
How an off-the-books Microsoft programme gave China a glimpse into Pentagon's digital nerve centre
has been quietly allowing engineers in China to provide support for
US Defence Department
cloud systems, according to a detailed investigation by
ProPublica
. For nearly ten years, this arrangement has involved American employees acting as 'digital escorts' to input instructions from foreign tech workers into military networks.
These escorts, though cleared for access to government systems, often lack the expertise to detect whether the code they're running could be malicious.
Explore courses from Top Institutes in
Select a Course Category
MCA
Finance
Data Science
CXO
Healthcare
Others
Cybersecurity
Operations Management
Data Science
Management
Project Management
Digital Marketing
Degree
Data Analytics
Design Thinking
others
Product Management
Public Policy
Leadership
MBA
PGDM
Artificial Intelligence
Skills you'll gain:
Programming Proficiency
Data Handling & Analysis
Cybersecurity Awareness & Skills
Artificial Intelligence & Machine Learning
Duration:
24 Months
Vellore Institute of Technology
VIT Master of Computer Applications
Starts on
Aug 14, 2024
Get Details
'We're trusting that what they're doing isn't malicious, but we really can't tell,' one current escort told ProPublica, speaking anonymously to avoid professional consequences.
by Taboola
by Taboola
Sponsored Links
Sponsored Links
Promoted Links
Promoted Links
You May Like
Summer Clearance Sale Is Live Now
Luxury Watches
Buy Now
Undo
ET has not been able to independently verify this information.
Sensitive military data in foreign hands
The escorts work with data labelled 'Impact Level 4 and 5' — information considered highly sensitive but not officially classified. It includes content directly supporting military operations, along with other data whose compromise, according to
Pentagon
guidelines, 'could be expected to have a severe or catastrophic adverse effect' on national security.
Live Events
Despite the risk, Microsoft has relied on foreign engineers — including those based in China — to handle support tasks for these systems. Under the digital escort framework, foreign engineers submit instructions, and US citizens input them into the government systems. Many of these escorts are former military personnel hired primarily for their security clearances, not their technical skill.
'If someone ran a script called 'fix_servers.sh' but it actually did something malicious then [escorts] would have no idea,' said Matthew Erickson, a former Microsoft engineer who worked on the programme.
Lawmakers and intelligence veterans demand answers
The programme has now drawn sharp criticism from Capitol Hill. Senator Tom Cotton, who chairs the
Senate Intelligence Committee
, has formally asked Defence Secretary Pete Hegseth for a full list of contractors using foreign personnel, along with information on how digital escorts are trained.
John Sherman, the former Chief Information Officer for the Defence Department, admitted he was unaware of the escort model until reporters contacted him.
'I probably should have known about this,' Sherman told ProPublica, adding that the situation warrants 'a thorough review by [the Defence Information Systems Agency], Cyber Command and other stakeholders.'
According to the ProPublica report, Harry Coker, former senior executive at the CIA and NSA, described the escort setup bluntly: 'If I were an operative, I would look at that as an avenue for extremely valuable access. We need to be very concerned about that.'
A workaround for US restrictions
The escort system exists to satisfy federal rules requiring only US citizens or permanent residents to access sensitive defence data. Microsoft, which has large engineering operations in China, India and Europe, set up the escort model to navigate this restriction while scaling up its government cloud business.
Digital escorts have been used since at least 2016, when Microsoft launched its programme for handling Pentagon cloud contracts. According to those familiar with its development, early concerns were raised. One former Microsoft cybersecurity strategist said they opposed the idea from the beginning, warning that the approach was too risky.
Recruitment was handled in part by Lockheed Martin. At the time, one project manager said they told Microsoft that the escorts being hired 'would not have the right eyes' for the job due to low pay and lack of specialised experience.
Microsoft defends the system
Microsoft insists that the escort model meets government standards. A company spokesperson told Fox News Digital, 'For some technical requests, Microsoft engages our team of global subject matter experts to provide support through authorised U.S. personnel, consistent with U.S. government requirements and processes.'
'All personnel and contractors with privileged access must pass federally approved background checks,' the spokesperson said. 'Global support personnel have no direct access to customer data or customer systems.'
Microsoft also claims to use multiple layers of security, including approval workflows and automated code reviews, to prevent threats. 'This production system support model is approved and regularly audited by the US government,' the company added.
Insight Global, a contractor that provides Microsoft with digital escorts, said it screens candidates to ensure they have the technical capabilities and provides additional training.
Disconnect between Microsoft and the defence department
Despite Microsoft's claims, several officials within the US government said they were unaware of the escort system. When ProPublica contacted the Defence Information Systems Agency (DISA), even its public information office had not heard of the model.
