1.5.3 Logic Bombs
A logic bomb is a virus of some ilk with a time delay fuse. The most famous virus with a fuse was Michelangelo in 1992. More practically speaking, a really upset employee is more of a danger107. They could install a program set to do something malicious at a later date, and then quit (or work their last day, if they were laid off), leaving the system to automatically fire off the malicious code days, weeks, or even months after they lost their access to the companys computers. For that matter, this could also happen while they are still employed (but taking a vacation day, be in an all-day meeting, etc. i.e., in a place in which they had an alibi), when the logic bomb goes off.
To guard against this occurring, its useful to have multiple programmers looking at the same set of code (either using multiple coders, a la Extreme Programming108, or a two step code and code review process), and for change control processes to be in effect, requiring that someone other than the programs creator be assigned the responsibility (and the necessary system access permissions) to put any code into production. As well see later in the cryptography section, a useful tactic in helping keep a system from being abused is to require that multiple people be involved in activities that lend themselves to abuse, such as installation of programs on in-house production (or client) systems.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.