WASHINGTON, DC - Last year, Law Enforcement Today warned about an Obama-era program that, in cooperation with Microsoft, transferred over 80 percent of the federal government's and Department of Defense infrastructure and services to the Bill Gates-owned company. Meanwhile, 98 percent of the support for IT infrastructure and services overseas was transitioned to Microsoft, with over 90 percent of that being facilitated in communist China.
Now, Defense Secretary Pete Hegseth has announced that the Pentagon is “looking into” the cloud-based program that uses foreign workers from China, employed by Microsoft. Earlier this week, Pro-Publica, late to the party, accused Microsoft of using the China-based engineers to assist with Pentagon cloud systems, Fox News Digital reported. They claimed the systems have “inadequate guardrails” in place to protect sensitive data.
In an announcement this past week, Hegseth addressed the reporting that “some tech companies have been using cheap Chinese labor to assist with DoD cloud services.” Hegseth called this “unacceptable, especially in today’s digital threat environment.”
“Now, this was a legacy system created over a decade ago by the Obama administration. But we have to ensure that the digital systems we use here at the Defense Department are ironclad and impenetrable. And that’s why today I’m announcing that China will have no involvement, whatsoever, in our cloud services effective immediately,” Hegseth continued.
Hegseth also promised a two-week review to make sure that what was uncovered isn’t happening “anywhere else within the DoD.”
Microsoft (coincidentally, no doubt) received the contract after Obama appointed Microsoft’s chief research and strategy officer, Craig Mundie, to his 20-member President’s Council of Advisors on Science and Technology. Mundie “was credited with being the key Microsoft executive who was able to speak to the company’s China strategy,” LET reported, noting that “he served as Microsoft’s ‘decision-maker’ for that strategy for 13 of the company’s 18 years in the China market.”
It should be noted that Microsoft had donated nearly $3 million in political campaign funds in 2008 when Obama ran for president, with $2.12 million of that total going to Democrats and the remainder, $844,586, to Republicans.
When Microsoft took ownership of the cloud infrastructure for the Pentagon, it used the same cloud-based technology and infrastructure as the United States government and the Department of Defense, according to Tom Schiller, the expert who initially contacted Law Enforcement Today.
Last week, after Pro-Publica’s report, Sen. Tom Cotton (R-AR), sent a letter to Hegseth requesting information and documents “about the program, including a list of all DoD contractors that hire Chinese personnel to provide maintenance or other services to DoD systems, a list of subcontractors that hire Microsoft’s American-born ‘digital escorts’ required to supervise foreign computer scientists while they work on DoD systems and documents on the training these supervisors receive to identify suspicious activity,” Fox News Digital reported.
“In light of recent and concerning reports about Microsoft using engineers in China to maintain DOD systems, I've asked the Secretary of Defense to look into the matter,” Cotton posted on X with a copy of the letter to Secretary Hegseth. “We must guard against all threats within our military’s supply chain.”
With all due respect to Sen. Cotton, where was he 10 months ago when Law Enforcement Today broke this story? All the way back in July 2014, four Microsoft offices in China were raided by China’s antitrust regulator, the State Administration for Industry and Commerce. As Schiller asked, why would the U.S. take the risk of using a company with offices in “what is clearly the number one international threat to the United States, especially when they can raid their facilities and help themselves to whatever they want?” Since China doesn’t have a constitution to abide by with clear 4th Amendment rights, “why [wasn’t] Microsoft ordered to pull out of China then?”
We also reported that according to Schiller, “Microsoft has shared source code with China and let them insert their own source code into Microsoft’s proprietary source code,” a “direct contradiction to the Microsoft president’s statement to Congress” in a House Homeland Security Subcommittee meeting in June 2014.
The agreement Obama made in 2016 authorized Microsoft to use uncleared foreign national staff to manage the U.S. Sovereign Cloud, who worked together with the cleared security escort team Cotton referred to in his letter. The U.S. Sovereign Cloud, LET reported, “consists of ALL of the U.S. Government and DoD Microsoft cloud environments.”
Schiller also offered the following: “Due to an inadequately/poorly written authorization given to Microsoft” by Obama, “uncleared Microsoft staff primarily based out of China did not have to share source-code intended for use in the U.S. Sovereign Cloud with the cleared security escort team. As a result, security provided by cleared U.S. escort personnel is effectively negated and neutralized.”
