Keyboard with China flag key (Getty images)
WASHINGTON — Defense Secretary Pete Hegseth has announced an urgent review of the Pentagon’s digital ecosystems, after saying the DoD had been alerted of a “potential vulnerability” in its cloud services architecture.
“It turns out that some tech companies have been using cheap Chinese labor to assist with DoD cloud services. This is obviously unacceptable, especially in today’s digital threat environment,” Hegseth said in a video message posted Friday to X, adding that the vulnerability was found on a “legacy system created over a decade ago during the Obama administration.” Hegseth said that the DoD has to “ensure the digital systems that we use here at the Defense Department are ironclad and impenetrable.”
In response, the defense secretary said the DoD was taking action to ensure “that China will no longer have any involvement, whatsoever, in our cloud services, effective immediately.” He also ordered a “two-week review, or faster, to make sure that what we uncovered isn’t happening anywhere else across the DoD.”
Hegseth did not disclose further details of the purported vulnerability, and the Pentagon did not respond to Breaking Defense’s request for additional information Monday.
But the defense secretary did thank “Americans, in the media and elsewhere,” who raised the issue. The announcement came days after investigative media outlet ProPublica published a report alleging that Microsoft, a company with billions of dollars worth of contracts with the DoD, was using engineers in China to help manage Defense Department systems. The report said that US-based “digital escorts,” meant to check the work of the workers in China, at times didn’t have the technical expertise to properly oversee the work, which it claimed could leave some of the department’s most “sensitive data” exposed.
According to the investigation, the engineers working in China were responsible for handling Impact Level 4 and 5 materials — sensitive materials that fall right under the Impact Level 6 classification of top secret information. Microsoft reportedly told ProPublica in part that its employees and contractors follow policies “consistent with US Government requirements and processes.”
Before Hegseth’s announcement was posted on Friday evening, Frank Shaw, Microsoft’s chief communications officer, took to X to announce that the company was changing its policies to “assure that no China-based engineering teams are providing technical assistance for DoD Government cloud and related services.”
ProPublica’s findings and Hegseth’s looming review come as Trump administration officials and Pentagon leaders have been adamant about classifying China as America’s most consequential threat in cyberspace. In a June executive order, the president stated that “the People’s Republic of China presents the most active and persistent cyber threat to United States Government, private sector, and critical infrastructure networks, but significant threats also emanate from Russia, Iran, North Korea, and others who undermine United States cybersecurity.”
Click this link for the original source of this article.
Author: Carley Welch
This content is courtesy of, and owned and copyrighted by, https://breakingdefense.com and its author. This content is made available by use of the public RSS feed offered by the host site and is used for educational purposes only. If you are the author or represent the host site and would like this content removed now and in the future, please contact USSANews.com using the email address in the Contact page found in the website menu.
