Slashdot: Pentagon Halts Chinese Coders Affecting DOD Cloud Systems

Aug 29, 2025

—

Source URL: https://tech.slashdot.org/story/25/08/29/1928258/pentagon-halts-chinese-coders-affecting-dod-cloud-systems
Source: Slashdot
Title: Pentagon Halts Chinese Coders Affecting DOD Cloud Systems

Feedly Summary:

AI Summary and Description: Yes

Summary: The Pentagon has terminated a Microsoft program that permitted Chinese coders to work on sensitive Department of Defense (DOD) cloud systems under U.S. supervision. This decision was made due to concerns about unacceptable risks associated with foreign involvement in critical U.S. infrastructure.

Detailed Description: The announcement by Defense Secretary Pete Hegseth reflects an increasing scrutiny of foreign participation in systems handling sensitive national security data, particularly in the context of cloud computing. Key points include:

– **Halting of the Program**: The long-standing Microsoft initiative, which allowed remote Chinese coders to work under U.S. contractor supervision, has been discontinued.
– **Risk Assessment**: Hegseth highlighted that the program posed “unacceptable risk” to national security, underscoring the importance of stringent checks in defense technology partnerships.
– **Immediate Review Initiated**: Upon discovering the program, an immediate review was ordered to evaluate its implications and regulatory compliance.
– **Breaches of Trust**: DOD has formally addressed Microsoft regarding concerns about trust breaches due to the program’s foreign involvement.
– **Third-Party Audit Requirement**: A third-party audit of the program’s operations has been mandated to assess the potential impact of the work done by Chinese programmers, aimed at ensuring the integrity of the code and submissions.

The situation emphasizes the growing importance of national security in cloud computing and the need for strict compliance and oversight in defense contracts, particularly those involving foreign nationals. This incident contributes to ongoing discussions about safeguarding sensitive information in a globally interconnected digital environment, aligning with data sovereignty and governance regulations. Security professionals are reminded of the implications of employing foreign entities in critical operations, highlighting the necessity for robust risk management strategies.

1 2 5 a Act age AI All alt and art as assessment at ated audit breach breaches by C CERN Chinese Chinese coders CI CIA Cloud cloud computing cloud systems co code compliance Computing concerns Context contract contracts critical D data data sovereignty de decision defense defense technology Department of Defense Department of Defense (DoD) digital digital environment DoD DoT e environment for foreign entities foreign involvement foreign nationals g Gen git glob Global Go governance gs H handling high Highlight http HTTPS impact implications in incident information infrastructure integrity inter io Iron k Key l led Li long low M made man management management strategies media Micro Microsoft mission N nation national security NGO no o of on one ons operation operations ory oS out over oversight partners partnership partnerships party Pentagon per point potential pro professionals programmers ps Q R rate RCE re red Regulation regulations regulatory regulatory compliance remote review Risk Risk Assessment risk management risk management strategies risks Ro row Rust s safe sec security security data security professionals sensitive information seth Sig size sizes SoC source sovereignty SSE SSO strategies system systems T tech technology technology partnerships ted text the third third-party to Tor TP trust U.S. U.S. infrastructure UI unacceptable risk under up US V val Vision Wi x z