Defense Secretary Pete Hegseth is putting America first. That’s why he believes this investigation is so important.
And the Pentagon is launching an investigation that has this foreign adversary shaking in their boots.
A storm of controversy has erupted over a Microsoft-run cloud computing program for the Pentagon, with concerns mounting about potential security risks tied to the use of China-based engineers.
Defense Secretary Pete Hegseth has confirmed that the Department of Defense (DOD) is actively investigating the program after a ProPublica report exposed what critics call dangerously lax safeguards, potentially exposing sensitive military data to the Chinese Communist Party (CCP).
The ProPublica investigation, released on Tuesday, accused Microsoft of prioritizing its government contracts over rigorous security measures. The report detailed how the tech giant employed engineers in China to work on Pentagon cloud systems, using a “digital escort” system to meet federal regulations.
These escorts were meant to ensure security. However, insiders, including former employees and contractors, revealed that many escorts lacked the technical know-how to effectively monitor the engineers, leaving systems vulnerable to potential hacks or data leaks.
Sen. Tom Cotton, R-Ark., wasted no time responding, firing off a letter to Hegseth on Thursday demanding answers. He requested a detailed breakdown of all DOD contractors employing Chinese personnel for system maintenance, a list of subcontractors hiring “digital escorts,” and records of the training these supervisors receive to spot suspicious activity.
“In light of recent and concerning reports about Microsoft using engineers in China to maintain DOD systems, I’ve asked the Secretary of Defense to look into the matter,” Cotton posted on X. “We must guard against all threats within our military’s supply chain.”
Hegseth quickly backed Cotton’s concerns, replying on X, “Spot on senator. Agree fully. Our team is already looking into this ASAP. Foreign engineers — from any country, including of course China — should NEVER be allowed to maintain or access DOD systems.” His response emphasizes the urgency of the Pentagon’s review.
According to the ProPublica report, the issue traces back to a 2016 Microsoft cloud program designed to comply with federal contracting rules. The program relied on “digital escorts” to oversee global cybersecurity experts, including those in China, working on Pentagon systems. DOD rules require that only U.S. citizens or permanent residents handle sensitive data.
Yet, according to ProPublica’s sources, including those familiar with the $18-per-hour escort hiring process, many escorts—often former military personnel—were chosen for their security clearances rather than technical expertise. This left them ill-prepared to scrutinize complex code.
China’s strict laws, which mandate citizen cooperation with government data collection, heighten fears that Chinese engineers could be pressured to share sensitive information with the CCP. Michael Lucci, CEO of State Armor Action, a conservative group focused on global security threats, didn’t mince words.
“If ProPublica’s report turns out to be true, Microsoft has created a national embarrassment that endangers our soldiers, sailors, airmen, and marines. Heads should roll, those responsible should go to prison, and Congress should hold extensive investigations to uncover the full extent of potential compromise,” Lucci said.
He added, “Microsoft or any vendor providing China with access to Pentagon secrets verges on treasonous behavior and should be treated as such.”
Microsoft pushed back, with a spokesperson defending the “digital escort” model on Tuesday. They stated that all personnel with privileged access undergo federally approved background checks.
“For some technical requests, Microsoft engages our team of global subject-matter experts to provide support through authorized U.S. personnel, consistent with U.S. government requirements and processes,” the spokesperson said.
“In these instances, global support personnel have no direct access to customer data or customer systems.”
The Defense Information Systems Agency (DISA), caught off-guard when ProPublica first inquired, later noted that “digital escorts” are used “in select unclassified environments” for advanced technical support. Still, the revelations have sparked alarm, with Cotton demanding answers from Hegseth by month’s end.
As the Pentagon digs deeper, this controversy highlights the tricky balance between tapping global talent and protecting national security. The investigation’s findings could reshape how the DOD collaborates with tech giants like Microsoft, with significant consequences for military cybersecurity.
Stay tuned to the Conservative Column.
