Logic Bomb: An Insider Attack

Abstract

Cyberattacks are one of the biggest threats to the Computer World. Security researchers and professionals are continuously making various efforts to prevent such attacks. Most of the times these attacks come from outside, but sometimes it can be an insider attack too. Insider attack can be more lethal, as the malicious person will have authorized system access. Logic Bomb is one of such examples of an insider attack. A successfully triggered logic bomb can cause system failure, auto-deletion of hard drives, manipulation of data, etc. Logic Bombs are generally hidden or embedded in genuine code where they stay dormant until their conditions are not satisfied, this makes them very hard to detect. This malware is normally programmed by a developer of the software. The attackers usually exploit software development lifecycle to insert a logic bomb. Such type of hidden malicious code in the system software can be a serious threat to their IT infrastructure. As the world is now moving toward smart and digital cities, all the IoT and Automated systems should be protected from such attack. This paper involves the study of an insider logic bomb attack, its preventive measures, proposed code-level detection system and detailed steps for recovery.