What is an Evil Maid attack?

An evil maid attack is a security exploit that is characterised by the attacker’s ability to physically access a computing device that has been left unattended. As far-fetched as this analogy sounds, the rate at which attacks like these occur makes this term more real.

You’re on location for a meeting and check into a hotel for this business trip. Leaving your belongings in your hotel room is a no-brainer and pay no mind to the safety of your belongings. A competitor or anyone with a malicious motive enters your room while you’re away without anyone’s knowledge or consent and manually copies your entire drive while planting a virus onto your device simultaneously.

 

Evil maid attacks are one of the hardest things to defend your network against. You can encrypt your laptop or any other device, but the “maid” could predict and counter that with a password catching virus that may have been planted on your device. You can run anti-virus software to identify and destroy the infection, but you have to type in your password before you can run the scan. This is just an example of why it is that much harder to protect your network from someone who has physical access to your device.

These are all extreme cases, but if you just want to ensure that your data is secure at home or when you’re travelling, have a look at the following tips:

 

• Never leave your unlocked device unattended.

Build up your discipline by being extremely diligent about this.

 

• Shut down your laptop or PC when you’re done with it.

An attacker has less opportunity to execute certain classes of hacks with a fully shut down device.

 

• Consider full disk encryption.

An encrypted disk limits the hacker from tampering with its contents and returning it to its source undetected.

 

An encrypted device that has been locked with a secure password and shut down correctly will be secure from anyone, except the malicious “evil maid”.