Difference between revisions of "Logic/time bomb"

From OWASP
Jump to: navigation, search
(adding some content)
 
(2 intermediate revisions by one user not shown)
Line 1: Line 1:
 
{{Template:Threat}}
 
{{Template:Threat}}
 
{{Template:Stub}}
 
  
 
<br>
 
<br>
 
[[Category:OWASP ASDR Project]]
 
[[Category:OWASP ASDR Project]]
[[ASDR Table of Contents]]__TOC__
 
  
 
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
 
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
Line 11: Line 8:
 
==Description==
 
==Description==
  
A threat agent is a group of "attackers" that carry out an [[attack]]. They can be human (intentional or unintentional) or natural (flood, fire, etc...).
+
A logic bomb is a piece of malicious code that executes when specific trigger conditions are met. A typical example would be a program that monitors a company's payroll system, and attacks the company if a specific employee is terminated. A time bomb is a type of logic bomb that uses a date and time as its trigger condition. They are differentiated from software "easter eggs" by their malicious nature.
# Start with a one-sentence description of the threat agent
+
# Who are the people that make up this threat agent?
+
# Discuss characteristics of the threat agent.
+
 
+
  
 
==Risk Factors==
 
==Risk Factors==
 +
A logic bomb can affect any systems that were accessible to the attacker. Depending on the motivation of the attacker, the bomb itself could modify payroll systems, steal corporate databases, or crash critical infrastructure.
  
* Talk about the [[OWASP Risk Rating Methodology|factors]] that make this threat agent likely or unlikely to attack
+
* [[Computer Viruses]] occasionally use logic bombs as their payloads. This allows the virus time to spread before alerting infected users with its attack.
* Be sure to discuss the size, motivation, capabilities, and opportunity of this threat agent
+
* [[internal software developer | Internal developers]] or [[Contractors | IT contractors]] are the typical threat agents capable of delivering logic bombs.
  
 
==Examples==
 
==Examples==
  
===Short example name===
+
===Medco Health Solutions===
: A short example description, small picture, or sample code with [http://www.site.com links]
+
: A unix systems administrator recieved 30 months in federal prison for inserting a logic bomb in Medco Health Solutions servers. [http://www.pcworld.com/article/137479/article.html link]
 +
 
 +
===Fannie Mae===
 +
: An IT contractor for Fannie Mae inserted a time bomb to attack corporate servers. [http://www.fbi.gov/baltimore/press-releases/2010/ba100410a.htm link]
  
===Short example name===
+
===Siberian Pipeline Sabotage===
: A short example description, small picture, or sample code with [http://www.site.com links]
+
: It is alleged (and disputed) that a 1982 explosion of a Soviet natural gas pipeline was caused by a logic bomb. [http://www.nytimes.com/2004/02/02/opinion/the-farewell-dossier.html link]
  
 
==Related [[Attacks]]==
 
==Related [[Attacks]]==
  
* [[Attack 1]]
+
* [[Computer Viruses]]
* [[Attack 2]]
+
  
 
==Related [[Vulnerabilities]]==
 
==Related [[Vulnerabilities]]==
  
* [[Vulnerability 1]]
+
TBD
* [[Vulnerabiltiy 2]]
+
  
 
==References==
 
==References==
  
* http://www.link1.com
+
* [http://en.wikipedia.org/wiki/Logic_bomb Wikipedia]
* [http://www.link2.com Title for the link2]
+
* [http://computer.howstuffworks.com/logic-bomb.htm HowStuffWorks]
  
 
__NOTOC__
 
__NOTOC__
Line 49: Line 44:
  
  
[[Category:Malicious Code Attack]]
+
[[Category:Embedded Malicious Code]]

Latest revision as of 23:21, 19 December 2012

This is a threat agent. To view all threat agents, please go to Threat Agent Category page.


Last revision (mm/dd/yy): 12/19/2012

Description

A logic bomb is a piece of malicious code that executes when specific trigger conditions are met. A typical example would be a program that monitors a company's payroll system, and attacks the company if a specific employee is terminated. A time bomb is a type of logic bomb that uses a date and time as its trigger condition. They are differentiated from software "easter eggs" by their malicious nature.

Risk Factors

A logic bomb can affect any systems that were accessible to the attacker. Depending on the motivation of the attacker, the bomb itself could modify payroll systems, steal corporate databases, or crash critical infrastructure.

Examples

Medco Health Solutions

A unix systems administrator recieved 30 months in federal prison for inserting a logic bomb in Medco Health Solutions servers. link

Fannie Mae

An IT contractor for Fannie Mae inserted a time bomb to attack corporate servers. link

Siberian Pipeline Sabotage

It is alleged (and disputed) that a 1982 explosion of a Soviet natural gas pipeline was caused by a logic bomb. link

Related Attacks

Related Vulnerabilities

TBD

References