WASHINGTON — National Guard teams from across New England partnered with other military services and the private sector to practice fending off cyberattacks and dealing with their fallout.
The annual Cyber Yankee exercise, held June 5-18 at Camp Nett in Connecticut, provided participants with valuable insights and tactical experience that can now be applied in the real world, where digital attacks on critical infrastructure and commerce are increasingly common, according to Guard officials.
Cyberattacks on U.S. critical infrastructure are on the rise. Ransomware attacks in 2021 jeopardized information and control at companies including JBS, the world’s largest meat producer, and the Colonial Pipeline, which ferries refined products from Texas to New Jersey and provides a little less than half of the fuel used on the East Coast. In March, Bradley International Airport in Connecticut was hit by a distributed denial of service attack that aimed to knock its website offline.
“Cyber Yankee is an exercise that helps cyber operators develop experience in the field,” Staff Sgt. John Young, a member of the Connecticut National Guard, said in a statement. “What you get is the ability for cyber operators to see what kind of threats are out there, how they can mitigate those threats in a cyber environment, as well as getting experience collaborating with industry partners in critical fields for not just Connecticut, but other states.”
Now in its eighth year, Cyber Yankee pits defenders, known as blue teams, against red team attackers in a set of realistic events and replicated networks using the Persistent Cyber Training Environment.
Last year’s Cyber Yankee event involved simulated hacks that paralyzed West Coast utilities and rattled the Northeast. In 2020, participants had to protect computer files from theft or manipulation and sift through the din of social media to identify threats.
The Guard is becoming somewhat of first responder to major cyberattacks, tasked at the state and local level with repairing networks, battling back intruders and putting into play resources a small municipality or utility might not have available.
Lt. Col. Karmin Ng, the deputy exercise director and member of the Massachusetts National Guard, in a statement described Cyber Yankee as “one of the most diverse,” wide-ranging and effective trainings available. The Marine Corps and Coast Guard, among other branches, took part this year.
“Whether it’s a state or a federal effort,” Ng said, “the importance of being prepared to respond to a cyber incident is paramount.”
Colin Demarest is a reporter at C4ISRNET, where he covers military networks, cyber and IT. Colin previously covered the Department of Energy and its National Nuclear Security Administration — namely Cold War cleanup and nuclear weapons development — for a daily newspaper in South Carolina. Colin is also an award-winning photographer.