Microsoft employs engineers in China to manage US DoD systems: report

Engineers in China are maintaining US Department of Defense computer systems under a contract with Microsoft, a news report said Tuesday.

The arrangement relies on US staff known as “digital escorts” to supervise the Chinese workers, but the escorts often lack the skills to monitor the work effectively, the report by investigative news service ProPublica said.

“We’re trusting that what they’re doing isn’t malicious, but we really can’t tell,” Propublica quoted one of the escorts as saying.

The arrangement has been in use for almost ten years but has not previously been reported publicly, ProPublica said.

Allowing Chinese workers to access US government systems with inadequate supervision is surprising given the tensions that have arisen between the two countries in recent years.

In its 2023 Intelligence Threat Assessment, the US Office of the Director of National Intelligence identified China as “the broadest, most active, and persistent cyber espionage threat to US Government and private-sector networks.” A year later, China was still top of the threat list for defense security experts in the US and other Western countries. And in its 2025 Intelligence Threat Assessment, the ODNI doubled down, saying, “China stands out as the actor most capable of threatening U.S. interests globally.”

The steady drip of revelations about Chinese attacks on US critical infrastructure, businesses, government IT systems, contractors, and perhaps even courts has done little to calm matters. The trade war over tariffs and access to rare earth elements and other materials essential to IT vendors begun by US President Donald Trump when he took office in January has further aggravated the situation — although in June Trump claimed the relationship is excellent between the two countries.

Protecting sensitive data

Microsoft said that company staff and contractors with privileged access to US government cloud systems had to pass government-approved background screening controls, and that it adheres to FedRAMP (NIST 800-53) and Department of Defense Security Requirements Guide (DoD SRG) security requirements.

“For some technical requests, Microsoft engages our team of global subject matter experts to provide support through authorized US personnel, consistent with US Government requirements and processes. In these instances, global support personnel have no direct access to customer data or customer systems. Only authorized US persons with the appropriate clearances and training provide direct support. These personnel are provided specific training on protecting sensitive data, preventing harm, and use of the specific commands/controls within the environment,” said a Microsoft spokesperson.

The company “told ProPublica that it has disclosed details about the escort model to the federal government,” according to the report.

But people involved in the work have told Microsoft those protections are inadequate, according to the report. Foreign engineers have access to detailed information about the federal cloud that could be exploited by hackers, and the digital escorts are insufficiently skilled to catch all suspicious activity, it said.

The Defense Information Systems Agency told ProPublica that digital escorts are used “in select unclassified environments” for “advanced problem diagnosis and resolution from industry subject matter experts” and that “experts under escort supervision have no direct, hands-on access to government systems; but rather offer guidance and recommendations to authorized administrators who perform tasks.”

That description matches a job posting for a “DoD Secret Cleared Escort” by contractor Insight Global, which illustrates the kind of work digital escorts perform — although it says nothing about the nationality of the workers who will be supervised. For between $18 and $28 per hour plus medical insurance, escorts are required to “act as the front door of the service” for work on Insight Global’s sovereign cloud serving US federal and state government customers, while “taking direction from the requesting engineers” (who may not have the necessary security clearance). Escorts run commands provided by the engineers and share results with them, and their activities can involve Exchange Server maintenance, Active Directory administration, working with SQL databases, managing virtual machines with Hyper-V, and network management.This will be the name of OpenAI’s rumored browser – ComputerworldRead More