Hasty Briefsbeta

Bilingual

Microsoft's "Digital Escorts" Left DoD Vulnerable to Chinese Hackers

6 hours ago
  • #cybersecurity
  • #government-contracts
  • #investigative-journalism
  • Microsoft reportedly used engineers based in China to provide IT support and services for the U.S. Department of Defense's cloud systems, a practice known as 'digital escorting'.
  • Digital escorting involved a U.S.-based worker with security clearance copy-pasting code from a China-based engineer into Defense Department systems, creating a potential security vulnerability.
  • The investigation, led by ProPublica reporter Renee Dudley, uncovered the practice through job ads, LinkedIn profiles, patent documents, and interviews with digital escorts.
  • Microsoft defended the arrangement as government-approved, but the Defense Information Systems Agency (DISA) initially claimed no knowledge of it until directed to a specific security plan document.
  • Following the publication of the story, Microsoft stopped using China-based engineers for Defense Department cloud support, and a new law was signed banning adversarial country-based personnel from accessing Pentagon cloud systems.