A US lawmaker is pushing the Pentagon for more transparency regarding information shared with Chinese engineers under a cloud computing services contract with Microsoft. According to a report, Senator Tom Cotton (R-Arkansas) has sent a letter to Defense Secretary Pete Hegseth, requesting detailed information on the extent of access Chinese engineers had to US military data.Citing his letter, news agency Reuters, Cotton specifically asked Hegseth to provide details on three fronts.
- Provide lawmakers with details on what information Chinese engineers accessed.
- Disclose any “potential security incidents or malicious events that have already occurred or are likely to occur.”
- Confirm whether Microsoft was required to conduct self-audits of the program and, if so, to release the results of those audits.
Cotton voices concern regarding Pentagon’s current practices
Cotton expressed significant concern over the Pentagon’s existing practices.“While I applaud your actions, I am concerned that the Department [of Defense] is hampered by agreements and practices unwisely adopted by your predecessors, including contracts and oversight processes that fail to account for the growing Chinese threat,” he said.Senator Cotton’s inquiry follows a report by ProPublica, which revealed Microsoft’s practice of using China-based engineers, supervised by US “digital escorts,” to provide technical support for US military operations. Following the ProPublica report, Hegseth ordered a two-week review across the department to ensure that other contractors are not engaging in similar practices that could pose security risks.Last week, Microsoft announced it has ceased this practice.“In response to concerns raised earlier this week about US-supervised foreign engineers, Microsoft has made changes to our support for US Government customers to assure that no China-based engineering teams are providing technical assistance for DoD Government cloud and related services. We remain committed to providing the most secure services possible to the US government, including working with our national security partners to evaluate and adjust our security protocols as needed,” said Frank Shaw, Chief Communications Officer at Microsoft.
