Logic bombs - attacks information security, Computer Network Security

Assignment Help:

Example 3: Logic bombs

In the year 2000, Timothy Lloyd was found responsible of causing $10 million and $12 million of damage to Omega Engineering, an American company specializing in the precision engineering for clients, comprising the US Navy and NASA. The Lloyd had been employed with Omega for eleven years, increasing to the post of system administrator, and was not only responsible for the day to day operation of the company’s computers but also for the process of disaster recovery.

In the year 1996, Lloyd became aware that he was to be sacked and wrote a logic bomb – a 6-line destructive program – which he installed on Omega’s servers. After ten days later, Lloyd was dismissed and his logic bomb exploded, destroying all the company contracts and proprietary software which was used by Omega’s manufacturing tools. Although Omega had a backup procedure, Lloyd’s account had allowed him to disable these recovery systems. The damage which was done by his logic bomb was permanent.

When the logic bomb exploded it wiped out information that was required for the company to operate. Due to the result of lost business, Omega was mandatory to lay off some 80 employees and found itself rewriting the software which had once given it a competitive edge over its rivals. In effect, which Lloyd managed to do, in most decisive manner possible, was to prevent the vital information which was being shared. Now we will define information security several ways. Some of them are stated below

Def1: Information security means protecting information and information systems from the unauthorized disclosure, access, disruption, modification, use, or destruction. The terms computer security, information security and information assurance, are often used interchangeably. These fields are related internally and share the common goals of protecting the integrity, confidentiality and availability of information; although, there are some subtle differences between them. These differences primarily lie in the approach to subject, methodologies used, and areas of concentration. Information security can be concerned with integrity, confidentiality, and availability of data regardless of the form the data may take: print, electronic, or other forms.

Def2: The protection of data against unauthorized access. Programs and data can be secured by using passwords and digital certificates to authorized users. However, passwords validate only that a correct number has been entered, not that it is the genuine person. Digital certificates and techniques which are biometric (fingerprints, voice, eyes, etc.) and authentication provide a more secure method. When a user has been authenticated, the sensitive data can be encrypted to prevent eavesdropping by using cryptography technique.


Related Discussions:- Logic bombs - attacks information security

Cost accounting, ?Examples should include direct costs items, indirect cost...

?Examples should include direct costs items, indirect costs items, as well as variable costing. ?What are at least 5 types of expenses that are associated with manufacturing the

Social studies, how would land elevation have canged if coronado had travel...

how would land elevation have canged if coronado had traveled 150 miles due west from what is today arizona instead of west toward new mexico

Transmission errors in networking, TRANSMISSION ERRORS:  Transmission...

TRANSMISSION ERRORS:  Transmission exceptions may happen due to different causes for example power surges or interference may delete data during transmission. In result of wh

Mitigate risks in an information security management system, Question: ...

Question: (a) What are the various options to mitigate risks in an Information Security Management System (ISMS)? For each option specify an instance where it can be used.

What do you understand by the term integrity, Question: (a) What do yo...

Question: (a) What do you understand by the term "integrity"? (b) Which type of attack denies authorized users access to network resources? (c) You have discovered tha

Systems development life cycle (sdlc)-information security, SDLC Systems ...

SDLC Systems development life cycle (SDLC) is process of developing information systems through analysis, design, investigation, implementation and maintenance. SDLC is called as

Log file monitors-information security, LOG FILE MONITORS Log file monit...

LOG FILE MONITORS Log file monitor (LFM) is similar to NIDS. It reviews log files generated by servers, network devices, and even other IDSs for patterns and signatures. Pattern

Caralouer case study: analysis and design techniques, CarALouer provides re...

CarALouer provides rental of cars to its customer on a regional basis i.e. a car is attached to a regional home-base which also houses a regional office of the company. Each regi

Develop a tcp-based client-server socket program, Develop a TCP-based clien...

Develop a TCP-based client-server socket program for transferring a large message. The message transmitted from the client to server is read from a large file (size is about 30000

The security systems development life cycle (secsdlc), The Security Systems...

The Security Systems Development Life Cycle (SecSDLC) The same phases which is used in traditional SDLC can be adapted to support specialized implementation of IS project,At its

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd