On July 18, 2025, Defense Secretary Pete Hegseth announced the immediate termination of the Pentagon’s reliance on China-based engineers for its cloud computing systems, a decision hailed as a critical step in safeguarding national security. The move follows a ProPublica investigation revealing Microsoft’s use of Chinese engineers to maintain sensitive Defense Department networks, supervised by U.S. “digital escorts” who often lacked the technical expertise to detect potential cyber threats. Hegseth called the arrangement “unacceptable” in today’s digital threat environment, blaming an Obama-era program for the oversight.
Microsoft, a key Pentagon contractor with a $9 billion cloud deal, confirmed it has ceased using China-based teams for Defense Department support, with spokesperson Frank Shaw stating the company adjusted its protocols to ensure compliance with U.S. government standards. The Pentagon has launched a two-week review of all cloud contracts to identify similar vulnerabilities, with Hegseth emphasizing that no foreign engineers, especially from China, should access military systems. Sen. Tom Cotton, who raised alarms after the report, praised the swift action, noting China’s cyber capabilities pose a significant threat to U.S. infrastructure.
Critics, including Sen. Jeanne Shaheen, question whether the Trump administration’s response overlooks broader cybersecurity gaps, citing Microsoft’s past breaches by Chinese and Russian hackers. The decision reflects growing scrutiny of globalized tech operations, with experts like former CIA official Harry Coker calling for stricter contractor oversight. As the Pentagon modernizes its digital defenses, the move signals a broader push to eliminate foreign vulnerabilities—but can it keep pace with evolving cyber threats?
