Malware can take many forms to find its way in to your organization to cuddle up with your sensitive data. One of the hidden gems in the malware matrix is a Logic Bomb. In this BlogBytes we will examine malware and these time sensitive malicious bombs and discuss what you can do to defend against them with help from LTO technology and hopefully avoid a time ticking data explosion – Tick Tock! Let’s take a close look.
WHAT IS MALWARE?
Malware is malicious software, and as defined at SearchStorage, “[malware] is any program or file that is intentionally harmful to a computer, network or server. Types of malware include computer viruses, worms, Trojan horses, ransomware and spyware. These malicious programs steal, encrypt and delete sensitive data; alter or hijack core computing functions and monitor end users’ computer activity.”
THE LOGIC BOMB – TICK TOCK
A logic bomb is a form of malicious code but it is deployed uniquely in that it is injected into a software program to take effect at a predetermined stage. Noted in the article, “The term [logic bomb] comes from the idea that the code ‘explodes’ when triggered by a specific event, such as a certain date or time, the deletion of a particular record — e.g., an employee — from a system or the launch of the infected software application.” These lurking threats are devious because the malicious code lies there until the trigger happens. The time lag allows the criminal hacker to cover their tracks because the bomb doesn’t detonate sometimes for weeks or months.
BOMBS AWAY!
The article points out that “unlike some forms of malware like viruses or worms that break into a secure system on their own, a logic bomb attack is usually a form of cyber sabotage launched by an internal — usually a malicious — attacker. This might include a disgruntled current or former employee, such as a programmer or information technology administrator with access to sensitive data or administrative access to systems.” In one such case, as related in the article, a disgruntled employee launched a logic bomb against their employer at a large stock brokerage firm. The bomb detonated at a specific date and time and deleted files in thousands of servers stopping brokers from performing trades. Fortunately, the attacker was caught and sentenced to a lengthy prison term.
WHAT CAN YOU DO?
There are a number of safeguards that can be employed to guard against logic bombs as well as other malicious software to include the use of antivirus software, frequent scanning of files, employee training and personnel security protocols. In addition, enable the ability to recover data in the event of an attack. Implement offline copies of critical information – use LTO tape technology. When an LTO tape is removed from the drive the data is offline. In other words, an air gap is created between the tape data and the system nullifying cyber access thereby preventing or lessening damages from an attack. The offline tape can be used to recover data. In addition, LTO technology supports tape data encryption to help protect the information in the event a tape was to get into the wrong hands.
Logic Bombs have been around for a long time and are still a threat to an organization, its data and operations. Be prepared — Implement security procedures and use LTO tape. See a short video on LTO cyber-security measures here.
