Buzz
The destructive power of logic bombs can severely impact a company. Check out more images of laptops.
©iStockphoto.com/tacojimIn December 2006, a former employee of UBS PaineWebber, a financial services firm, was sentenced to eight years in prison and ordered to pay over $3 million in restitution for planting a logic bomb in the company's network in 2002. The code, when activated, caused critical files to be lost across 1,000 computers. Roger Duronio, the disgruntled employee, intended for the bomb to drop the company's stock price. He invested $23,000 in put options, hoping to profit from the decline. However, the stock remained unaffected, leaving Duronio with a prison sentence and a restitution sum far greater than he could afford.
A logic bomb, also known as slag code due to the computer 'slag' left behind after it detonates, is distinct from a virus though it often behaves similarly. It is a harmful snippet of code designed to perform a malicious task, like erasing a hard drive or removing specific files, once it is triggered by a particular event. This code is surreptitiously embedded in a computer's existing software, where it stays dormant until the predetermined trigger event occurs. The trigger could be a positive event, like a specific date or time, or the deletion of an employee's name from a salary database. Alternatively, it could be a negative trigger, such as an employee failing to enter a command at a certain time, signaling their possible departure from the company. Negative triggers are more hazardous as they increase the chance of accidental activation — for example, if the employee is unexpectedly hospitalized. Once activated, the bomb wreaks havoc, deleting files, sending confidential data to unauthorized recipients, and crippling the network for extended periods.
The impact of a logic bomb on a company can be quite catastrophic. Often, it is deployed by disgruntled employees, with the IT field associating it with "disgruntled employee syndrome." A disgruntled employee likely wouldn't find much satisfaction in causing a simple smiley face to appear on every computer at 3:14 p.m. on a specific Tuesday. Logic bombs are typically designed to target specific computers or networks, with IT professionals usually having the necessary access and expertise to deploy them. While some viruses may have logic bombs embedded within them, typically these malicious codes do not spread to unknown targets but remain contained within the network they were inserted into. This containment makes them easier to create than viruses, as they only need to execute a task rather than replicate.
To avoid missing the insertion of a logic bomb into a network, IT experts generally recommend continuous monitoring using antivirus software and other scanning tools that can detect new objects in a computer's data. This should include both network-wide scans and individual checks on each computer within the network.
A logic bomb's action isn't always destructive. In some cases, it serves a non-malicious purpose, such as enabling restricted trial software. After a set period, a piece of code within the software causes it to either vanish or become nonfunctional, prompting the user to pay for continued use. However, since this is not malicious and is transparent to the user, it's typically not referred to as a logic bomb.
For additional insights on logic bombs and other types of malware, be sure to check out the following page.
