Defense Secretary Pete Hegseth on Wednesday said the Pentagon would no longer allow Chinese nationals to work as coders on Department of Defense (DOD) cloud systems.
A program previously allowed Chinese developers to work as “digital escorts” in a role modeled by Microsoft, where foreign nationals remain under the supervision of remote U.S. contractors.
Hegseth said the effort “exposed” the department to “unacceptable risks.”
“I mean, if you’re thinking America first and common sense, this doesn’t pass either of those tests. So I initiated an immediate review of this vulnerability, and I want to report our initial findings,” the Defense secretary said in a Wednesday video uploaded to the social platform X.
“So the use of Chinese nationals to service Department of Defense cloud environments, it’s over,” he added.
Hegseth said Microsoft would conduct an audit free of taxpayer expenses to uncover any vulnerabilities.
“Additionally, all Department of Defense software vendors will identify and terminate any Chinese involvement in DOD systems,” Hegseth said.
“It blows my mind that I’m even saying these things in such common sense that we ever allowed it to happen. That’s why we’re attacking it so hard. We expect vendors doing business with the Department of Defense to put U.S. national security ahead of profit maximization,” he continued.
Pentagon officials said they did not know Microsoft had enlisted a “digital escort” program.
“Literally no one seems to know anything about this, so I don’t know where to go from here,” Deven King, spokesperson for the Defense Information Systems Agency, told ProPublica in July.
Others said measures being used by escorts are based on the honor system without policies to mitigate national security threats.
“We’re trusting that what they’re doing isn’t malicious, but we really can’t tell,” one escort who agreed to speak on condition of anonymity, fearing professional repercussions, told ProPublica.
Hegseth said both the Microsoft audit and a separate investigation were launched to reveal malware and associated risks.
“We’ve issued a formal letter of concern to Microsoft documenting this breach of trust, and we’re requiring a third-party audit of Microsoft’s digital escort program, including the code and the submissions by Chinese nationals. … I’m also tasking the Department of Defense experts with a separate investigation of the digital escort program and the Chinese Microsoft employees that were involved in it,” Hegseth said Wednesday.
“These investigations will help us determine the impact of this digital escort workaround. Did they put anything in the code that we didn’t know about? We’re going to find out,” he added.
