Logic Bombs Flashcards

1
Q

Logic Bombs

A
  • Waits for a predefined event
    • Often left by someone with grudge
  • Time bomb
    • Time or date
  • User event
    • Logic bomb
  • Difficult to identify
    • Difficult to recover if it goes off
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Real-world logic Bombs

A
• March 19, 2013, South Korea
  • Email with malicious attachment sent to South Korean
organizations
  • Posed as a bank email
  • Trojan installs malware
  • March 20, 2013, 2 p.m. local time
    • Malware logic-bomb activates
    • Storage and master boot record deleted, system reboots

• Boot device not found
Please install an operating system on your hard disk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Preventing a logic bomb

A
  • Difficult to recognize - Each is unique
    • No predefined signatures

• Process and procedures - Formal change control

  • Electronic monitoring
    • Alert on changes
    • Host-based intrusion detection, Tripwire, etc.
  • Constant auditing
    • An administrator can circumvent existing systems
How well did you know this?
1
Not at all
2
3
4
5
Perfectly