Logic bombs are types of malware that are waiting for something to happen they're waiting for some predefined event to occur and at that point something goes into effect like files are removed, systems are rebooted, other things are deleted, systems get's corrupted.
There could be many things that happen with a logic bomb and very often these logic bombs are left by people who have a grudge or it's someone who's been dismissed, they've now been fired from the company but before they leave they're going to set this bomb ticking more precisely they're going to set a program in place that once they walk out something may cause problems inside of that organization.
This can be a date or a time that when it occurs and when that happens the logic bomb goes off or maybe it's something that happens with users maybe it is a file that is added to a computer or removed maybe it's the next time a system reboots is when this logic bomb goes into effect you're never quite certain until you find the actual bomb to understand exactly what might cause it to go off these can be really really difficult to find they're obviously not a virus it's not something that's known by anti-malware or anti spyware and if it goes off the people that are writing these logic bombs are generally destroying things they're destroying files they're creating corruptions inside of operating systems they're making life really painful for everybody else and so once the bomb goes off it can be very very difficult to recover from that unfortunately there have been some very well documented cases of logic bombs.
If you go out to Google and you search you can see all kinds of news articles,
here's a couple of good examples:
This one was posted on WIRED, Fannie Mae he said this is someone who had been dismissed by his job that set a logic bomb to completely disrupt over 4,000 servers at their organization now in this particular case fortunately the logic bomb was found before it went off and so the entire script that was built to really create problems never really created a problem For the organization obviously though there was still legalities involved there was still a prosecution and was still penalties associated with that.
Another example of a logic bomb:
Posted by The Register. This is at another large organization UBS where the system administrator was fired and then put a logic bomb onto these systems and one of the things that he did that made this one especially bad is after he put the bomb that was going to take out a huge part of this organization this is a bank a financial organization he went to a stockbroker and got put options which means if the stock went down he would make money so obviously this is a very big problem they found this one before it went off as well so in this particular case they avoided a lot of problems not only in their organization but a lot of problems with what could have been stock fraud and things that should not have occurred in our financial system.
There were legalities involved and we run into this a lot, not necessarily with spyware and malware but certainly with hacking and other types of malicious things that might occur is that.
There are legalities involved so you want to be sure that if you're dealing with any type of situation where somebody has left a logic bomb in your environment that you're handling it in the way that there are a few disaster recovery plans in place.
0 Comments