Date First Published: 20th May 2023
Topic: Cybersecurity
Subtopic: Threats To Systems, Data & Information
Article Type: Computer Terms & Definitions
Difficulty: MediumDifficulty Level: 6/10
Learn more about what a logic bomb is in this article.
A logic bomb is a piece of malicious code designed to carry out instructions when specific conditions are met. Logic bombs can be inserted into malware which run a malicious function, like deleting files or corrupting data, when a certain condition is met, like opening a program, opening a file, or restarting the computer.
Until the condition is met, logic bombs remain inactive and often undetected by antiviruses. Logic bombs run malicious code that "explodes" when triggered by a specific event. The set of conditions that can activate a logic bomb is almost unlimited. Intentionally delaying the time between inserting and running the code allows attackers to control when the malware infection happens and sometimes allows it to remain undiscovered for weeks, months, or even years.
In order for a piece of code to be considered a logic bomb, the code needs to be unknown, unwanted, and unexpected to the user of the program. Also, logic bombs are always malicious, unexpected, and run when certain conditions are met. If the piece of code is not malicious to the user and does not run when they are not expecting it, then it is not considered a logic bomb.
For example, trial versions of programs that deactivate when the trial period is over by using a logical condition (access for a certain number of days) are known to the user and non-malicious. These are not considered logic bombs.
Another example is a malicious program that deletes files as soon as it is run without needing to meet certain conditions. Since the code is immediately activated without having to meet any specified conditions, it is not a logic bomb.
There are two types of conditions that can set off a logic bomb, including positive and negative. Positive triggers set off after a certain condition is met, like running a specific program. Negative triggers are set off when a certain condition is not met, like not shutting down the computer on time. Whenever the conditions are achieved, the program will get the logic bomb to activate and do harm unless a method is found to remove the code.
A logic bomb is not a type of malware. Even though logic bombs are malicious, they are just a piece of code found inside a malicious program. Viruses and malware may have logic bombs inserted into them, but logic bombs are not a type of malware themselves.
The main difference between a logic bomb and a time bomb is that logic bombs can be triggered by any specific conditions, whilst time bombs are a type of logic bomb that are only triggered by a certain time or date.
In the early 2000s, Roger Duronio, a systems administrator for the UBS Group AG was unhappy with his bonus, so he set up a logic bomb malware attack. He aimed to wipe out the company’s servers and damage the company's networks, leaving traders unable to perform trades.
The time bomb went off on a date specified by Duronio and affected 2000 servers at 400 office branches. This prevented thousands of the company's brokers from performing trades. But, his plan to drive down the company's stock with the activation of the logic bomb did not succeed. Duronio was sentenced to 8 years and 1 month in prison and paid $3.1 million compensation to UBS.
On 19 July 2019, David Tinley, a contract employee, was found guilty of programming logic bombs within the software he created for Siemens Corporation. The software was intentionally made to malfunction after a certain amount of time, requiring the company to hire him to fix it for a fee. The logic bombs went undetected for two years, but were then discovered whilst he was out of town and had to hand over the administrative password to his software.
If so, it is important that you tell me as soon as possible on this page.
Network Services Network Setups Network Standards Network Hardware Network Identifiers Network Software Internet Protocols Internet Organisations Data Transmission Technologies Web Development Web Design Web Advertising Web Applications Web Organisations Web Technologies Web Services SEO Threats To Systems, Data & Information Security Mechanisms & Technologies Computer Hardware Computer Software Ethics & Sustainability Legislation & User Data Protection