NEWYou can now listen to Fox News articles!
Defense Secretary Pete Hegseth said the Pentagon was “looking into” a cloud computing program run by Microsoft utilizing foreign workers from China, which was criticized this week for potentially lacking adequate safeguards, which could provide the CCP easy access to classified defense data and systems.
A ProPublica report released Tuesday accused Microsoft of allowing China-based engineers to assist with Pentagon cloud systems with inadequate guardrails in an effort to scale up its government contracting business.
In response, Sen. Tom Cotton, R-Ark., sent a letter to Hegseth Thursday asking for information and documents about the program, including a list of all Department of Defense (DOD) contractors that hire Chinese personnel to provide maintenance or other services to DOD systems, a list of subcontractors that hire Microsoft’s American-born “digital escorts” required to supervise foreign computer scientists while they work on DOD systems and documents on the training these supervisors receive to identify suspicious activity. The Republican senator requested answers to his questions by the end of the month.
“In light of recent and concerning reports about Microsoft using engineers in China to maintain DOD systems, I’ve asked the Secretary of Defense to look into the matter,” Cotton said in a post on X sharing his letter to Hegseth. “We must guard against all threats within our military’s supply chain.”
TEMU SUED BY KENTUCKY FOR ALLEGEDLY GIVING CHINA ‘UNFETTERED’ ACCESS TO USER DATA
A cyber review board mandated by President Biden issued a scathing report on Microsoft over a 2023 hack. (Getty Images)
A few hours after Cotton’s X post, Hegseth responded, “Spot on senator.”
“Agree fully,” Hegseth said in his own X post responding to Cotton. “Our team is already looking into this ASAP. Foreign engineers — from any country, including of course China — should NEVER be allowed to maintain or access DOD systems.”
The ProPublica report cited current and former employees and government contractors who worked on a cloud computing program deployed by Microsoft in 2016, which involved a “digital escort” framework. The program, meant to meet federal contracting regulations, used a system of “digital escort” chaperones for global cybersecurity officials, such as those based in China, meant to create a security buffer so that they can work on agency computing systems. DOD guidelines require that people handling sensitive data be U.S. citizens or permanent residents.
HEGSETH ABRUPTLY PULLS PENTAGON OFFICIALS FROM ‘GLOBALIST’ ASPEN CONFERENCE
According to sources who spoke to ProPublica, including some who had intimate familiarity with the hiring process for the $18-per-hour “digital escort” position, the tech employees being hired to do the supervising lacked the adequate tech expertise to prevent a rogue Chinese employee from hacking the system or turning over classified information to the CCP.
The sources elaborated that the escorts, often former military personnel, were hired for their security clearances more than their technical abilities and often lacked the skills to evaluate code being used by the engineers they were supervising.
In China, people are governed by sweeping laws compelling government cooperation with data collection efforts.
Defense Secretary Pete Hegseth announced Friday the Pentagon was “looking into” concerns Microsoft was operating a program that works on classified defense systems with the help of Chinese computer engineers. (AP Photo/Rick Rycroft; Philip Fong/AFP via Getty Images; Omar Havana/Getty Images)
“If ProPublica’s report turns out to be true, Microsoft has created a national embarrassment that endangers our soldiers, sailors, airmen and marines. Heads should roll, those responsible should go to prison and Congress should hold extensive investigations to uncover the full extent of potential compromise,” said Michael Lucci. Lucci is the CEO and founder of State Armor Action, a conservative group with a mission to develop and enact state-level solutions to global security threats.
“Microsoft or any vendor providing China with access to Pentagon secrets verges on treasonous behavior and should be treated as such,” Lucci added.
KAINE QUESTIONS WALTZ ON HEGSETH’S ROLE IN SIGNALGATE DURING UN AMBASSADOR CONFIRMATION HEARING
A Black Hawk Army helicopter carrying reporters lands at the Pentagon after a demonstration of future combat systems for Army Secretary Francis Harvey, Army Chief of Staff General Peter Schoomaker and the media at Aberdeen Proving Ground in Maryland. (Scott J. Ferrell/Congressional Quarterly/Getty Images)
A Microsoft spokesperson defended the company’s “digital escort” model Tuesday, saying all personnel and contractors with privileged access must pass federally approved background checks.
“For some technical requests, Microsoft engages our team of global subject-matter experts to provide support through authorized U.S. personnel, consistent with U.S. government requirements and processes,” the spokesperson added. “In these instances, global support personnel have no direct access to customer data or customer systems.”
CLICK HERE TO GET THE FOX NEWS APP
The Defense Information Systems Agency’s (DISA) public information office was initially unaware of the program when ProPublica began asking questions about it, but it eventually followed up to point out that “digital escorts” are used “in select unclassified environments” at the Defense Department for “advanced problem diagnosis and resolution from industry subject-matter experts.”
Meanwhile, on Friday, Microsoft Chief Communications Officer, Frank Shaw, said that in response to recent concerns over the program, Microsoft is choosing to make some changes.
“In response to concerns raised earlier this week about US-supervised foreign engineers, Microsoft has made changes to our support for US Government customers to assure that no China-based engineering teams are providing technical assistance for DOD Government cloud and related services,” Shaw said in a statement to Fox News Digital. “We remain committed to providing the most secure services possible to the US government, including working with our national security partners to evaluate and adjust our security protocols as needed.”