Overview

• ProPublica revealed that U.S. security-cleared “digital escorts” with limited technical expertise were relaying code from China-based engineers to Pentagon cloud systems.
• Microsoft spokesperson Frank Shaw confirmed that no China-based teams will henceforth provide technical assistance to Defense Department cloud and related services.
• Defense Secretary Pete Hegseth directed a department-wide sweep to ensure all legacy or similar foreign support models are eliminated within two weeks.
• Senator Tom Cotton urged that the inquiry be expanded to all cloud providers and subcontractors to guard against supply chain threats.
• Analysts say the episode highlights ongoing vulnerabilities in U.S.–China cybersecurity ties and may prompt stricter supply chain controls under evolving certification standards.