Later, DISA confirmed the escorts are used 'in select unclassified environments' and emphasised that experts under escort 'have no direct, hands-on access to government systems,' but instead 'offer guidance and recommendations.'
Former Microsoft executive
Pradeep Nair
, who said he helped design the escort framework, argued that audit trails and other controls keep the system secure. 'Because these controls are stringent, residual risk is minimal,' he said.
Broader concerns about Chinese cyber access
Critics point to broader issues beyond Microsoft's processes. Chinese law gives authorities sweeping powers to compel companies and individuals to cooperate with state data collection.
'It would be difficult for any Chinese citizen or company to meaningfully resist a direct request from security forces or law enforcement,' said Jeremy Daum, a senior research fellow at
Yale Law School
.
Michael Sobolik, a senior fellow at the
Hudson Institute
, was blunt: 'This is like asking the fox to guard the henhouse and arming the chickens with sticks in case the fox gets mad. It beggars belief.'
And Michael Lucci, CEO of
State Armor Action
, said, 'If ProPublica's report turns out to be true, Microsoft has created a national embarrassment that endangers our soldiers, sailors, airmen and marines. Heads should roll, those responsible should go to prison and Congress should hold extensive investigations to uncover the full extent of potential compromise.'
He added, 'Microsoft or any vendor providing China with access to Pentagon secrets verges on treasonous behaviour and should be treated as such.'
Past breaches and unanswered questions
The digital escort model has not been directly linked to any breaches. But in 2023, Chinese hackers broke into Microsoft's cloud servers and stole thousands of emails from senior US officials, including the commerce secretary and the US ambassador to China.
A government review by the now-disbanded Cyber Safety Review Board blamed Microsoft's security failures, but made no mention of the escort system.
Still, critics say the bigger issue is trust. 'If these [ProPublica] allegations are credible, the federal government should never again rely on Microsoft to protect the data that keeps our men and women in uniform safe,' said Lucci. 'Our military cannot operate in security and secrecy if a vendor repeatedly and intentionally invites the enemy into the camp.'
ProPublica reached out to other major cloud providers to ask whether they use similar escort models. Amazon Web Services and Google Cloud declined to comment. Oracle did not respond.
That silence has raised further questions about industry-wide practices and transparency in how foreign tech expertise is used in sensitive government work.
As scrutiny intensifies, one thing is clear: what began as a workaround is now at the centre of a growing national security debate.

Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles


India Today
20 minutes ago
- India Today
Trump warns of 'higher tariffs' if countries fail to open markets to US products
US President Donald Trump has once again warned that countries refusing to open their markets to American products will face even higher tariffs. On Wednesday, several nations, including South Korea, rushed to finalise trade agreements with the US before the August 1 negotiation a strongly worded post on his social media platform Truth Social, Trump stated, "I WILL ONLY LOWER TARIFFS IF A COUNTRY AGREES TO OPEN ITS MARKET. IF NOT, MUCH HIGHER TARIFFS! Japan's Markets are now OPEN (for first time ever!). USA BUSINESSES WILL BOOM!"advertisementHis post came just a day after he announced a new trade deal with Japan, which includes a 15 percent "reciprocal" tariff on Japanese goods entering the United States. This new rate is 10 percentage points lower than what had previously been announced. According to Trump, Japan will invest USD 550 billion in the US, with 90% of the profits going to the United GREAT POWER OF TARIFFS: TRUMPTrump also defended his use of tariffs as a negotiation tool. In another post, he wrote: "Another great power of Tariffs. Without them, it would be impossible to get countries to OPEN UP!!! ALWAYS, ZERO TARIFFS TO AMERICA!!!" The president has been arguing that tariffs help create leverage in international trade talks, forcing other countries to remove trade barriers and give US businesses a fair shot in foreign markets. According to Trump, the goal is always to eliminate tariffs altogether—but only when other nations do the approach is putting pressure on countries like South Korea, which is working to avoid the harsh consequences of US tariffs. The Korean government is particularly concerned about proposed 25 percent reciprocal tariffs, as well as separate duties on steel, aluminium, and automobile exports. These sectors form the backbone of South Korea's economy, which heavily relies on House Press Secretary Karoline Leavitt backed Trump's remarks during a press briefing. She said, "If not, they will continue to face tariffs and pay a steep price to do business in the United States of America, which remains the best market on the face of the planet."- EndsTune InMust Watch


Time of India
25 minutes ago
- Time of India
Trump to outline AI priorities amid tech battle with China
