Evil Maid Attack

Definition - What does Evil Maid Attack mean?

The evil maid attack is a specific type of physical security vulnerability that may be part of a cybersecurity professional’s lexicon. The evil maid attack represents an example of how hackers with physical access to systems can beat various cybersecurity standards, including full encryption of what's on a device.

Techopedia explains Evil Maid Attack

In order for hackers to get access even with total encryption, the evil maid attack works through the use of a keylogger.

Here's the situation – an unidentified rogue actor accesses an unattended device and installs the keylogger. Then he or she waits for the user to generate a user session. After that, if the user leaves, the evil maid character can come back to the device and harvest the keylogger information, to get passwords or public keys or whatever is needed to get through the encryption.

Security professionals use the evil maid attack as an example and an illustration of how to improve physical site security. Since the evil maid attack relies on repeated unintended access to a device, there are straightforward fixes that companies can put in place to minimize the chances of one of these attacks happening.

Share this: