Security Incidents
Occured in 2010 and is one of the most famous cyber-physical attacks that has ever occurred; this attack was performed by a computer worm that This attack was caused by a computer worm that targeted an Iranian nuclear plant.
What is Stuxnet?
A cyber security concept that relates to the secrecy of data? (i.e, ensuring that only authorized users have access to the data)
What is confidentiality?
A type of attack that is intended to disrupt an authorized users access to a particular network or service.
What is a DoS?
The default action of a system is to deny access. If a task is unable to completed, undo everything. Name this principle.
What is Fail-Safe Defaults?
A premier intern institute for growing R&D cybersecurity staff members for national security.
What is the Center for Cyber Defenders (CCD)?
Occurred in 2014 and was a highly dangerous spear phishing attack in which the attackers gained complete access to the plant’s networks resulting in physical damages.
What is the German steel mill attack?
A cyber security concept that relates to the correctness of data and its source. (i.e. ensuring that the data is unaltered and comes from the authorized user that it says it is from)
What is Integrity?
Malicious software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system.
What is malware?
Strength of security should not depend on secrecy of
design or implementation (or configuration). Name this principle.
What is Open Design?
The year Sandia National Labs was founded
What is the year of 1948?
Occurred in 2021, and involved an attacker adjusting the levels of sodium hydroxide at a water treatment plant.Name the state in which the attacker targeted.
What is Florida?
A cyber security concepts that relates to keeping your systems in a state such that data and/or services are always accessible by authorized users.
What is availabilty?
When a perpetrator positions himself in a conversation between a user and an application—either to eavesdrop, impersonate, or steal information.
What is a Man-In-The-Middle Attack (MITM)?
Computer mechanisms or resources should not be shared among amoung users or groups. Name this principle.
What is Least Common Mechanism?
The mascot of the CCD program.
What is a penguin?
The attackers hacked the US colonial pipeline using this attach technique.
What is by using a compromised password and VPN account?
Overly complicated systems aren't always the best option because they are difficult to work on and have many points of failure. This is a concept aimed at creating systems without all of the complication.
What is Keep it Simple?
This form of attack is used to manipulate people into divulging sensitive data about themselves to the attackers.
What is social engineering?
A user, application, or service should only be given privileges necessary to complete its task. Name this principle.
What is Least Privilege?
Sandia’s researcha efforts in cybersecurity are focused in three broad areas. Name two of them.
What is trusted hardware, software and systems; networks and systems architectures and analysis; effective cyber defense systems?
Is a form of malware that targeted industrial control systems; it compromised such systems as SCADA, PLC, and DCS and infected hundreds of business computers in the energy sector.
What is the Havex/Dragonfly?
A cyber security concept that is meant to make you think about a problem from the malicious user’s perspective.
What is Think like an Adversary?
For a XSS attack, the attacker injects this into a website's database or browser to run a malicious script.
What is a payload?
Multiple conditions must be met in order to grant privilege or access. Name this principle.
What is separation of privilege?
Name all four of Sandia's main job sites
What is lab sites in Albuquerque, NM and Livermore, CA, and test sites at Tonopah Test Range, NV and the Kauai Test Facility, HI?