propublica.org - Microsoft announced that Chinese state-sponsored hackers had exploited vulnerabilities in its popular SharePoint software but didn’t mention that it has long used China-based engineers to maintain the product.
ast month, Microsoft announced that Chinese state-sponsored hackers had exploited vulnerabilities in SharePoint, the company’s widely used collaboration software, to access the computer systems of hundreds of companies and government agencies, including the National Nuclear Security Administration and the Department of Homeland Security.

The company did not include in its announcement, however, that support for SharePoint is handled by a China-based engineering team that has been responsible for maintaining the software for years.

ProPublica viewed screenshots of Microsoft’s internal work-tracking system that showed China-based employees recently fixing bugs for SharePoint “OnPrem,” the version of the software involved in last month’s attacks. The term, short for “on premises,” refers to software installed and run on customers’ own computers and servers.

Microsoft said the China-based team “is supervised by a US-based engineer and subject to all security requirements and manager code review. Work is already underway to shift this work to another location.”

It’s unclear if Microsoft’s China-based staff had any role in the SharePoint hack. But experts have said allowing China-based personnel to perform technical support and maintenance on U.S. government systems can pose major security risks. Laws in China grant the country’s officials broad authority to collect data, and experts say it is difficult for any Chinese citizen or company to meaningfully resist a direct request from security forces or law enforcement. The Office of the Director of National Intelligence has deemed China the “most active and persistent cyber threat to U.S. Government, private-sector, and critical infrastructure networks.”

ProPublica revealed in a story published last month that Microsoft has for a decade relied on foreign workers — including those based in China — to maintain the Defense Department’s cloud systems, with oversight coming from U.S.-based personnel known as digital escorts. But those escorts often don’t have the advanced technical expertise to police foreign counterparts with far more advanced skills, leaving highly sensitive information vulnerable, the investigation showed.

ProPublica found that Microsoft developed the escort arrangement to satisfy Defense Department officials who were concerned about the company’s foreign employees, and to meet the department’s requirement that people handling sensitive data be U.S. citizens or permanent residents. Microsoft went on to win federal cloud computing business and has said in earnings reports that it receives “substantial revenue from government contracts.” ProPublica also found that Microsoft uses its China-based engineers to maintain the cloud systems of other federal departments, including parts of Justice, Treasury and Commerce.

In response to the reporting, Microsoft said that it had halted its use of China-based engineers to support Defense Department cloud computing systems, and that it was considering the same change for other government cloud customers. Additionally, Defense Secretary Pete Hegseth launched a review of tech companies’ reliance on foreign-based engineers to support the department. Sens. Tom Cotton, an Arkansas Republican, and Jeanne Shaheen, a New Hampshire Democrat, have written letters to Hegseth, citing ProPublica’s investigation, to demand more information about Microsoft’s China-based support.

Microsoft said its analysis showed that Chinese hackers were exploiting SharePoint weaknesses as early as July 7. The company released a patch on July 8, but hackers were able to bypass it. Microsoft subsequently issued a new patch with “more robust protections.”

The U.S. Cybersecurity and Infrastructure Security Agency said that the vulnerabilities enable hackers “to fully access SharePoint content, including file systems and internal configurations, and execute code over the network.” Hackers have also leveraged their access to spread ransomware, which encrypts victims’ files and demands a payment for their release, CISA said.

cetas.turing.ac.uk/ Research Report
As AI increasingly shapes the global economic and security landscape, China’s ambitions for global AI dominance are coming into focus. This CETaS Research Report, co-authored with Adarga and the International Institute for Strategic Studies, explores the mechanisms through which China is strengthening its domestic AI ecosystem and influencing international AI policy discourse. The state, industry and academia all play a part in the process, with China’s various regulatory interventions and AI security research trajectories linked to government priorities. The country’s AI security governance is iterative and is rapidly evolving: it has moved from having almost no AI-specific regulations to developing a layered framework of laws, guidelines and standards in just five years. In this context, the report synthesises open-source research and millions of English- and Chinese-language data points to understand China’s strategic position in global AI competition and its approach to AI security.

