Pentagon Orders End to Chinese Coders Working on Sensitive DOD Networks

On Thursday, Aug. 28, the U.S. Department of Defense (DoD) announced it has suspended a Microsoft-linked program that allowed Chinese coders, under the oversight of American contractors, to work on sensitive DOD cloud systems.

In a video address, Defense Secretary, Pete Hegseth said, “Last month, the Department of Defense was made aware of an Obama-Biden era legacy program called ‘Digital Escorts.’ For nearly a decade, Microsoft has used Chinese coders, remotely supervised by U.S. contractors, to support sensitive DoD cloud systems. The program was designed to comply with contracting rules but it exposed the Department to unacceptable risk,” Hegseth said.

“I mean, if you’re thinking America first and common sense, this doesn’t pass either of those tests. So I initiated an immediate review of this vulnerability and I want to report our initial findings,” he said.

“Additionally, Hegseth said DoD has issued a formal letter of concern to Microsoft, documenting a breach of trust, and that DoD is requiring a third-party audit of the digital escorts program to pore over the code and submissions made by Chinese nationals,” a press release on the matter reads.

Going even further, Hegseth said he is tasking the DoD with separate investigations to determine whether any Chinese nationals have “negatively impacted the coding of DoD cloud systems,” and that all DoD software vendors must terminate any Chinese involvement with DoD cloud systems.

Success

You are now signed up for our newsletter

Success

Check your email to complete sign up

“It blows my mind that I’m even saying these things … [and] that we ever allowed it to happen,” Hegseth said of DoD’s use of the digital escorts program, adding that the Pentagon is now vigorously working to course correct, and that the department expects its vendors to put U.S. national security ahead of profit maximization.

“I’m committed, like [President Donald J. Trump] is to ensuring that our national security networks are secure,” Hegseth said.

Hundreds of Chinese nationals involved

The matter escalated in 2024 when Microsoft President Brad Smith testified before the House Homeland Security Committee. Lawmakers questioned him over reports that the company had asked roughly 700–800 employees—mostly Chinese nationals working as engineers—to relocate as part of a broader effort to scale back its engineering footprint in China.

According to May 2024 reporting by the Wall Street Journal, Microsoft offered hundreds of employees in both its cloud-computing and artificial intelligence departments the chance to relocate to several western nations, including the U.S., Ireland, Australia, and New Zealand, despite heightened tensions with the United States.

At the time, Smith was questioned about Microsoft’s ties to communist China and security “shortfalls” that enabled Chinese hackers to breach Microsoft’s systems in 2023.

The U.S. Cyber Safety Review Board (CSRB) report concluded that Microsoft’s corporate culture was responsible for the hack.

The report blasted Micorsoft for allowing a “cascade” of “avoidable errors” to occur resulting in the breach. The breach exposed tens of thousands of emails, including some from top American officials.

The report concluded that the intrusion occurred in May and June of 2023 and was carried out by the threat actor, Storm-0558, a China-affiliated group with espionage objectives.

The board said the breach “should never have happened” and that a central concern was the inadequate corporate security culture at Microsoft which de-emphasized enterprise security investments and robust risk management.

The report noted that Microsoft failed to detect the compromise of its cryptographic “crown jewels” (specifically, a signing key) on its own, only learning of it because a customer flagged anomalies.

Speaking to the House Homeland Security Committee, Smith said, “We accept responsibility for each and every finding in the CSRB report.”