In a shocking development that has reverberated throughout the US defense sector, it has been revealed that Microsoft has been employing Chinese engineers for an extended period to participate in maintaining the cloud-based confidential system of the Pentagon. Once this information came to light, the US Congress and the Pentagon were immediately in an uproar, launching urgent investigations, and Microsoft hurried to sever ties, announcing that the Chinese engineering team will no longer have any contact with technical services at the Pentagon.
But the more outrageous revelations were yet to come: the so-called “Digital Escorts” program, initiated by Americans themselves to oversee these foreign engineers, had recruited a group of retired military personnel and tech novices whose daily work merely consisted of simple copy and paste tasks. This was far from safeguarding national security; it was akin to handing spies a direct key. What was Microsoft playing at?
Speaking of espionage, there is even more explosive news to follow: a study released by the American think tank CSIS revealed that over the past 20 years, there have been 224 publicly disclosed espionage cases involving China in the US, with hacking attacks being commonplace. From F-35 fighter jets to Patriot missiles, sensitive US military technologies have been thoroughly probed by Chinese entities.
Today, we delve deep into the security vulnerabilities behind Microsoft and the rampant espionage activities of the Chinese Communist regime. What kind of crisis does the US truly face?
On July 15, a renowned investigative media outlet, “ProPublica,” exposed that Microsoft had hired an engineering team in China to assist in developing and maintaining the cloud computing system at the Pentagon. This revelation prompted immediate uproar and emergency investigations from the US Congress and the Pentagon.
The report mentioned that these Chinese engineers were supposedly monitored by Americans known as “Digital Escorts.” However, these so-called escorts, mostly subcontractors, were predominantly retired soldiers or ordinary employees lacking sufficient technical ability, unable to discern the risks associated with the operations of Chinese engineers.
In response to the escalating public outcry, Microsoft promptly announced on July 18 that they had revised their internal policies to ensure that the “Chinese engineering team will no longer participate in any technical support for Pentagon cloud services.”
Once the news reached Congress, Senator Tom Cotton, chair of the Senate Intelligence Committee and member of the Armed Services Committee, promptly wrote to Defense Secretary Pete Hegseth, demanding the immediate disclosure of all contractors implicated and the public revelation of the training received by these so-called “Digital Escorts.”
Cotton further warned, “China’s cyber capabilities are one of the biggest national security threats faced by the United States today.”
In a swift response, Defense Secretary Hegseth acknowledged Cotton’s concerns as “entirely valid.” He initiated a comprehensive security review lasting two weeks, explicitly stating that all cloud services contracted with the Defense Department would undergo security evaluations to ensure that no Chinese engineers would be involved.
Hegseth remarked on social media, “Foreign engineers from any country, including China, must not be allowed to maintain or access systems of the Department of Defense.”
However, behind this incident lies many undisclosed facts, revealing deeper untold truths. Let’s continue our examination.
According to a ProPublica investigative report published on July 15, this incident can be traced back to a decade ago. Microsoft, aiming to secure contracts for cloud computing services with the US government, particularly the military, devised a monitoring mechanism called “Digital Escorts.” Essentially, Microsoft hired numerous foreign engineers, including a team in China, to aid in maintaining the computer systems of the US government, especially the Pentagon.
In response to security demands from the US government, Microsoft further recruited security-cleared Americans to supervise, ensuring that these foreign engineers would not engage in activities threatening US national security.
While this arrangement may seem logical, reality proved otherwise. The American employees tasked with supervision were recruited mostly from outsourcing firms, with many lacking even basic IT knowledge. They were primarily retired soldiers or non-professional technical personnel, earning only around $18 per hour. Their daily work routine involved mechanical copy-and-paste practices, directly transferring complex commands received from Chinese engineers onto the US military network systems.
In essence, these escorts lacked the ability to effectively discern risks. In fact, an anonymous escort unequivocally told ProPublica, “We can only hope that foreign engineers do not engage in malicious activities, as we are unable to discern their actions.”
