US Army Raises Security Concerns Over Next-Gen Command Platform Prototype: Report

A US Army memo has flagged several security and oversight concerns in the Next Generation Command and Control (NGC2) platform prototype, Reuters reported.

The evaluation follows a nearly $100-million contract awarded to defense contractor Anduril to develop the system, in partnership with Palantir, Microsoft, and several smaller firms.

The memo was part of a broader review to identify and mitigate cybersecurity vulnerabilities in NGC2, which is designed to connect soldiers, sensors, vehicles, and commanders through real-time data sharing.

The system allows troops to access planning tools, data models, and communication apps from anywhere in the field using wireless tablets.

Gabrielle Chiulli, the US Army chief technology officer, described the prototype as “very high risk” due to the possibility of undetected adversary access.

The memo also noted that any authorized user could access all applications and data, regardless of clearance level or operational need, raising the risk of sensitive information being misused without traceability.

Additionally, some third-party applications within the platform had not been fully assessed under army security standards. 

One showed 25 high-severity code vulnerabilities, while three others under review contained more than 200 each.

NGC2

NGC2 is part of the US Army’s broader push toward open architecture, continuous testing, and iterative updates to integrate emerging technologies such as artificial intelligence and improve operational resilience.

Validated during the Project Convergence Capstone 5 exercise earlier this year, NGC2 was tested in realistic scenarios by an operational battalion and higher headquarters.

Soldiers reported faster communications, reduced equipment footprint, and improved data sharing across combat functions, allowing commanders to make better-informed tactical decisions.