Evil Maid Attack

What Does Evil Maid Attack Mean?

The evil maid attack is a specific type of physical security vulnerability that may be part of a cybersecurity professional’s lexicon. The evil maid attack represents an example of how hackers with physical access to systems can beat various cybersecurity standards, including full encryption of what's on a device.


Techopedia Explains Evil Maid Attack

In order for hackers to get access even with total encryption, the evil maid attack works through the use of a keylogger.

Here's the situation – an unidentified rogue actor accesses an unattended device and installs the keylogger. Then he or she waits for the user to generate a user session. After that, if the user leaves, the evil maid character can come back to the device and harvest the keylogger information, to get passwords or public keys or whatever is needed to get through the encryption.

Security professionals use the evil maid attack as an example and an illustration of how to improve physical site security. Since the evil maid attack relies on repeated unintended access to a device, there are straightforward fixes that companies can put in place to minimize the chances of one of these attacks happening.


Related Terms

Margaret Rouse
Technology Expert

Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.