The Pentagon Has Given China Access to Its Systems for Over a Decade

The Defense Department (DoD) is letting Beijing into its most critical systems — not through a breach, but by design. On July 15, a ProPublica investigation revealed that the DoD has outsourced some of its most sensitive IT maintenance to Microsoft engineers located in mainland China, granting them access to Pentagon systems for nearly a decade.

The report comes as China continues to exploit vulnerabilities to infiltrate U.S. government and critical infrastructure systems. The absence of effective federal oversight helps China advance its state intelligence operations while undermining our own national security.

DoD Program Allegedly Had Limited Supervision for Chinese Engineers

The DoD program allowed Microsoft-employed engineers based in China to help maintain — and gain access to — the department’s cloud computing systems. These engineers may have had access to “High Impact Level” data, including information related to military operations, while under the supervision of so-called “digital escorts.” The escorts were U.S. government personnel who were underqualified for the role.

While the DoD requires more stringent citizenship or residency requirements for individuals handling its sensitive data, Microsoft’s global business model — which relies on more cost-effective overseas technical support — created a loophole that effectively outsourced trust to Chinese nationals. This arrangement may have enabled Chinese engineers to introduce vulnerabilities into DoD systems under the guise of software maintenance, since the digital escorts were required to input commands written by these Chinese engineers directly into DoD systems.   

The program’s existence also raises broader concerns over the security of third-party software providers used across the federal government. In December, Chinese hackers compromised BeyondTrust, a private cybersecurity provider, to access U.S. Department of Treasury workstations — including those in the Office of Foreign Asset Control and the office of Secretary Janet Yellen. China has also previously been accused of hacking Microsoft’s email systems to steal government records, including the emails of Commerce Secretary Gina Raimondo.

China Remains a Pacing Threat in Cyberspace

China has a long history of stealing U.S. military secrets and technology. In March, the Justice Department indicted several Chinese hackers associated with the Ministry of State Security. They are accused of stealing sensitive records from defense contractors and affiliated university programs. China has also been accused of stealing plans for the American-made F-35 fighter jet from a Lockheed Martin subcontractor — a move that helped the Chinese military accelerate construction of its own fifth-generation fighter, the J-31.

Beyond traditional espionage, China is increasingly focused on the operational preparation of the battlefield by pre-positioning within U.S. critical infrastructure. This includes the “Salt Typhoon” campaign targeting the U.S. telecommunications system; “Volt Typhoon,” which has targeted water systems, electrical grids, and rail networks; and “Flax Typhoon,” which has targeted U.S.-Taiwanese communication networks. These operations aim to embed exploitable vulnerabilities that Beijing could leverage at the time of its choosing.

Washington Must Strengthen Its Cyber Defenses

The public revelation of DoD’s program underscores systemic weaknesses in federal IT procurement that leave critical systems vulnerable to adversarial interference. To mitigate these risks, Washington must prioritize investing in a technically capable, trustworthy cybersecurity workforce with the expertise to identify, assess, and prevent the misuse of sensitive federal information.

Furthermore, it is essential to enhance transparency and accountability across federal contracting by establishing vetting requirements that go beyond security clearances alone. Vendors should be required to disclose any contractors and subcontractors who are foreign nationals supporting their work.

Congress should close loopholes that enable indirect access to sensitive systems, and, at a minimum, prohibit any arrangement that allows employees based in adversarial countries to work on high impact data without meeting stringent security requirements.

Jack Burnham is a research analyst in the China Program at the Foundation for Defense of Democracies (FDD). Jiwon Ma is a senior policy analyst at the Center on Cyber and Technology Innovation (CCTI) at FDD. For more analysis from Jack, Jiwon, and FDD, please subscribe HERE. Follow Jack on X @JackBurnham802. Follow Jiwon on X @jiwonma_92. Follow FDD on X @FDD. FDD is a Washington, DC-based, nonpartisan research institute focusing on national security and foreign policy.