Microsoft to stop using engineers in China to work on U.S. Defense computer systems in wake of investigative report — fears of exploitation by foreign intelligence services spurs immediate change

15 hours ago 13
Microsoft headquarters logo
(Image credit: Getty Images / NurPhoto)

Microsoft said that it no longer allows its China-based engineers to work on U.S. Department of Defense computer systems after a ProPublica investigation revealed the practice. According to Tech Crunch, Redmond’s previous system relied on digital escorts — American employees with proper security clearances — to monitor the foreign engineers working on the systems. However, it’s been noted that some of these U.S. citizens weren’t knowledgeable enough to determine if the person they were monitoring was doing regular work or putting in a backdoor.

“We’re trusting that what they’re doing isn’t malicious, but we really can’t tell,” one digital escort told ProPublica. Microsoft claims that it has disclosed this practice to the Federal government, but neither past nor present authorities were aware of the practice. Secretary of Defense Pete Hegseth responded on the news with a post on X (formerly Twitter), saying, “Foreign engineers — from any country, including of course China — should NEVER be allowed to maintain or access DoD systems.”

Because of the backlash against the company, Microsoft’s Chief Communications Officer, Frank X. Shaw, posted assurances on X that its China-based personnel no longer work on DoD projects.

“In response to concerns raised earlier this week about US-supervised foreign engineers, Microsoft has made changes to our support for US Government customers to assure that no China-based engineering teams are providing technical assistance for DoD Government cloud and related services,” says Shaw. “We remain committed to providing the most secure services possible to the US government, including working with our national security partners to evaluate and adjust our security protocols as needed.”

While there is currently no proof that Microsoft China personnel have engaged in espionage, having foreign personnel or contractors working on sensitive government computer systems is ripe for exploitation by intelligence agencies, both friendly and adversarial. And even though there are “digital escorts” that were supposedly looking over the shoulder of the non-cleared staff, the admission of one of the escorts is quite a troubling sign, as both Microsoft and the U.S. government might be unaware that malware, a trojan, or a vulnerability (etc) is being installed in their systems right under their noses.

After this move, the DoD needs to go through the systems that Microsoft’s staff abroad touched to ensure that none of their systems have been compromised. After all, all it takes is one weak link to break the strongest chain.

Follow Tom's Hardware on Google News to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button.

Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.

Jowi Morales is a tech enthusiast with years of experience working in the industry. He’s been writing with several tech publications since 2021, where he’s been interested in tech hardware and consumer electronics.

Read Entire Article