Sen. Tom Cotton (R-Ark.) pressed the Defense Department on Thursday for information about Microsoft’s reported use of Chinese engineers to help maintain the agency’s computer systems.
In a letter to Defense Secretary Pete Hegseth, Cotton pointed to recent reporting from ProPublica indicating Microsoft relies on Chinese engineers, who are overseen by U.S. citizens with security clearances known as “digital escorts.”
“While this arrangement technically meets the requirement that U.S. citizens handle sensitive data, digital escorts often do not have the technical training or expertise needed to catch malicious code or suspicious behavior,” Cotton wrote.
“The U.S. government recognizes that China’s cyber capabilities pose one of the most aggressive and dangerous threats to the United States, as evidenced by infiltration of our critical infrastructure, telecommunications networks, and supply chains,” he added. “DoD must guard against all potential threats within its supply chain, including from those subcontractors.”
The Arkansas Republican requested information from Hegseth about the Pentagon’s contractors and subcontractors who hire Chinese personnel or digital escorts, as well as recommendations for closing loopholes in the security requirements for government cloud providers.
China-linked hackers have been tied to numerous high-profile breaches in the U.S. over the past year.
The group known as Salt Typhoon has compromised at least nine telecommunications firms. One state’s National Guard network was also hacked for nearly a year, according to a recent memo from the Department of Homeland Security obtained by NBC News.
