Key Takeaways
1. Microsoft will no longer allow Chinese employees to assist with technical support for Pentagon cloud projects following an investigation.
2. The company is enhancing its security measures in partnership with national security partners.
3. The “escort model” involved U.S. citizens supervising foreign engineers, raising concerns about their ability to detect harmful code.
4. Senator Tom Cotton has requested information on contractors using Chinese workers, highlighting the threat of China’s cyber capabilities.
5. Security experts warn of significant risks associated with foreign contractors accessing classified infrastructure, urging the Pentagon to conduct thorough audits.
Microsoft has decided to stop allowing its Chinese employees to assist with technical support on cloud projects for the Defense Department. This move comes after an investigation by ProPublica that uncovered the company’s use of engineers from China, who were supervised by U.S. “digital escorts,” to maintain sensitive systems for the Pentagon.
Changes in Technical Support
Frank Shaw, the chief communications officer, announced on X that Microsoft had “made changes … to assure that no China‑based engineering teams are providing technical assistance” to the Pentagon. He also mentioned that the company would continue to update its security measures in collaboration with national security partners.
Details of the Escort Model
ProPublica’s investigation elaborated on the escort model. One escort shared that U.S. citizens with security clearances monitored the work of foreign engineers, yet they often did not possess the technical knowledge needed to identify harmful code. Many of these monitors earned just above the minimum wage while overseeing colleagues who had much stronger coding abilities.
Senator Tom Cotton requested Defense Secretary Pete Hegseth to provide a list of contractors that employed Chinese workers, along with training records related to the escort program. He cautioned that China’s cyber capabilities are one of the most significant threats to the United States. In response, Hegseth ordered a two-week review of all cloud contracts and stated, “China will no longer have any involvement whatsoever in our cloud services, effective immediately.”
Concerns Over Security
Experts on security pointed out that, even without clear proof of espionage, allowing foreign contractors access to classified infrastructure presents a significant risk. They urged the Pentagon to audit every system that the foreign teams could reach, emphasizing that a single missed backdoor could compromise an otherwise secure network.
The review by the Pentagon is expected to wrap up in early August. The results will help decide if additional restrictions or more comprehensive contractor reforms are necessary to safeguard military operations in the cloud.
Source:
Link
Leave a Reply