Evil Maid Attack

What Does Evil Maid Attack Mean?

The evil maid attack is a specific type of physical security vulnerability that may be part of a cybersecurity professional’s lexicon. The evil maid attack represents an example of how hackers with physical access to systems can beat various cybersecurity standards, including full encryption of what's on a device.


Techopedia Explains Evil Maid Attack

In order for hackers to get access even with total encryption, the evil maid attack works through the use of a keylogger.

Here's the situation – an unidentified rogue actor accesses an unattended device and installs the keylogger. Then he or she waits for the user to generate a user session. After that, if the user leaves, the evil maid character can come back to the device and harvest the keylogger information, to get passwords or public keys or whatever is needed to get through the encryption.

Security professionals use the evil maid attack as an example and an illustration of how to improve physical site security. Since the evil maid attack relies on repeated unintended access to a device, there are straightforward fixes that companies can put in place to minimize the chances of one of these attacks happening.


Related Terms

Latest Cyber Threats Terms

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…