The Trump administration is set to release a new artificial intelligence blueprint on Wednesday that aims to relax American rules governing the industry at the center of a technological arms race between economic rivals the U.S. and China. President Donald Trump will mark the plan's release with a speech outlining the importance of winning an AI race that is increasingly seen as a defining feature of 21st-century geopolitics, with both China and the U.S. investing heavily in the industry to secure economic and military superiority. According to a summary seen by Reuters, the plan calls for the export of U.S. AI technology abroad and a crackdown on state laws deemed too restrictive to let it flourish, a marked departure from former President Joe Biden's "high fence" approach that limited global access to coveted AI chips. Top administration officials such as Secretary of State Marco Rubio and White House National Economic Adviser Kevin Hassett are also expected to join the event titled "Winning the AI Race," organized by White House AI and crypto czar David Sacks and his co-hosts on the "All-In" podcast, according to an event schedule reviewed by Reuters. Trump may incorporate some of the plan's recommendations into executive orders that will be signed ahead of his speech, according to two sources familiar with the plans. Trump directed his administration in January to develop the plan. The event will be hosted by the Hill and Valley Forum, an informal supper club whose deep-pocketed members helped propel Trump's campaign and sketched out a road map for his AI policy long before he was elected. Trump is expected to take additional actions in the upcoming weeks that will help Big Tech secure the vast amounts of electricity it needs to power the energy-guzzling data centers needed for the rapid expansion of AI, Reuters previously reported. U.S. power demand is hitting record highs this year after nearly two decades of stagnation as AI and cloud computing data centers balloon in number and size across the country. The new AI plan will seek to bar federal AI funding from going to states with tough AI rules and ask the Federal Communications Commission to assess whether state laws conflict with its mandate, according to the summary. The Trump administration will also promote open-source and open-weight AI development and "export American AI technologies through full-stack deployment packages" and data center initiatives led by the Commerce Department, according to the summary. Trump is laser-focused on removing barriers to AI expansion, in stark contrast to Biden, who feared U.S. adversaries like China could harness AI chips produced by companies like Nvidia and AMD to supercharge its military and harm allies. Biden, who left office in January, imposed a raft of restrictions on U.S. exports of AI chips to China and other countries that it feared could divert the semiconductors to America's top global rival. Trump rescinded Biden's executive order aimed at promoting competition, protecting consumers and ensuring AI was not used for misinformation. He also rescinded Biden's so-called AI diffusion rule, which capped the amount of American AI computing capacity that some countries were allowed to obtain via U.S. AI chip imports. In May, Trump announced deals with the United Arab Emirates that gave the Gulf country expanded access to advanced artificial intelligence chips from the U.S. after previously facing restrictions over Washington's concerns that China could access the technology.


Time of India
30 minutes ago
- Time of India
Net FDI inflows fell 98% in May as repatriation increased 24%: RBI Bulletin
Mumbai: Net foreign direct investment (FDI) into India fell 98% year-on-year to $35 million in May amid higher repatriation by overseas investors and a fall in gross inflows, latest central bank data published in its monthly Bulletin showed. Net FDI was 99% lower compared with April. Gross inflows fell 11% YoY to $7.2 billion in May, while repatriation of FDI increased nearly 24% to $5 billion. Outward FDI increased to $2.1 billion from $1.8 billion a year ago. Explore courses from Top Institutes in Please select course: Select a Course Category Technology Healthcare Others CXO Degree others Management Product Management Data Science Operations Management healthcare MCA Design Thinking Project Management Public Policy Cybersecurity Data Science Artificial Intelligence Digital Marketing Data Analytics MBA Leadership PGDM Finance Skills you'll gain: Duration: 12 Weeks MIT xPRO CERT-MIT XPRO Building AI Prod India Starts on undefined Get Details The Reserve Bank of India (RBI) said that Singapore, Mauritius, the UAE and the US together accounted for more than three-fourths of the total FDI inflows in May 2025. Manufacturing, financial and computer services were the top recipient sectors. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like How Smart Are You Really? This Test Will Surprise You Try Now Undo On the other hand, top sectors for outward FDI included transport, storage and communication services, manufacturing, and financial, insurance and business services. Major destinations for outward FDI included Mauritius, the US and the UAE. In May, net portfolio investments stood at $1.6 billion. This compares with net portfolio outflows in the year and month-ago periods. Live Events According to experts, FDI inflows are perceived to be a more stable source for India's foreign exchange reserves compared to portfolio flows. Currently, India's FX reserves stood at $696.7 billion. At the current level, FX reserves provides cover for more than 11 months of goods imports and for 95% of the external debt outstanding at the end of March 2025.