Friday, January 1, 2016

What are Logic Bombs and Time Bombs ?

A Logic Bomb is a malicious piece of code that gets executed when a certain condition is met. A simple example is, a program that monitors payroll system of a company and deletes critical files when a specific employee is terminated.

A Time Bomb is a Logic Bomb execution of which is triggered in a specific day or time – such as Valentines Day or 1st April.

Time Bombs and Logic Bombs are malware that are used mainly by attackers for illegitimate purposes. They may embed the piece of code with a trojan or virus and use social engineering to trick user to install the malware in his system. After that, the trojan or virus can spread itself silently. And when a certain day or time has appeared, it can start alerting the users.

Attackers can also use Logic Bombs with spyware and steal sensitive information. The spyware can silently infect a computer when the user clicks on suspicious link, opens suspicious email attachments or installs software from untrusted sources. The spyware can install keystroke logger it the system. And when the user opens web applications of bank etc to authenticate himself, the Logic Bomb may get triggered. It can silently log the keystrokes and steal sensitive information and later transfer the data to the attacker silently.

Many a times Logic Bombs and Time Bombs are used by disgruntled employees for taking revenge or for some other malicious purposes. Some popular examples include – a unix system administrator got imprisonment of 30 months for inserting a Logic Bomb in Medco Health Solution Servers. An IT contractor Fannie Mae inserted a Time Bomb to attack corporate servers.

What are the countermeasures ?

There are some steps that can be taken to prevent these attacks.

  • Principle of least privileges to employees within an organization always helps in preventing these attacks.
  • Do not click on suspicious links.
  • Do not install any software from untrusted sources.
  • Do not open any email attachment if you are not very sure of the authenticity of the sender.
  • Keep your browser and other commonly used software updated with recent security patches. Most of the time malware infects a computer taking advantage of the security holes of commonly used software.
  • Keep your computer updated with anti-malware software from a trusted source.
  • Keep your Operating System updated with recent patches. This will reduce the vulnerability of your Operating Systems from recent threats.

And awareness of recent threats and vulnerabilities always helps. So, stay safe, stay secured.

No comments:

Post a Comment