NY Army Guard's Cyber Protection Team 173 Conducts Cyber Defense Exercise Against Simulated Threat

Severity: Low (Score: 36.7)

Sources: Army.Mil, Dvidshub

Summary

From February 23 to 26, 2026, the New York Army National Guard's Cyber Protection Team 173 engaged in a simulated cyber defense exercise at the Kingston Armory. The exercise involved defending against a simulated threat actor executing a blended cyber operation targeting an electrical utility. The Soldiers utilized the U.S. Cyber Command’s Persistent Cyber Training Environment to replicate real-world cyber challenges. Attackers conducted reconnaissance to identify security weaknesses and executed credential harvesting to gain unauthorized access to systems. The mission for CPT 173 included identifying the breach, closing vulnerabilities, and eliminating malware, specifically ransomware. Thirty-four Soldiers participated in the exercise, which highlighted the importance of cybersecurity for critical infrastructure. The FBI reported significant ransomware attempts in 2024, emphasizing the ongoing threat to utilities and healthcare organizations. Members of CPT 173 leverage their civilian cybersecurity expertise to enhance their military mission. Key Points: • CPT 173 conducted a cyber defense exercise against a simulated threat actor targeting utilities. • The exercise utilized the U.S. Cyber Command’s Persistent Cyber Training Environment. • Credential harvesting and ransomware were key attack methods simulated during the exercise.

Key Entities

• Malware (attack_type)
• Ransomware (attack_type)
• Healthcare (industry)
• T1003 - OS Credential Dumping (mitre_attack)
• T1486 - Data Encrypted for Impact (mitre_attack)