Defense Secretary Pete Hegseth on Wednesday said the Pentagon would no longer allow Chinese nationals to work as coders on Department of Defense (DOD) cloud systems. 

A program previously allowed Chinese developers to work as “digital escorts” in a role modeled by Microsoft, where foreign nationals remain under the supervision of remote U.S. contractors.

Hegseth said the effort “exposed” the department to “unacceptable risks.”

“I mean, if you’re thinking America first and common sense, this doesn’t pass either of those tests. So I initiated an immediate review of this vulnerability, and I want to report our initial findings,” the Defense secretary said in a Wednesday video uploaded to the social platform X. 

“So the use of Chinese nationals to service Department of Defense cloud environments, it’s over,” he added. 

Hegseth said Microsoft would conduct an audit free of taxpayer expenses to uncover any vulnerabilities.

“Additionally, all Department of Defense software vendors will identify and terminate any Chinese involvement in DOD systems,” Hegseth said. 

“It blows my mind that I’m even saying these things in such common sense that we ever allowed it to happen. That’s why we’re attacking it so hard. We expect vendors doing business with the Department of Defense to put U.S. national security ahead of profit maximization,” he continued.

The Defense Secretary said the Department will be shielded from potential cyberattacks.

“Microsoft has terminated the use of any China-based engineering teams for DoD cloud systems and we will continue to collaborate with the US Government to ensure we are meeting their expectations,” a company spokesperson said in a statement to The Hill. 

“We remain committed to providing the most secure services possible to the US government, including working with our national security partners to evaluate and adjust our security protocols as needed,” they added. 

Pentagon officials said they did not know Microsoft had enlisted a “digital escort” program. 

“Literally no one seems to know anything about this, so I don’t know where to go from here,” Deven King, spokesperson for the Defense Information Systems Agency, told ProPublica in July.

Others said measures being used by escorts are based on the honor system without policies to mitigate national security threats.

“We’re trusting that what they’re doing isn’t malicious, but we really can’t tell,” one escort who agreed to speak on condition of anonymity, fearing professional repercussions, told ProPublica.

Hegseth said both the Microsoft audit and a separate investigation were launched to reveal malware and associated risks.

“We’ve issued a formal letter of concern to Microsoft documenting this breach of trust, and we’re requiring a third-party audit of Microsoft’s digital escort program, including the code and the submissions by Chinese nationals. … I’m also tasking the Department of Defense experts with a separate investigation of the digital escort program and the Chinese Microsoft employees that were involved in it,” Hegseth said Wednesday.

“These investigations will help us determine the impact of this digital escort workaround. Did they put anything in the code that we didn’t know about? We’re going to find out,” he added.

Updated at 5:42 p.m.