Reports have discovered some of the most sensitive data the US has is overseen by Chinese engineers.
According to a report from ProPublica, the American technology company has employed a number of engineers in China to maintain the US Department of Defense’s computer systems. The report claims there has been “minimal supervision by US personnel” – that is, until now. Microsoft is reportedly revising its operations, phasing out Chinese-based engineers who provide technical support. The shift in strategy is said to reduce potential risks to US national security.
The tech and trade war between the US and China has been developing over a number of years, with both states introducing stringent laws and regulations, as well as strict national security policies. These have limited the amount of access both markets have, thus reducing prospective opportunities.
The latest move comes after research from Microsoft discovered Chinese “threat actors,” including “state-sponsored hackers” have been at work in its systems. The tech giant has claimed that threat actors have exploited security vulnerabilities in the company’s SharePoint document-sharing servers. Further research found that hundreds of government agencies and organisations had been breached. However, Microsoft has not confirmed this is the reason for suspending the China-based engineers.
Dutch cybersecurity company Eye Security have so far uncovered 400 breached agencies, commenting that they “may continue to rise as investigations progress.” The National Nuclear Security Administration, which manages nuclear weapons, was confirmed as one of the victims, with malware campaigns also being targeted against local US governments.
Posting on social media, Frank Shaw, Microsoft’s Chief Communications Officer, commented on the latest, saying, “In response to concerns raised earlier this week about US-supervised foreign engineers, Microsoft has made changes to our support for US Government customers to assure that no China-based engineering teams are providing technical assistance for DoD Government cloud and related services.”
The engineers were reportedly being supervised by ‘digital escorts,’ typically with lower skill levels than the engineers they were monitoring. Sources state that many ‘escorts’ previously served in the military but have limited coding knowledge and experience.
Although the arrangement has operated for close to a decade, most former government officials reported being unfamiliar with the practice. Deven King, a spokesperson for the Defense Information Systems Agency, confirmed this, saying, “Literally no one seems to know anything about this, so I don’t know where to go from here.”
A Microsoft spokesperson defended the digital escorts, saying, “For some technical requests, Microsoft engages our team of global subject-matter experts to provide support through authorised US personnel, consistent with US Government requirements and processes. In these instances, global support personnel have no direct access to customer data or customer systems. Only authorised US persons with the appropriate clearances and training provide direct support. The personnel are provided specific training on protecting sensitive data, preventing harm, and use of the specific commands/controls in the environment.”
Inside Microsoft’s decision to hire engineers in China
Microsoft is known for having a large presence in China. In March 2025, it announced plans to outsource further work to China to meet the growing demands for cloud and AI solutions. Microsoft also stated it was expanding its manufacturing operations in Shenzhen to develop a range of AI-powered technology, including edge computing products and smart devices.
China is known for its substantial network of technology suppliers, advanced manufacturing facilities, and pool of specialists. This has made it a key region for large companies like Microsoft that are seeking to increase production and operations at the lowest possible cost.
Microsoft’s employment of Chinese staff comes with risks as geopolitical tensions continue between the US and China. US tech companies face scrutiny of their operations in China, with potential harm to supply chains needing to be carefully navigated.
A 2024 Deloitte Global Outsourcing Survey highlighted several key reasons why many US tech companies hire Chinese staff despite concerns. As well as cost efficiency, with China offering cheaper resources than some western countries, China produces a vast number of STEM graduates each year. These provide a large pool of skilled professionals in key tech fields like development, AI, and data analytics.
The survey discovered that 83% of executives are using AI in their outsourcing strategies. China is a country at the forefront of AI and automation, making it an attractive location to integrate such technologies and hire experts in various technological domains.
China’s role in US tech
US based companies including Indeed, Oracle, Amazon Web Services, and Meta, all of which have been involved with the Department of Defense in some capacity, also operate or have operated in China. Each company has built AI partnerships in China, and hired local employees, though not to the extent of Microsoft. However, there is currently no public record nor confirmed reporting that companies hired Chinese staff for defense-related projects, leaving Microsoft in a unique position.
With Microsoft’s employment of foreign engineers on sensitive defense systems set to be probed by the Pentagon, the company has taken steps to remove the outsourced personnel. However, this could become a “national embarrassment” for Microsoft, according to Michael Lucci, CEO and founder of State Armor Action, a conservative group working to create and promote state-level plans to deal with global security problems.
The implications from this investigation could be far-reaching, particularly for other tech firms holding defense or intelligence contracts. These are likely to come under similar intense scrutiny as federal agencies continue their push to close any potential vulnerabilities in technology and outsourcing supply chains.
(Image source: “us army rangers” by ru tactical is licensed under CC BY-NC-SA 2.0. )
Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. The comprehensive event is co-located with other leading events including Digital Transformation Week, IoT Tech Expo, Blockchain Expo, and AI & Big Data Expo.
Explore other upcoming enterprise technology events and webinars powered by TechForge here.