In their report, ProPublica said according to sources, “including some who had intimate familiarity with the hiring process for the $18-per-hour ‘digital escort’ position, the tech employees being hired to do the supervising lacked the adequate tech expertise to prevent a rogue Chinese employee from hacking the system or turning over classified information to the CCP.”
ProPublica’s sources said many of the escorts were “former military personnel” who “were hired for their security clearances more than their technical abilities and often lacked the skills to evaluate code being used by the engineers they were supervising.”
In our reporting last year, we noted that President Trump issued Executive Order 13873 on Securing the ICT and Services Supply Chain, which superseded the previous order between the U.S. and Microsoft, which made it illegal for Microsoft to use China-based staff to support the U.S. Sovereign Cloud. Despite that order, Schiller told LET that “Microsoft continues to violate that order, with over 90% of its staff still based in China.”
Schiller also told LET that he has been “sending reports to the FBI since 2016,” which were ignored. He said that the FBI has “not performed due diligence and contacted me for more information.”
In 2023, Schiller contacted Rep. Carlos Jimenez (R-FL), who lashed out at Microsoft President Brad Smith during a hearing before the House Homeland Security Committee, investigating a security breach at Microsoft, as well as other security issues and the company's continued business in China. During that hearing, Smith endured bipartisan criticism from both the right and the left.
In his letter to Gimenez, Schiller said he had “three additional senior-level whistleblowers from the Microsoft U.S. Government and DoD contract who are prepared to testify.” Schiller told LET he also sent numerous reports to “key US agencies, including the FBI, NSA, United States Air Force, OSI, and U.S. Navy CIS,” and also included reports being “submitted to multiple senators, members of Congress, and military commanders.”
Means of contact included emails, electronic forms on websites, voicemail messages, reports via fax, leaving messages with office assistants, and sending letters through the mail. Those efforts realized NO RESPONSES.
Among the lawmakers contacted, with no responses, were Reps. Matt Gaetz (R-FL), Lauren Boebert (R-CO), Marjorie Taylor-Greene (R-GA), Jim Jordan (R-OH), and Thomas Massie (R-KY). He also contacted Sens. Tim Scott (R-SC), Ted Cruz (R-TX), and Josh Hawley (R-MO).
Schiller did receive one response, that from the Inspector General’s Office for the Defense Information Systems Agency (DISA). Assistant Inspector General for Inspections, Jo Ann T. Geoghan, wrote:
You contacted the DOD OIG on 19 July 2024, alleging security concerns involving uncleared foreign nationals and the Microsoft Azure platform. We conducted a preliminary analysis into the complaint and determined this matter is not within the avenue of redress by DISA IG and is best addressed by the appropriate DISA management. We have referred the information you provided to management and will contact you if clarifying or additional information is needed.
We consider this case closed and will take no further action.
In response to ProPublica’s day late and a dollar short exposé, Michael Lucci, CEO and founder of State Armor Action, a conservative group with a mission to develop and enact state-level solutions to global security threats, told Fox News Digital.
“If ProPublica’s report turns out to be true, Microsoft has created a national embarrassment that endangers our soldiers, sailors, airmen, and marines. Heads should roll, those responsible should go to prison, and Congress should hold extensive investigations to uncover the full extent of potential compromise,” Lucci said. “Microsoft or any vendor providing China with access to Pentagon secrets verges on treasonous behavior and should be treated as such.”
In response to ProPublica’s article, a Microsoft spokesperson defended the company’s “digital escort model,” noting that “all personnel and contractors with privileged access must pass federally approved background checks,” Fox News Digital reported.
“For some technical requests, Microsoft engages our team of global subject-matter experts to provide support through authorized U.S. personnel, consistent with U.S. government requirements and processes,” the spokesperson said, adding, “In these instances, global support personnel have no direct access to customer data or customer systems.”
ProPublica said the Defense Information Systems Agency’s (DISA) public information office was “unaware” of the program when the outlet began poking around, which is a direct contradiction of what Tom Schiller told LET and what we reported. As the letter to Schiller outlined above notes, DISA looked into his complaint and determined it wasn’t relevant to the DISA IG.
Hopefully, the time between when Law Enforcement Today initially reported this breach of our national security and now has not made our country even more vulnerable to the Chinese communist government.
Comments