Logic Bomb Virus Definition
Today’s computer systems are very fragile and often attacked with the main goal to steal or destroy all the found data. Bigger systems that hold sensitive information need to have stronger defense towards these attempts.
GIAC gave an official definition of the logic bomb – “A logic bomb is computer instruction that codes for a malicious act when certain criteria are met, such as a specified time in a computer’s internal clock or a particular action, such as deletion of a program or file”.
In simple words, a logic bomb virus is a piece of code that is malicious, meaning the main intention is to corrupt and delete the data on a specific piece of hardware. It is a piece of code that is inserted into the network and triggered only once the specific conditions are met. This virus is also known as slag code, code bomb, and cyber bomb.
These types of malicious pieces of code are very dangerous because sometimes they remain dormant until a certain event happens and triggers the virus to do its work. The good thing to know is that logic bomb viruses can be prevented.
Basic Characteristics of Logic Bomb Viruses
Logic bomb viruses can have two types of triggers – positive and negative ones. A positive trigger is when the user does something that will trigger the logic bomb – the most common example is when a user opens or deletes a specific file that is flagged to be a logic bomb trigger.
Negative triggers represent the opposite to positive ones – it is when the conditions are not met. Either way, the logic bomb will make the program’s logic to trigger the bomb to go off and thus make the intended damage.
Logic bombs don’t reveal their presence right away – in all cases, they require time to show what kind of damage they can do. Depending on the intentions of the attacker, some bombs may go off sooner, some may go off later.
There is no expiration date of the logic bomb – it could be dormant for years if the attacker really wants to hide his tracks. Because of this, logic bombs are very convenient to use and can hide the identity of the attacker really well.
Because the logic bombs are only triggered by a certain event, they are not showing any signs of their presence until that certain condition is met. This can be literally anything – from an act of opening or deleting a certain file, to waiting for a specific date or time (also known as time bombs).
How destructive the logic bomb will be cannot be found before the bomb is triggered. Some of them are programmed to send spam emails – damage that can be reverted with a little bit of programming effort.
Other bombs are programmed to steal sensitive data or to erase it and pose a much bigger danger than the “spammy” ones.
How to Prevent Logic Bomb Virus?
Basically, there is no cure once the logic bomb virus is inflicted with a certain network. The key here is to work on prevention and stopping that from happening in the first place.
The best way to do this is to find yourself a good and reliable antivirus that can offer protection from logic bombs. The key is to prevent the malware from entering and infecting your network, and this is something a reliable antivirus can do.
It is also important to keep the antivirus up-to-date so the software can be aware of all the latest threats. Attackers are constantly on the verge of finding better, less suspicious ways to infect your system.
Also, it is important to keep your operating system updated all the time since there are many loopholes attackers are using for planting viruses. Every new OS update focuses on security and solving possible issues with the system’s first line of defense against malware.
Logic bomb viruses are most commonly installed via opening a certain file that seems completely legit but has been sent from an unknown sender. Try to avoid making such a mistake by not opening any files that you didn’t expect to arrive or you don’t know their source.
Also, don’t open any files on a USB flash drive or other memory devices that you are not familiar with. Once you open such a file, a logic bomb virus will be inserted into your network without any signs that your computer is infected with this dangerous threat.
Famous Logic Bomb Attacks
Although computer viruses are considered to be the illness of the modern era, the first and original logic bomb attack actually happened in 1982 during the Cold War, between the US and the Soviet Union.
The incident happened when the US, with the help of a Canadian company, developed software for an advanced control system. A KGB operative has stolen written plans alongside the software, intending to use that system for a Siberian pipeline project.
However, they were unaware that the software was planted with a logic bomb code by the CIA with the primary goal to sabotage the enemy. After this, logic bombs became very popular and were very commonly used.
Another big scam happened when the Siemens employee used a logic bomb to make more work for his private business. His name was David Tinley and he has been in the Siemens company for more than 10 years.
He developed and provided Siemens with spreadsheet software that was used for managing equipment. After some time, David planted a logic bomb into one of the spreadsheets, causing the software to malfunction once the specific condition is met.
Every time the software malfunctioned, the Siemens corporation would call and pay David to fix it. This was going on unnoticed for more than two years and was discovered only by pure luck when David was on leave and had to provide the Siemens IT department with the password for the software, during another crash that it suffered from a logic bomb.
This example has shown how the logic bomb viruses can be very dangerous, not only they can erase and corrupt data, but also how individuals can use them for their profit and benefit.