agency acknowledged in a statement that escorts are used “in select unclassified environments” for “advanced problem diagnosis and resolution from industry subject matter experts.”
A former contractor named Tom Schiller contacted a Defense Department hotline and federal lawmakers about the escort system in 2024. The Defense Information Systems Agency Office of the Inspector General conducted interviews but ultimately referred the matter to agency management rather than pursuing an investigation.
David Mihelcic, DISA’s former chief technology officer, called any visibility into the Defense Department’s network a “huge risk.”
It remains unclear what steps, if any, Microsoft or government agencies have taken to address security concerns raised about the digital escort arrangement.
Information for this story was found via the sources and companies mentioned. The author has no securities or affiliations related to the organizations discussed. Not a recommendation to buy or sell. Always do additional research and consult a professional before purchasing a security. The author holds no licenses.
