Microsoft cuts China-based engineers from US military support after security backlash

Microsoft has halted the use of engineers based in China to provide technical support for US military cloud systems, following public outcry and an investigative report by ProPublica that exposed the practice. The revelation prompted immediate action from Defense Secretary Pete Hegseth, who on July 18 announced a two-week review of all Pentagon cloud service contracts. The report detailed how Microsoft used engineers in China to support Department of Defense (DoD) cloud systems, with their work monitored by US-based “digital escorts”—subcontractors with security clearances but limited technical expertise. The setup raised major cybersecurity concerns, especially given that Microsoft’s systems have previously been compromised by Chinese and Russian state-linked hackers.

Senator Tom Cotton, who chairs the Senate Intelligence Committee, sent a letter to Secretary Hegseth demanding a full list of contractors using Chinese personnel and clarification on the training and capabilities of these so-called digital escorts. “The US government recognises that China’s cyber capabilities pose one of the most aggressive and dangerous threats to the United States,” Cotton wrote. “We must guard against all potential threats within our supply chain, including those from subcontractors.”

Microsoft responds, Pentagon reviews

In response to the uproar, Microsoft said on July 18 that it has revised its practices to ensure that no China-based engineering teams provide technical assistance to Pentagon clients using its Azure cloud services. “In response to concerns raised earlier this week, Microsoft has made changes to our support for US government customers,” said Frank Shaw, the company’s chief communications officer, in a statement on social platform X.

The move affects Microsoft’s massive Azure division, which now accounts for more than a quarter of the company’s global revenue. Microsoft is a major US government contractor and received more than half of its $70 billion in Q1 2025 revenue from US-based clients.

Defense Secretary Hegseth confirmed that China-based engineers had been involved in the support of Pentagon systems and said this would end immediately. In a video posted to X, he criticised the “legacy” system dating back to the Obama administration and pledged to ensure “China will no longer have any involvement whatsoever” in US defence cloud operations.

Cloud contracts under scrutiny

Microsoft’s involvement in Pentagon cloud services dates back to a now-cancelled $10 billion contract awarded in 2019. In 2022, the company was again selected, alongside Amazon, Google, and Oracle, for defence cloud contracts worth up to $9 billion. The ProPublica report has now triggered renewed scrutiny of all such agreements.

Hegseth’s review aims to ensure that no other vendors are using foreign-based personnel in sensitive military infrastructure. “We will continue to monitor and counter all threats to our military infrastructure and online networks,” Hegseth said. The episode has highlighted growing bipartisan concern over cybersecurity risks linked to China and could mark a turning point in how US tech firms handle national security work, especially as digital threats become more complex and state actors more aggressive.

(With inputs from agencies)