NIANTIC, Conn. – The Connecticut National Guard is hosting Cyber Yankee 2026, the National Guard’s premier annual regional cyber training exercise, at Camp Nett, May 4–15, training military and utility company cyber experts on cyber threat responses.

Started in 2015, Cyber Yankee partners military cyber warriors with cyber experts from local utility companies to collaborate and train together on responding to credible cyber threats targeting critical infrastructure assets.

"Cyber Yankee puts real operators from the Guard, federal agencies and private utilities in the same room, working the same problem, before a real attack forces that meeting," said Maj. Gen. Francis J. Evon Jr., the adjutant general and commander of the Connecticut National Guard. "Gas, water and electric systems do not defend themselves. It takes a skilled team that knows how to work together to keep us safe. That’s what this exercise is all about."

The two-week exercise begins with a week of classroom training, followed by a week of tactical-level defense cyber operations exercises. These exercises split participants into groups: blue groups are military personnel, orange groups are civilian partners and red groups are malicious actors such as hackers, hacktivists or foreign state actors.

What makes Cyber Yankee unique, compared to other military cyber events, such as Cyber Shield, is that this event focuses on civilian infrastructure such as natural gas, electricity and water, rather than Department of War infrastructure, such as its computer network.

During the exercise, red groups will actively attempt to infiltrate the infrastructure to cause harm. It’s the responsibility of the orange and blue teams to put mitigations in place to prevent these actors from gaining access, to identify breaches when they occur and to respond to breaches to prevent damage to critical infrastructure.

“There are credible threats to the United States critical infrastructure,” said Air Force Col. Cameron Sprague, the Connecticut National Guard’s cyber operations officer and director of Cyber Yankee 2026. “Unfortunately, there are threats to the United States that seek to use cyber means to degrade or deny us those industries, or at least be prepared to do that in the event of a conflict with us. Cyber Yankee is all about being able to defend ourselves against that.”

Since Cyber Yankee's inception, the exercise has grown significantly. The first iteration of Cyber Yankee, held in Massachusetts, featured about 100 participants split into two teams – one from Massachusetts and one from Connecticut.

This year’s event, the twelfth iteration, has six teams and more than 360 personnel participating, including service members from the National Guard in Maine, Massachusetts, New Hampshire, New Jersey, New York, Rhode Island and Tennessee. It also includes representatives from the Marine Corps, Space Force, Coast Guard and international partners from the Department of War National Guard Bureau State Partnership Program, including Cyprus, Brazil, El Salvador, Kenya, Paraguay, Uruguay, Canada and Sweden.

Local, state and other civilian participants include 10 private industry companies, the Department of Homeland Security, the Cybersecurity and Infrastructure Security Agency, the Department of Energy and the Commonwealth of Massachusetts.

“Cyber is a team sport,” Sprague said. “It’s all about collaboration, and if the event happens where we’re attacked by a nation state against our critical infrastructure and services are taken down, we’ll need to work together to restore and defend them.”

As our society becomes increasingly dependent on digital assets for everyday functions, cyberattacks inevitably pose a greater threat. The training at Cyber Yankee helps our cyber warriors combat these threats in real time.

One example was a ransomware attack against the city of Hartford, Connecticut, in September 2020. A hacker disrupted critical systems in the city’s school system, causing delays that had a ripple effect on many families’ daily routines.

As a result of this attack, the Connecticut National Guard’s cyber team was activated. In conjunction with the City of Hartford, the threat was isolated and ultimately fixed. This attack exposed several vulnerabilities in the city’s cybersecurity. However, the training from Cyber Yankee allowed the Guard team to remain calm and focused during this high-stress event and deliver results.

Although Cyber Yankee’s proven track record of success has laid the foundation for this exercise to grow into something much larger than it already is, Sprague said one of its greatest strengths is its limited size and focus on regionality and building relationships with cyber teams and industry experts who’ll actually work together in the event of a serious cyber incident.