Evil maid” attacks can be anything that is done to a machine via physical access while it is turned off, even though it’s encrypted. An evil maid attack is characterized by the attacker’s ability to physically access the target multiple times without the owner’s knowledge. evil maid’ attack represents a very specific threat with limited opportunity for exploitation. Evil Maid is fundamentally malware. Neither attack demonstrates flaws in the underlying cryptographic security of any other full disk encryption product.
A security firm, F-Secure has issued a fresh warning about possible evil maid attacks by exploiting Intel’s Active Management Technology and other techniques. The spate of fresh evil maid attacks in the wild was discovered by F-Secure senior security consultant Harry Sintonen.
Who is the target of Evil Mad Attacks?
How to protect against evil maid attacks?
- Use a strong password and change it often – Most users realize that it is unwise to enter their password into a computer given to you by an unknown individual. Once an attacker has installed a new operating system on your computer, the computer may still look like your computer, but it is no longer yours. It is now the attacker’s computer. If you type your password into the attacker’s computer, your password will soon be theirs as well.
- Never leave computing devices or small peripherals, such as USB drives, unattended.
- Avoid using any unknown peripheral.
- Ensure BIOS and firmware updates are always applied without delay.
- Enable input–output memory management unit (IOMMU) features.
- Enforce secure boot protection and change full disk encryption keys on a regular basis.
- Set a password on the bios to prevent changes to the bios.
- Only boot the system off of the hard drive.
- Set up alerts for changes to the hardware.