PEMBROKE, N.H. – The New Hampshire National Guard hosted Cyber Yankee 2020, a regional exercise to provide cyber responders a virtual range to train and test their skills against cyberattacks, at the Edward Cross Training Center July 21–31.
Military representatives from Guard, Reserve, and active-duty components participated, as did partners from various local, state and federal agencies.
“Cyber Yankee is primarily a hands-on keyboard cyber incident response exercise for National Guard Soldiers and Airmen in FEMA Region 1, which are the six New England states,” said Lt. Col. Woody Groton, exercise director. “We also work with critical infrastructure, so various utilities, primarily from the electrical and the water industry.”
Among the participating utilities were Avangrid, Eversource, ISO New England, National Grid, The Massachusetts Water Resource Authority, The Metropolitan District, and Unitil, Groton said.
This marked the sixth year of the exercise and the second one hosted by the NHNG. Though on-site attendance was down this year due to COVID-19, more than 200 players participated.
The event was broken down into four targeted groups, or “Blue Teams,” comprising mission partners from across New England. A “Red Cell” barraged blue teams with myriad cyberattacks, while a “White Cell” regulated and assessed event operations.
Capt. Nathaniel Richter, a cyber operations officer for the 157th Air Refueling Wing, Pease ANG Base, outlined his Blue Team 1’s defensive strategy.
“Identify, protect, detect, respond and recover – those separate functions relate to the different types of activities we’re doing,” he said. “The entire sequence is all cyclical in that we will be running different parts of the system at different times, depending on what is happening in different parts of the network.”
Capt. Christopher Qubeck, of the Massachusetts Air Guard’s 202nd Intelligence Support Squadron, spearheaded Red Cell’s network attacks.
“As the Red Team, we’re playing the part of the bad guys,” Qubeck said. “We go into their virtual network and kind of wreak havoc on them. So we will go in and inject exploits and different types of hacks into their network, and hopefully, they catch it and are able to mitigate it.”
Richter spoke of the challenges his young team faced combating Red Team’s onslaught of attacks.
“It can very much be a steep learning curve,” he said. “Most of our personnel are information technology professionals, but they’re not necessarily cybersecurity professionals. So they are related skill sets and there is a lot of crossover.”
Groton said the challenges participants faced in Cyber Yankee enhance readiness against an ever-increasing number of attacks.
“Cybersecurity, especially in critical infrastructure and state government, is a huge issue right now,” Groton said. “You can see it in the news every day. Ransomware attacks are on the rise; loss of data, loss of intellectual property. It’s hard to keep up with the adversary.”
“We’ve also, in the last several years, seen significant uptick in cyberattacks and attempted cyberattacks against the electrical industry and water,” he added. “By training on this ahead of time, we’re better prepared in case of an actual incident.”
In addition to the training, important partnerships were fostered during the two-week exercise.
“It’s about developing relationships with other states so that everyone is familiar with each other so that if they do get a call to assist, you’re not beginning from nothing,” Richter said. “You have some familiarity with the personnel and how they do business.”
“The adjutant general talks about building enduring partnerships,” he said. “Well, six years of Cyber Yankee, we have done that. We have built enduring partnerships with state government and the critical infrastructure segment.”