Logic Bomb
Few days ago, I came across this term, seemed interesting so did a bit research on it(Nothing much 2 do in V day so spent my time doing this… :P )…Just hope U like it..
The name implies that it is definitely something destructive and so it is…
.It is basically a code or Logic with the following characteristics
The logic bomb has mainly the following characteristics:
1. It is triggered by a change in the environment.
2. It does something destructive like deleting files.
3. It deletes itself.
4. It does not replicate itself.
I would explain logic bombs based on these points.
IT IS TRIGGERED BY A CHANGE IN THE ENVIRONMENT
When I say a Change in the environment, I mean an event which triggers the Logic Bomb .It can be a simple mouse click to more complex events.
The event can be viewed as a change in the value of a “Parameter” or in a more logical context the presence or absence of a trigger.
Example:
You are walking down the road and suddenly a BIKE come s speeding towards you….You will try to move out of its way instantly ..(Personal choices vary….but If I were you ...I would have done that….).So the bike was initially not there but suddenly it appeared and that made you move away. This is called POSITIVE TRIGGER.
Take another example:
You are walking in the rain….and the rain stops, so you close the Umbrella.
So the event was occurring and the stopping of the event was the Trigger. This is called NEGATIVE TRIGGER.
It's secretly inserted into the code of a computer's existing software, where it lies dormant until that event occurs.
It does something destructive like deleting files.
Its main task is to destroy files or important data. When the logic bomb is triggered by an event, it deletes files or data in the system. Other functions maybe secret information being sent to the wrong people, the network may be crippled for days, or denial of service attacks.
It deletes itself
One of the key features of LOGIC BOMB is that it destroys itself. Logic Bombs is also called SLAG CODE since “slag” is left after it detonates.
It does not replicate itself.
This one of the key points of difference between a VIRUS and a LOGIC BOMB is that it cannot form identical or modified copies of itself. So Logic bombs are generally not programmed to spread, it is specific in its activity and generally the victim is specific. A logic bomb stays put within the network in which it was inserted. This makes it much easier to create than a virus. All it needs to do is execute a task; it doesn't need to reproduce, which is a more complicated function.
But the VIRUS can contain a LOGIC BOMB embedded in it, so the Virus could plant a Logic Bomb in the affected computer. There are some virus types that are considered logic bombs because they have a time-and-date trigger.
An example of this type of Virus is “FRIDAY THE 13th” Virus.
Here the logic bomb is triggered when Friday has the date 13th.
Logic bomb was first used by disgruntled employees; the payload of a logic bomb is usually pretty devastating to the company under attack. It's often a tool used by angry employees…..
If an employee did not login for more than a month (which means he was sacked) the logic bomb would detonate and destroy all the data of the firm. So this is quite common in the IT field where employees frequently resort to this type of crime.
Well, like all things this also has a positive side, It makes restricted Software Access possible, for e.g. Imagine a demo software which uninstalls itself automatically after the TRIAL PERIOD expires.
Another application may be in DATA security. If someone tries to log in to someone else’s account using a Brute Force attack, then a logic bomb may be set to delete all the data after specified number of tries.
No comments:
Post a Comment