This article has been written by Radhika Agrawal pursuing the Diploma in Cyber Law, FinTech Regulations and Technology Contracts from LawSikho. This article has been edited by Aatima Bhatia (Associate, Lawsikho) and Dipshi Swara (Senior Associate, Lawsikho).
Logic bombs remain dormant until a specific condition is met. However, once the condition occurs, it can lead to severe security breach to a company’s data. The 2006 crashing of the UBS servers is a significant example of a successful logic bomb attack, wherein an employee of the UBS Group launched this attack and 2,000 servers at 400 office branches fell victim to this attack.
It is quite evident that these attacks can be disastrous, and therefore it is important to have some action plans in place in order to evade the attacks. An enterprise can potentially protect itself from the chaos of a logic bomb affirming with the following checklist:
- Expect a crisis.
- Install reliable Anti Virus Software.
- Security policy first.
- Limit the access and track every employee’s computer.
- Check on the latest patches and updates.
- Adapt Spam-Blocking Solutions.
- Screen New hires.
- Install Firewall.
- Segment LAN.
- Regular Backup.
- Manage Passwords.
- Guest Logins.
- Separation of Duties.
Expect a crisis
Cybercrime can happen to anyone and at any time. Today putting the guard off for any type of cyber attack is foolish. Logic bombs are as dangerous as any other cyber crime. Certain instances were recorded where employees have drastically influenced a corporation’s operations by installing logic bombs which blocking traders from trading in the company’s shares, malfunctioning company’s softwares and through other mischievous ways. There could be a million dollar loss to a corporation triggered by these logic bombs. It is wise and always recommended to expect such an attack primitively and be ready with a plan to mitigate the risk.
Install reliable Anti Virus Software
Investing in a good Antivirus software is very important as detecting a logic bomb and removing the malware planted from every computer system in the corporation is not an easy job. A trusted Antivirus software will not only protect the system from infection before it is triggered but it will also constantly take the update to check the latest threats.
Security policy first
One primary step to preventing logic bomb attacks or any other cyberattack should be the establishment of a security policy. It should include mechanisms to prevent and detect malware abuse and guidelines for carrying investigations for the same. It should spell out the potential consequences of misuse. To shield the organization from accusations of unfair or unequally implemented penalties, ensure that your security policy traces out the ends of maltreating company resources
Limit the access and track every employee’s computer
Limiting the access to web services may sound repressive for employees but this will be beneficial and protective for the corporation as a whole. This will help to track the third party interference in the company’s connection. Most instances of such attacks take place when logic bomb malware is planted by malicious insiders. The case of the UBS servers crash is one such example, wherein the employee planned the logic bomb attack in the very company that he was working at. This was because he was unhappy with the bonus that he had received from the company. Another example worth discussing would be The Siemens Corporation spreadsheet debacle, wherein a contract employee who was associated with the company for nearly a decade planted a logic bomb in one of the spreadsheets of the company. And managed to keep it undetected for around two years. Everyone does not have the safest web browsing manners. Web filters may restrict the employees from browsing sites that might be a potential source of a logic bomb. Keeping the log of employees’ activities on the corporation’s server and deploying web filters will be helpful in preventing such malicious activities.
Check on latest patches and updates
Keeping the system updated and checking on the latest patches, computers will be protected. The business’s software and hardware extracts will be as protected as possible from both internal as well as external menaces. Software updates repair security holes, remove bugs, add new features and remove the outdated ones. This removes any sort of software vulnerabilities that we might have and keeps us off the radar of hackers.
Adapt Spam-Blocking Solutions
The email bomb attacks are extremely challenging to block because any user with an email address can spam any other email address. Spams are irritating, a waste of time, and dangerous as they may be appended to viruses and malware, including logic bombs. To curtail time wastage and enhance network security a comprehensive spam-blocking solution should be implemented.
Screen new hires
Basically, the additional time you spend exploring a candidate’s experience, the better. In the event that your corporation considers background verifications also tedious, consider re-appropriating. Individual verifications don’t generally recount the entire story, be that as it may. For instance, a regular check may confirm the candidate’s present location, however, would neglect to uncover that somebody living at a similar location is a known cheat or a displeased ex-worker. Administrations like Systems Research and Development’s NORA (Non-Obvious Relationship Awareness) can discover such connections. By consolidating data from apparently inconsequential corporate data sets, NORA can perform workforce checks – on representatives, subcontractors and merchants, including forthcoming recruits.
A firewall is your first line of safeguard against likely dangers. It checks data moving to or from your network, to keep dangers out or lock them in for brief disposal. Utilizing a firewall related to antivirus programming will offer better assurance against logic bombs. A firewall will examine traffic so the logic bomb doesn’t advance onto your computer. Dial-back methods for staff who are working from home from a set area don’t work for faculty who are dialing in from different far off locations, for example, air terminals and lodgings. Distant access security requires the utilization of encompassing safety efforts like firewalls, just as the encryption of messages and delicate records put away on the computer. Firewalls should channel dial-in access in such a way as to deny access aside from where expressly allowed.
Host-or network-based interruption discovery frameworks merit a conspicuous spot on the roster of your interior safeguards, however discovering great checking focuses can be testing. Host-based frameworks for the most part convey specialists, however network-put together frameworks depend with respect to LAN sniffers. Checking a solitary web association is simple, however, discovering great locations – chokepoints – inside frequently turbulent LANs can be more troublesome. In a perfect world, you’d have one sniffer for every LAN portion. In an enormous network, this is clumsy, illogical and will likely overpower you with useless cautions. it is recommended to regard your LAN as a progression of areas, every one of which contains its own zone of trust, isolated by firewalls at which each interface with the corporate spine.
It is basically difficult to lead any sort of business these days without utilizing electronic storage for touchy data. Regardless of whether you are putting away close to home client data or secret financial documents, it’s basic you guard this data from misfortune and robbery. Backup administrations are an astounding alternative to have in your network safety toolbox. In the event that a logic bomb at any point triggers, delivering your data encrypted and indiscernible, you’ll have the option to recuperate the data you need, in the state you need in the event that you have a cloud backup set up. Indeed, even with different layers of network safety, it’s a smart thought to consistently back up your business’ data. Making backups sets aside time, yet it will give you significant serenity realizing that you can reestablish your business’ data back to its unique state in case of a logic bomb
Passwords ought to be simple for the client to recollect, however difficult for a culprit to figure. Some basic control highlights for passwords are that they: (1) ought to be internally single direction encrypted; (2) ought to be changed consistently; (3) ought to be five to eight characters in length; (4) ought to incorporate alpha and numeric characters; (5) ought not be not difficult to figure, like a companion’s name, youngster’s name and so on, (6) ought to be concealed (not show up on the screen when composed); and (7) inactive client IDs ought to be deactivated and in the long run erased from the framework. Also, logon IDs ought to be deactivated after a few fruitless endeavors (for the most part three) to enter the right secret key and the situation ought to naturally disengage a sign on meeting if there is no action for a predetermined time allotment.
Manual or electronic logging of guests, alongside accompanied or controlled guest access, likewise diminishes actual access chances. Photo ID identifications, camcorders, and safety officers give a significantly more prominent degree of safety. On the off chance that photo ID identifications are utilized, guests ought to be needed to wear an alternate shading identification. Deadman doors, which comprises two doors and necessitate that the primary entryway close before the subsequent entryway opens, give a more significant level of safety to computer rooms and document stations. Upkeep faculty ought to be reinforced. The area of touchy offices, for example, the computer room, ought not be promoted nor should they be recognizable or noticeable from an external perspective.
Separation of Duties
Separation of duties can assist with dissuading vindictive insiders who might be thinking about introducing a logic bomb on a framework. This would require a subsequent individual to assess new code, software or changes for security issues. Without the subsequent individual’s audit, the favored client might actually introduce the malware without location. Separation of duties (SoD), in some cases alluded to as segregation of duties, is the idea of dividing the errands and advantages needed for a particular security measure among numerous individuals. It’s anything but an internal control to decrease the potential harm brought about by the activities, unintentional or noxious, of any one individual by confining the measure of force and impact they hold over key frameworks. It additionally guarantees that individuals don’t have clashing duties, like writing about themselves or their bosses. The goal is to dispense with the chance of a solitary client being in a position where one can do and hide an illegal activity. Along these lines, for instance, if any of your heads can erase, alter, or duplicate data without being distinguished, then, at that point you need to take a gander at the separation of their duties and errands
Numerous diminutions for logic bombs figured over the years, but logic bombs have updated as modern tools and intervention techniques advanced. By achieving the preventions enumerated in the above checklist, new devices and supplementary monitoring can make it easier to detect and prevent logic bomb attacks in the future.
Students of Lawsikho courses regularly produce writing assignments and work on practical exercises as a part of their coursework and develop themselves in real-life practical skills.
LawSikho has created a telegram group for exchanging legal knowledge, referrals, and various opportunities. You can click on this link and join:https://t.me/joinchat/J_0YrBa4IBSHdpuTfQO_sA