The last thing one expects when thinking about the digital security of the US Department of Defense is that part of the technical support comes from engineers located on the other side of the world. However, that is precisely what has been happening. A group of Microsoft workers based in China participated in assistance tasks linked to Pentagon contracts under a remote supervision system. Following a recent revelation, that scheme no longer applies to defense contracts.
The Cloud is Not in Heaven
Although it sounds ethereal , the cloud is very real. Cloud computing refers to physical servers distributed globally, managed by technological giants such as Microsoft , Amazon , or Google . These companies offer remote access to infrastructure, platforms, and applications through the Internet, thereby enabling organizations to save costs, operate from anywhere, or scale services in a matter of seconds. However, this convenience comes with a significant dependency on a limited number of suppliers.
Azure and Government Contracts
Azure , Microsoft’s cloud service, does not solely serve private enterprises; it also manages government contracts, including those of the US Department of Defense . Here, technical support plays a crucial role—it involves personnel who resolve incidents, assist with configurations, and ensure operations run smoothly. This is where the controversy has emerged: part of that support was provided by engineers based in China.
A Model that Raises Concerns
An investigation published by Propublica revealed not just the involvement of Chinese engineers in sensitive contracts, but also an inherited system designed over a decade ago to meet the security requirements of the US government. While these foreign engineers did not have direct access to the systems, their instructions were relayed through authorized personnel within the country.

This model, referred to as “digital escorts,” was intended to provide an added layer of protection. However, in practice, it opened the door to errors, as those executing the commands—American employees with access—often did not fully understand the technical nuances. In a landscape increasingly vulnerable to sophisticated threats, this architecture has proven obsolete, prompting Microsoft to deactivate it.
Microsoft Takes Action
Following the report’s publication, Microsoft acted swiftly. In a statement from Frank Shaw, its communication director, the company announced an immediate cessation of technical support by teams based in China for the Pentagon and other sensitive federal clients. This decision impacts Pentagon contracts and is presented as a necessary adjustment to “guarantee security” in critical environments.

The company also emphasized that its teams operated according to established protocols set by federal agencies. Nevertheless, it committed to reviewing its security procedures alongside national partners. “We continue working to deliver the safest services possible to the US government,” Shaw stated, presenting a diplomatic front while executing a notable shift in operations.
The Pentagon Responds
The US government reacted promptly. Secretary of Defense Pete Hegseth described the situation as “unacceptable,” emphasizing that such a system has no place given the current climate of digital threats. He stated this architecture is a remnant of the Obama administration, announcing in a video on X plans for a comprehensive review to identify similar issues in other tech contracts.
Broader Implications
The question of which suppliers to trust extends beyond Microsoft. In Spain , a contract awarded to Huawei for storing judicial communications has sparked diplomatic tensions with both the US and Brussels, raising concerns about whether certain technological infrastructures should be controlled by entities deemed sensitive.
As cybersecurity becomes an increasingly critical concern in both the public and private sectors, the necessity for vigilant oversight and strict operational protocols cannot be overstated. The revelations regarding overseas support for the Pentagon illuminate significant vulnerabilities in digital security systems. With the rapid pace of technological advancement, it is essential for governments and corporations alike to exercise caution and prioritize national security above convenience.
