How Did Chinese Engineers Get Access to US Defense Clouds?

Microsoft’s now-shuttered “digital escort” system gave China-based engineers indirect yet significant influence over US Defense Department cloud environments.

This little-known process allowed critical instructions for secure military systems to originate from outside US borders, causing major concern among national security and cybersecurity experts.

Microsoft developed the escort system to comply with strict government rules requiring that only US citizens access high-security Department of Defense data.

The company, instead of allowing Chinese engineers direct access to Pentagon environments, required them to submit remote instructions to cleared US-based personnel.

How the Escort System Worked

Through the digital escort model, engineers in China filed support tickets containing technical instructions or solutions for issues arising in Pentagon-managed cloud systems. US citizens, "escorts," and former military or cleared personnel received these directions and acted as middlemen for support tasks.

Escorts, who sometimes earned less than $20 per hour, would log into secure systems and manually follow the remote engineers’ steps. Often, they executed these support interactions without fully understanding the technical significance or security risks involved.

Did you know?
Before being shut down in 2025, Microsoft’s 'digital escort' system allowed foreign engineers to virtually guide access to Pentagon systems holding Impact Level 5 defense data.

Clearance Without Control

On paper, escorts provided a security firewall, ensuring foreign nationals had no direct access. In practice, engineers outside the US shaped the functionality of classified systems by proxy.

Worse, many escorts lacked technical training and relied entirely on guidance from global teams, creating what critics described as “access in all but name.”

One cyber advisor at the Pentagon compared it to giving directions to someone blindfolded, while a stranger in another country provides the steering.

Why Microsoft Used This Model

The system helped Microsoft scale support for complex infrastructure under tight deadlines, particularly for its Azure Government contracts. Using its global engineering talent enabled faster fixes and 24-hour coverage.

The “digital escort” system was seen internally as an efficient way to meet Pentagon service demands while remaining contract compliant.

However, the process was so obscure that even senior officials at the Defense Information Systems Agency admitted they had no idea it was in operation until media reports surfaced. This revelation raised questions about transparency in federal cloud contracts and compliance auditing.

ALSO READ | What’s the role of the Mississippi gas plant in xAI’s AI plans?

The Breaking Point

The arrangement became public through a July 2025 ProPublica report detailing its use and associated risks. Within days, lawmakers and security officials slammed the practice as a monumental oversight.

Critics pointed to China’s legal requirement for companies to aid government intelligence, raising alarms that engineers could be coerced into espionage without ever touching the systems themselves.

Microsoft initially defended the model, claiming it disclosed the practice during authorization, but later reversed its position due to the growing backlash. On July 18, it announced a strict new policy: no China-based engineers would provide support for US Defense cloud operations.

Rethinking Cloud Support Norms

The exposure of Microsoft’s escort system has ignited a broader reckoning across the defense technology industry. Federal leaders are now pushing for tighter personnel controls, clearer contractor disclosures, and stricter measures to protect sensitive data in an increasingly connected global workforce.

The escort controversy shows that even indirect access mechanisms can create security gaps when accountability and visibility are weak. As cloud infrastructure becomes essential to modern defense, ensuring that all hands on the system are fully accountable and domestically based may become a new minimum standard.