WASHINGTON

Pentagon chief Pete Hegseth responded swiftly Friday to concerns raised by Sen. Tom Cotton about reports that Microsoft has been using engineers in China to maintain US Department of Defense (DoD) systems.

"Spot on Senator. Agree fully. Our team is already looking into this ASAP," Hegseth wrote on X.

"Foreign engineers — from any country, including of course China — should NEVER be allowed to maintain or access DoD systems," he added.

Following media reports that engineers in China are maintaining DOD computer systems under a contract with Microsoft, the Republican senator formally requested that the Pentagon investigate.

"Chinese state-sponsored hacking campaigns have long targeted U.S. officials through Microsoft systems. Now Microsoft is allegedly relying on U.S. citizens serving as 'digital escorts' to supervise these Chinese engineers' activities on DoD systems," Cotton wrote to Hegseth.

Cotton said the US recognizes that China's cyber capabilities pose "one of the most aggressive and dangerous" threats to the country. "DoD must guard against all potential threats within its supply chain, including those from subcontractors.”

The senator asked Hegseth to provide a list of contractors that hire Chinese personnel to provide maintenance or services on DoD systems.

Microsoft to stop relying on Chinese engineers for Pentagon cloud support

Microsoft updated its policies Friday to prevent China-based engineers from offering technical support to US defense clients.

“In response to concerns raised this week about US-supervised foreign engineers, Microsoft made changes to its support for US Government customers to assure that no China-based engineering teams are providing technical assistance for DoD Government cloud and related services.

"We remain committed to providing the most secure services possible to the US government, including working with our national security partners to evaluate and adjust our security protocols as needed," Frank Shaw, Microsoft’s chief communications officer, wrote on X.

Hegseth said separately that the Pentagon was alerted earlier this week to a “potential vulnerability” in DoD computer systems

"We've been checking into it ever since it turns out that some tech companies have been using cheap Chinese labor to assist with DoD cloud services. This is obviously unacceptable, especially in today's digital threat environment," Hegseth said in a video message.

He emphasized that immediate steps were being taken to ensure the security and integrity of the military’s digital infrastructure.

"Today, I'm announcing that China will no longer have any involvement whatsoever in our cloud services. Effective immediately and at my direction, the department will also initiate as fast as we can, a two week review or faster to make sure that what we uncovered isn't happening anywhere else across the DOD," he said as he signed the memo.