Owing to their flexibility and rapid response, grid-connected distributed energy resources (DERs) are wielding growing influence in frequency regulation markets (FRMs). Nevertheless, compared with conventional large-scale generators, small-scale DERs are usually weakly shielded by cyber security measures. This offers attackers the opportunity of disrupting the clearing and settlement of FRMs by manipulating the bid information of DERs. In this paper, the frequency regulation market equilibrium is studied considering the dynamic gaming between attackers and defenders, both of which need the knowledge of FRMs for their interventions. Specifically, a tri-level programming model characterizing the attacker–defender–operator (ADO) interdiction problem in FRMs is developed and then analyzed using a column and constraint generation algorithm, thereby achieving market equilibrium representing the defender's best response to the attacker. The defense strategy in the market equilibrium can attenuate the negative influence of cyber attacks upon the FRMs to the maximum extent. Finally, based on the operating rules of the California Independent System Operator, the FRM process considering the ADO interdiction is simulated and the numerical equilibrium results are presented.