Westover Airmen participate in CYBER YANKEE exercise

  • Published
  • By Lt. Col. Juan Doan
  • 439th Airlift Wing

On June 16 2022, 35 members of the 439th Communications Squadron at Westover Air Reserve Base, Massachusetts traveled to Camp Nett in Niantic, Connecticut, and became the first Airmen from the Air Force Reserve to field an entire Defensive Cyber Operations (DCO) Blue Team in  New England’s regional National Guard CYBER YANKEE Exercise.
Westover ARB deployed a cross-functional team consisting of Airmen from the 439 CS, the 439th Operational Support Squadron, and the 439th Mission Support Group. 
The event has been running annually since 2015 said, U.S. Air Force Lt. Col. Cameron Sprague, Connecticut National Guard exercise director.
“There was a need for a regional New England cyber-exercise due to a lack of available positions in other national cyber exercises for our units,” he said. 
The CYBER YANKEE Exercise provided a joint environment for over 300 Soldiers, Sailors, Coast Guardsmen, Marines and Airmen from Active Duty, Reserve, and National Guard units primarily from the New England region  to hone their cyber capabilities. 
“This is a great joint activity for our Airmen to get exposure to the other [military] services,” remarked U.S. Air Force Chief Master Sgt Rosaline Ratliff, 439th Airlift Wing command chief. 
U.S. Air Force Lt. Col. Javier Rodriguez, 439 MSG deputy commander, participated in the exercise as Westover’s DCO blue team commander. 
“I amazed at how all the Services in the region came together in a grassroots effort to plan, organize and host such a complex and cutting-edge exercise,” said Rodriguez.
32 civilian industry representatives from utility companies across the country also participated in the exercise, bringing additional expertise and preparing military members for real-world scenarios where adversaries seek to damage the critical infrastructure by targeting the networks of public and private sector utility providers. 
During the first week of the exercise, the University of New Haven provided training on topics like digital forensics, network analysis, enterprise security, and incident response. 
The university also hosted a capture-the-flag cyber competition that week, where U.S. Air Force U.S. Air Force Senior Airman Steven Orozco-Ocampo, a 439 CS Airman, won 1st place in the competition
“It was great hands-on experience in a real world simulation; a dream come true for Airmen in cyber,” he said.
The cyber exercise took place in the second week where five DCO blue teams, each of which was assigned to a fictional utility provider, were tasked with responding to indicators of compromise in the utility company’s simulated network. 
Airmen from Westover ARB used the Persistent Cyber Training Environment (PCTE) as their cyber range and worked hand-in-hand with six industry representatives to identify and forensically reconstruct the cyber kill chain of four distinct Advanced Persistent Threat (APT) actors during the intense exercise.  
“It was a great learning event as we definitely experienced the fog of war while defending against multiple attack vectors in a highly contested cyber domain,” said U.S. Air Force Lt. Col. Juan Doan, 439 CS commander. 
The exercise also provided an opportunity for members to interface with Hive-IQ, a cyber command and control system, to communicate, coordinate, and submit Cyber 9-lines on suspicious files, which were routed to and reviewed by US Cyber Command.  
Through the CYBER YANKEE Exercise, the 439 CS demonstrated its mission readiness and initial operational capability (IOC) in the cyber domain. 
“Whether it’s a state or a federal effort, the importance of being prepared to respond to a cyber-incident is paramount,” said U.S. Army Lt. Col. Karmin Ng, Massachusetts National Guard deputy exercise director.