Logic bombs are programs that lie dormant until a specific piece of program logic is activated. Logical bombs are deployed for a variety of reason some of which are more,,legitimate" than others. One nightmare scenario for a company would be that of a logical bomb being planted in the software that the company ships to customers.
Logic bombs are programs that lie dormant until a specific piece of program logic is activated. Logical bombs are deployed for a variety of reason some of which are more,,legitimate" than others. One nightmare scenario for a company would be that of a logical bomb being planted in the software that the company ships to customers.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPTX, PDF, TXT or read online from Scribd
Logic bombs are programs that lie dormant until a specific piece of program logic is activated. Logical bombs are deployed for a variety of reason some of which are more,,legitimate" than others. One nightmare scenario for a company would be that of a logical bomb being planted in the software that the company ships to customers.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPTX, PDF, TXT or read online from Scribd
A program, or portion of a program, which lies dormant until a specific piece of program logic is A program which produces results when certain conditions are met that are unexpected and unauthorized by legitimate
users or owners of the software.
How can it be activated?
Database grows past a certain size A users home directory is deleted. Most common activator is a date. The logic bomb checks the system date and does nothing until a pre-programmed date and time is reached
The Purpose Of Logic Bombs
Logic bombs are deployed for a variety of reason some of which are more legitimate than others. Another use of logic bombs is in the deployment of viruses and worms.
The Purpose Of Logic Bombs
An employee could set one up to delete his employers databases should he not be able to enter a code at certain intervals, thereby ensuring he extracts a level of revenge should he ever get fired.
How would one protect against Logical Bombs?
A Source Control System might expose a suspicious modification on a script by a developer who generally doesnt need to modify the particular file. IT may also detect an inconsistency if the file changed without
going through the source control system.
How would one protect against Logical Bombs?
Periodical Code Review is an expensive option but can help avoid disaster. One nightmare scenario for a company would be that of a logical bomb being planted in the software that the company ships to
customers.
How would one protect against Logical Bombs?
Segregation of duties is a system that might offer some protection against logical bombs. By having different employees restricted to a specific task, a potential attacker will have to expose himself to carry
out such an attack.
How would one protect against Logical Bombs?
Employing backups and an effective disaster recovery plan is perhaps the safest option. Should a logical bomb trigger and delete datayou will want to have a mechanism in place to revert as quickly as
possible and minimize the damage.
Early Case of Logic Bombs
The Donald Burleson Case Facts of the Case Burleson worked for a security brokerage and insurance company. One of the first recorded cases of computer sabotage in the
nation.
Facts of the Case
In September 1987, Donald Burleson,
a 40-year-old programmer at the Fort
Worth based insurance company, USPA, was fired for allegedly being quarrelsome
and difficult to work with.
Facts of the Case
Two days later, approximately 168,000
vital records erased themselves from the
company computers via time bomb. A logic bomb had gone off, wreaking havoc with the files that were the lifeblood of USPA!
Facts of the Case
Burleson was caught after investigators
went back through several years worth of
system files. They found that two years before he was fired Burleson had planted a
logic bomb which lay dormant until he
triggered it on the day of his dismissal
Facts of the Case
He became the first person in America to be convicted of "harmful access to a computer. Burlesons logic bomb deleted files