Skip to content

Trending tags

How to Avoid an ‘Evil Roommate’ Attack

Sandra Proske

15.02.18 3 min. read

The “evil maid” may be the most intriguing character in all of cyber security.

Security researcher Joanna Rutkowska first used the phrase in 2009 to identify the sort of attacks that criminals can launch on unattended equipment in a somewhat public place like a hotel room. And this maid is pretty fearsome. “An ‘evil maid’ with unlimited time at their disposal will always be successful…” a new report entitled “F-Secure’s Guide to Evil Maid Attacks” explains.

Some attackers are skilled that they can replace your entire device with an identical one without you knowing it. Thankfully, if you’re not an executive, a public official, a journalist or someone else whose laptop could yield access to valuable data, you aren’t likely to be targeted by a top-of-the-line “evil maid.”

Most of us are far more likely to be the victim of an “evil roommate” or a “prying spouse” or an “annoying colleague” attack. While these “attackers” may be highly motivated, they aren’t likely to be as highly skilled as unethical or ethical hacker who can pick your room’s lock, boot up your laptop and gain remote access in just a few minutes.

If you want to know all the steps you can take to secure your laptop against these master maids, check out the report. But if you just want to make sure that your data is secure at home and when you’re traveling, here are a few tips that are relevant for most everyone.

1. Never leave your unlocked device unattended.
If you’re not using your PC, phone, or tablet, it should be locked using as long of a code as your device will allow. And no, using your face to lock a device still isn’t a secure option. Be ridiculously diligent about locking down your equipment to build up your discipline. If you’re traveling and aren’t a valued target, you can probably leave your laptop in the room safe. But keeping your devices, down to your USB sticks, with you at all times is the best option.

2. Shut down your laptop or PC when you’re done with it.
“Maintaining a fully shut down state gives less opportunity for an attacker to carry out certain classes of hacks,” the report states. It also means the attacker will have to spend more time and assume more risk to invade your machine.

3. Consider full disk encryption.
“When your disk contents are not encrypted, an ‘evil maid’ could simply remove the hard drive from your laptop to quickly gather, or tamper with, its contents and then put it back,” the report states. And even if you aren’t likely to face an attacker with the skills to do this, you should consider this lock on your hard drive that will make it useless to anyone but you. Here’s more information about this for your Windows and Mac devices.

An encrypted disk on a machine has been shut down properly will be secure from anyone, except the the mythical “evil maid.”

Sandra Proske

15.02.18 3 min. read


Related posts

Newsletter modal

Thank you for your interest towards F-Secure newsletter. You will shortly get an email to confirm the subscription.

Gated Content modal

Congratulations – You can now access the content by clicking the button below.