To add to the shock, several high-ranking officials, including John Sherman, former head of information at the Department of Defense, expressed confusion upon hearing the term “Digital Escorts,” indicating no prior knowledge of the program. Even the Defense Information Systems Agency (DISA), responsible for US military information technology security, could not identify individuals knowledgeable about the initiative.
Furthermore, former CIA and NSA executive Harry Coker explicitly stated, “If I were an intelligence officer, I would view this as an excellent opportunity for infiltration. This is akin to directly handing spies a key to unlock the doors of the US military.”
Over the past few years, nearly all major cyber-attacks in the US have been tied to Chinese hackers. In 2023 alone, incidents included Chinese hackers breaching the email accounts of high-ranking US officials, stealing over 60,000 emails. Not even the email systems of the US Secretary of Commerce or the ambassador to China were spared, and these systems happened to be cloud-based.
Not only were external observers shocked, but internal concerns within Microsoft also indicated that the “Digital Escorts” program was akin to a ticking time bomb.
One of Microsoft’s senior network security executives previously warned that the design of this mechanism was riddled with flaws, enabling foreign engineers to easily access the internal details of US federal cloud services and potentially launch targeted cyber-attacks using this information.
Matthew Erickson, a former Microsoft engineer involved in developing the “Digital Escorts” program, candidly admitted that if foreign engineers operated seemingly normal scripts with ulterior motives, the escorts would be unable to detect anything suspicious.
So why did Microsoft insist on utilizing such a high-risk approach? The reason was relatively simple: cost efficiency.
Indy Crowley, the former senior manager responsible for federal government cloud business at Microsoft, revealed that the US government had proposed hiring American engineers directly to handle sensitive operations. However, Microsoft deemed this approach too costly and operationally cumbersome on a global scale. Consequently, they rejected the proposal and opted for the low-cost alternative of the “Digital Escorts.”
In essence, this was a cost-saving shortcut that inadvertently plunged US national security into a risk-laden quagmire.
The profound irony lay in the fact that the initial intent of this system was to prevent sensitive information from falling into foreign hands. Yet, due to the inadequate skills of the escorts, they regressed to simple “copy-and-paste” tools. An anonymous escort from Insight Global mentioned that these foreign engineers could easily install backdoor programs in the system unnoticed, allowing unauthorized access. Though such actions may eventually be detected, the damage would likely have already been inflicted by the time of discovery.
Moreover, Microsoft’s Chinese operations themselves posed significant risks. The ProPublica investigation report highlighted that Chinese law grants extensive powers to the Chinese government, enabling them to collect data within China at any time or demand full cooperation from enterprises for investigations. Yale researcher Jeremy Daum explicitly warned that in China, no individual or enterprise could refuse requests from the Chinese national security apparatus.
Upon closer examination, Microsoft’s strategic planning, while shrewd, inadvertently posed chilling risks.
Moving on from the Microsoft “Digital Escorts” controversy, another recent headline garnering attention is the announcement from the US Department of Agriculture of the dismissal of approximately 70 foreign contract researchers. These researchers, primarily from China, Russia, North Korea, and Iran, with the majority being highly educated Chinese scientists holding doctoral degrees, were let go following a rigorous national security review conducted by the USDA.
According to Reuters, these 70 foreign researchers were previously employed by the Agricultural Research Service (ARS) under the USDA. They underwent thorough background checks upon employment and signed official two-year contracts with the USDA. However, following the review, they were directly prohibited from further participation in USDA research projects.
USDA Secretary Brooke Rollins also unveiled a series of stricter measures, comprehensively banning future purchases of American agricultural land by individuals from China, Russia, North Korea, and Iran. Furthermore, all research cooperation projects between the USDA and these countries would be completely terminated.
In recent years, federal agencies in the US have been increasingly stringent in managing research personnel involved in sensitive technologies, particularly those related to strategic competitors. The core objective of these measures is to prevent the outflow of critical technologies and safeguard against sensitive data falling into the hands of foreign governments.
The USDA’s recent action is just a glimpse into the broader spectrum of the US government’s enhanced security measures. It is evident that the US-China confrontation extends beyond traditional military and technological domains, further encompassing agriculture and food security.
Let’s now turn our focus to a significant investigative report from the American think tank, the Center for Strategic and International Studies (CSIS), exposing the rampant espionage activities conducted by the Chinese Communist regime in the US over the past two decades.
The report reveals that since 2000, there have been 224 publicly disclosed cases of Chinese espionage, signifying only the tip of the iceberg. This figure excludes over 1,200 intellectual property theft lawsuits initiated by American companies against China and espionage activities by China in other countries, suggesting even more staggering figures.
Of particular concern is the fact that almost 70% of these 224 cases occurred after Xi Jinping’s ascension to power in 2012. The report explicitly highlights that since Xi’s rise to power, the Chinese Communist intelligence system has significantly strengthened, serving military and political strategic purposes, growing increasingly aggressive.
Analyzing these cases, it is observed that commercial technology theft accounted for 54%, military technology for 29%, while the remaining 17% targeted US government officials and sensitive information directly.
Among these cases, cyber-attacks originating from China were notably prevalent, with 104 exposed cases over the past decade alone. The report emphasizes that China’s threat to US cybersecurity surpasses that of countries like Russia, North Korea, and Iran in severity and persistent nature.
A few illustrative examples underscore the gravity of the issue:
– In 2003, Chinese hackers breached the US Naval China Lake weapons station, pilfering classified data on nuclear weapons tests and stealth aircraft.
– In 2007, sensitive design data of the F-35 stealth fighter jets was stolen by Chinese hackers.
– In 2013, the US Defense Science Board discovered that Chinese hackers had stolen vital weapon design blueprints including those of Patriot missiles, F/A-18 fighters, and Black Hawk helicopters.
Apart from conventional cyber-attacks, Chinese espionage tactics exhibit diverse manifestations. Methods include bribing with money or even using sexual enticements to recruit internal US personnel. At times, they purchase properties in close proximity to US military bases and significant laboratories to monitor intelligence activities firsthand.
The report further highlights that the losses incurred by these espionage activities are incalculable for the US. Commercial technology theft alone results in economic losses amounting to billions of dollars annually, not to mention the long-term threats posed by the leakage of military secrets.
Another detail of the report deserves attention: while many espionage cases involve Chinese citizens, ethnicity is not the sole criterion for identifying espionage activities. Most recruits are individuals holding Chinese passports studying or working in the US, particularly those with relatives back in China, making them susceptible to coercion by the Chinese government. Conversely, very few Chinese-American individuals holding US citizenship are successfully recruited.
Moreover, the report disclosed the following data:
– 49% of cases directly involved Chinese military or government employees.
– 41% of cases involved Chinese citizens.
– 10% of cases involved non-Chinese individuals, primarily Americans recruited by the Chinese government.
The report notes that in 2015, an anti-espionage agreement was signed between the Obama administration and Xi Jinping, restricting China from engaging in commercial espionage activities. Following the agreement’s signing, Chinese espionage activities briefly diminished; however, within a year, they quickly resumed, intensifying even further.
By this point, many readers likely perceive the magnitude of the Chinese espionage threat transcending initial expectations. This prompts us to contemplate: how should the US government fortify itself against such massive infiltration and attacks? And how should Chinese-Americans face this escalating tense situation?
What are your thoughts? Feel free to share in the comments section.
Subscribe to the YouTube channel:
https://www.youtube.com/@tangqingnews
Subscribe to the GJW channel:
https://www.ganjingworld.com/channel/1eiqjdnq7go2ebXA2yTPUSg631de0c