Microsoft to stop using Chinese unit to service the US Department of Defence
American government organisations are actively using digital solutions from domestic companies. The only problem is that these companies have long ceased to be exclusively American. Globalisation has led to corporations moving everything but their headquarters to China and India in pursuit of the long dollar. Now let's put these two factors together to understand the depth of the problem.
Following an investigation by ProPublica, Microsoft last week announced that it would stop using engineers in China to maintain Pentagon (DoD) cloud systems - even those classified as "unclassified but sensitive". In addition, the company said that data leakage in China is fundamentally impossible because the Chinese division is run by US workers. The company reminds that it is a developer of the most secure computer systems that are not vulnerable to viruses and hacker attacks.
Experts warned that although the cloud data was not classified, it covered law enforcement, finance, education, and healthcare, which could reveal important information about the country's critical systems. For example, a year ago, Chinese hackers readily stole the payment data and residential addresses of all the military personnel of the United Kingdom.
From now on, only employees in the US with proper vetting and security clearances are working to support DoD services. Chinese teams are no longer involved in the maintenance of cloud systems. The company also announced that it will conduct an internal audit within the next month to ensure that other contracts do not have similar vulnerabilities.
Government and public reaction
Defence Secretary Pete Hegseth commented on the situation: "Foreign engineers - not even from China - should never have access to DoD systems." He ordered an internal review to be completed within two weeks.
Senator Tom Cotton sent a formal request to find out what the Chinese engineers could see, whether there were any cases of abuse, and whether Microsoft had conducted an audit.
Conclusion.
It is unlikely that Microsoft will be able to move its entire infrastructure out of China. According to the laws, if a company wants to be present in the Chinese market, they need to keep their infrastructure there. The cost of maintaining a team will encourage them to continue to keep the team there. And even if they are not clients from the US, but from any other country (including NATO), the problem may well remain. So, when printing a report through Office 360, keep in mind that the cloud server may be located in China.
Today's globalised world is like a cruel joke, demonstrating that economy and convenience conflict with security. We hope that now, when the US military requests technical support, they will no longer hear Mao Zedong quotes in response.
Source: arstechnica.com