This CETaS Research Report, co-authored with the International Institute for Strategic Studies (IISS) and Adarga, examines China’s evolving AI ecosystem. It seeks to understand how interactions between the state, the private sector and academia are shaping the country’s strategic position in global AI competition and its approach to AI security. The report is a synthesis of open-source research conducted by IISS and Adarga, leveraging millions of English- and Chinese-language data points.

Key Judgements
China’s political leadership views AI as one of several technologies that will enable the country to achieve global strategic dominance. This aligns closely with President Xi’s long-term strategy of leveraging technological revolutions to establish geopolitical strength. China has pursued AI leadership through a blend of state intervention and robust private-sector innovation. This nuanced approach challenges narratives of total government control, demonstrating significant autonomy and flexibility within China’s AI ecosystem. Notably, the development and launch of the DeepSeek-R1 model underscored China's ability to overcome significant economic barriers and technological restrictions, and almost certainly caught China’s political leadership by surprise – along with Western chip companies.

While the Chinese government retains ultimate control of the most strategically significant AI policy decisions, it is an oversimplification to describe this model as entirely centrally controlled. Regional authorities also play significant roles, leading to a decentralised landscape featuring multiple hubs and intense private sector competition, which gives rise to new competitors such as DeepSeek. In the coming years, the Chinese government will almost certainly increase its influence over AI development through closer collaboration with industry and academia. This will include shaping regulation, developing technical standards and providing preferential access to funding and resources.

China's AI regulatory model has evolved incrementally, but evidence suggests the country is moving towards more coherent AI legislation. AI governance responsibilities in China remain dispersed across multiple organisations. However, since February 2025, the China AI Safety and Development Association (CnAISDA) has become what China describes as its counterpart to the AI Security Institute. This organisation consolidates several existing institutions but does not appear to carry out independent AI testing and evaluation.

The Chinese government has integrated wider political and social priorities into AI governance frameworks, emphasising what it describes as “controllable AI” – a concept interpreted uniquely within the Chinese context. These broader priorities directly shape China’s technical and regulatory approaches to AI security. Compared to international competitors, China’s AI security policy places particular emphasis on the early stages of AI model development through stringent controls on pre-training data and onerous registration requirements. Close data sharing between the Chinese government and domestic AI champions, such as Alibaba’s City Brain, facilitates rapid innovation but would almost certainly encounter privacy and surveillance concerns if attempted elsewhere.

The geographical distribution of China's AI ecosystem reveals the strategic clustering of resources, talent and institutions. Cities such as Beijing, Hangzhou and Shenzhen have developed unique ecosystems that attract significant investments and foster innovation through supportive local policies, including subsidies, incentives and strategic infrastructure development. This regional specialisation emerged from long-standing Chinese industrial policy rather than short-term incentives.

China has achieved significant improvements in domestic AI education. It is further strengthening its domestic AI talent pool as top-tier AI researchers increasingly choose to remain in or return to China, due to increasingly attractive career opportunities within China and escalating geopolitical tensions between China and the US. Chinese institutions have significantly expanded domestic talent pools, particularly through highly selective undergraduate and postgraduate programmes. These efforts have substantially reduced dependence on international expertise, although many key executives and researchers continue to benefit from an international education.

Senior scientists hold considerable influence over China’s AI policymaking process, frequently serving on government advisory panels. This stands in contrast to the US, where corporate tech executives tend to have greater influence over AI policy decisions.

Government support provides substantial benefits to China-based tech companies. China’s government actively steers AI development, while the US lets the private sector lead (with the government in a supporting role) and the EU emphasises regulating outcomes and funding research for the public good. This means that China’s AI ventures often have easier access to capital and support for riskier projects, while a tightly controlled information environment mitigates against reputational risk.

US export controls have had a limited impact on China’s AI development. Although export controls have achieved some intended effects, they have also inadvertently stimulated innovation within certain sectors, forcing companies to do more with less and resulting in more efficient models that may even outperform their Western counterparts. Chinese AI companies such as SenseTime and DeepSeek continue to thrive despite their limited access to advanced US semiconductors.

Sophos X-Ops unveils five-year investigation tracking China-based groups targeting perimeter devices