The Chief Information Officer (CIO) receives an anonymous threatening message that says “beware of the 1st
of the year”. The CIO suspects the message may be from a former disgruntled employee planning an attack.
Which of the following should the CIO be concerned with?
A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function
when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting
files should they ever be terminated from the company.
Software that is inherently malicious, such as viruses and worms, often contain logic bombs that execute a
certain payload at a pre-defined time or when some other condition is met. This technique can be used by a
virus or worm to gain momentum and spread before being noticed. Some viruses attack their host systems on
specific dates, such as Friday the 13th or April Fool’s Day. Trojans that activate on certain dates are often
called “time bombs”.
To be considered a logic bomb, the payload should be unwanted and unknown to the user of the software. As
an example, trial programs with code that disables certain functionality after a set time are not normally
regarded as logic bombs.