Pentagon Terminates Digital Escorts Program Involving Chinese Nationals Amid Joint Advisory on State-Sponsored Cyber Threats
The program, intended to support cloud maintenance, had operated until revelations in 2025 prompted action.
UNITED STATES — Defense Secretary Pete Hegseth announced the termination of a decade-old Microsoft program that permitted Chinese nationals, under remote supervision by U.S. contractors, to contribute to sensitive Department of Defense cloud systems.
The decision followed an internal review initiated upon discovering the program's existence, which exposed the department to security risks despite compliance with contracting regulations. Hegseth described the move in terms of national security priorities. The program, intended to support cloud maintenance, had operated until revelations in 2025 prompted action.
The review's initial findings confirmed the program's vulnerabilities, leading to its halt. A formal letter of concern was issued to Microsoft, documenting concerns regarding trust and demanding a third-party audit of all code and submissions involving Chinese nationals.
According to Hegseth, this audit would be conducted without charge to U.S. taxpayers. Additionally, an internal investigation will assess any potential negative impacts on DOD cloud systems from the program's participants.
Related Cybersecurity Advisory
A joint cybersecurity advisory released on August 27, 2025, by U.S. agencies including the NSA, CISA, FBI, and international partners, details Chinese state-sponsored actors compromising networks worldwide for espionage.
The advisory identifies actors using names like Salt Typhoon, OPERATOR PANDA, RedMike, UNC5807, and GhostEmperor, targeting telecommunications, transportation, lodging, and military infrastructure.
These operations involve exploiting routers and networks to maintain persistent access, linked to Chinese companies such as Sichuan Juxinhe Network Technology Co. Ltd., Huanyu Tianqiong Information Technology Co., Ltd., and Sichuan Zhixin Ruijie Network Technology Co., Ltd.
The advisory provides mitigation guidance, including hunting for malicious activity and applying TTPs to reduce risks. It notes overlaps with industry reporting on APT actors observed since 2021.
This context highlights broader concerns about Chinese cyber activities, which align with the risks cited in the Pentagon's program termination on the same day.
No direct link between the advisory's specific actors and the Microsoft program is stated, but the timing and focus on network compromises underscore related security issues.
Program Background and Risks:
Keep reading with a 7-day free trial
Subscribe to The Standeford Journal - News, Intel Analysis to keep reading this post and get 7 days of free access to the full post archives.