Microsoft to stop using China-based teams to support Department of Defense
9 months ago
- #Microsoft
- #national-security
- #cybersecurity
- Microsoft will no longer use China-based engineering teams for Defense Department’s cloud computing systems due to cybersecurity risks.
- Microsoft has also used China-based personnel to maintain cloud systems for other federal departments like Justice, Treasury, and Commerce.
- The Government Community Cloud (GCC) handles sensitive but unclassified information, approved by FedRAMP for 'moderate' impact data.
- Cybersecurity experts warn that foreign support for GCC could enable spying and sabotage, even with unclassified data.
- China is deemed the 'most active and persistent cyber threat' to U.S. networks by the Office of the Director of National Intelligence.
- Microsoft plans to discontinue China-based support for GCC and will conduct a review for additional security measures.
- Other cloud providers like AWS, Google, and Oracle do not use China-based support for U.S. federal contracts.
- Microsoft’s use of digital escorts for oversight has been criticized for lacking advanced technical expertise to police foreign engineers.
- The revelations have sparked concerns in Washington about national security and Microsoft’s cybersecurity practices.