Signage for Palantir is seen during the Association of the United States Army yearly gathering and exposition astatine the Walter E. Washington Convention Center successful Washington connected Oct. 14, 2024.
Nathan Howard | Reuters
The much-needed modernization of the U.S. Army's battlefield communications web being undertaken by Anduril, Palantir and others is rife with "fundamental security" problems and vulnerabilities, and should beryllium treated arsenic a "very precocious risk," according to a caller interior Army memo.
The 2 Silicon Valley companies, led by allies of U.S. President Donald Trump, person gained entree to the Pentagon's lucrative travel of contracts connected the committedness of rapidly providing little costly and much blase weapons than the Pentagon's longstanding arms providers.
But the September memo from the Army's main exertion serviceman astir the NGC2 level that connects soldiers, sensors, vehicles and commanders with real-time information paints a bleak representation of the archetypal product.
"We cannot power who sees what, we cannot spot what users are doing, and we cannot verify that the bundle itself is secure," the memo says.
Palantir and Anduril did not remark for this story.
The assessment, seen by Reuters and archetypal reported by Breaking Defense, comes conscionable months aft defence drone and bundle shaper Anduril was awarded a $100 cardinal to make a prototype of NGC2 with partners including Palantir, Microsoft and respective smaller contractors.
The Army should dainty the NGC2 prototype mentation arsenic “very precocious risk” due to the fact that of the “likelihood of an adversary gaining persistent undetectable access," wrote Gabrielle Chiulli, the Army main exertion serviceman authorizing official.
Despite the aboriginal September memo's scathing critique, Leonel Garciga, Army main accusation serviceman and Chiulli's supervisor, said successful a connection to Reuters that the study was portion of a process that helped successful "triaging cybersecurity vulnerabilities" and mitigating them.
In March, the 4th Infantry Division utilized the strategy successful live-fire artillery grooming astatine Fort Carson, Colorado, successful an workout Anduril described arsenic demonstrating faster and much reliable show than bequest systems.
The Army memo identifies immoderate large information gaps.
The study says the strategy allows immoderate authorized idiosyncratic to entree each applications and information careless of their clearance level oregon operational need. As a result, "Any idiosyncratic tin perchance entree and misuse sensitive" classified information, the memo states, with nary logging to way their actions.
Other deficiencies highlighted successful the memo see the hosting of third-party applications that person not undergone Army information assessments. One exertion revealed 25 high-severity codification vulnerabilities. Three further applications nether reappraisal each incorporate implicit 200 vulnerabilities requiring assessment, according to the document.
English (US) ·