ProPublica reporting revealed that Microsoft had been using Chinese engineers for maintenance of Department of Defense (DoD) cloud systems, with US citizens (digital escorts) acting as supervisory "monitors" on-site — sending US cybersecurity concerns to an extreme. The US Senate and DoD immediately began fact-finding investigations, and Microsoft declared complete exclusion of Chinese engineers from related work.
According to ProPublica, for over the past 10 years Microsoft had assigned DoD sensitive cloud system maintenance to Chinese local engineers while deploying US citizens with security clearances as "digital escorts" — but most were contract workers lacking IT expertise and receiving low wages. The core problem: this "digital escort" surveillance system actually has major limitations for technical monitoring and defense. Without specialized competency in complex code, server management, and hacking detection, there are no practical means to prevent malicious actions or hacking by Chinese engineers. A former Microsoft engineer who designed this system himself admitted "if someone runs a malicious script, the escort can''t detect it." This system was applied even to management of "unclassified high-risk data (Impact Level 4·5)" supporting military operations, with DoD IT officials and NSA/CIA senior officials reportedly only learning of this system''s existence through ProPublica.
Senator Tom Cotton wrote officially to Defense Secretary Pete Hegseth requesting "immediate prohibition on foreign engineers from participating in defense system maintenance and management." Hegseth stated: "Regardless of country of origin, foreign engineers must not access or maintain defense networks." Microsoft changed policy to "completely halt Chinese-based engineers from supporting DoD cloud and related services for US government customer support systems." Microsoft explained "global engineers don''t directly access customer data and systems, and digital escorts receive specific training and security verification" — but doubts about the monitoring system''s effectiveness remain. Cybersecurity experts view this not as a simple incident but as a structural threat signal to US and global cloud/public infrastructure. The "escort system" revealed vulnerabilities in supply chain security relying on remote support and global engineering convenience. Each country''s government must recognize that core infrastructure and data depend on global IT companies'' subcontractor networks and overseas engineers, and establish new standards for supply chain security, internalization strategies, and foreign personnel control.
