17Physical Attacks
This chapter covers possible attacks when the attacker has complete, physical control over an MFA solution. Many of the previous chapters included physical attacks related to the particular subject of the chapter, but this chapter examines physical attacks that could be successful against any, or most, physical MFA solutions.
Introduction
If an attacker has unrestrained physical possession of your MFA device with unlimited time and resources, they are very likely going to compromise it. That's just a fact of life. In Chapter 7, “Endpoint Attacks,” I mentioned the infamous Microsoft 10 Immutable Laws of Security (blogs.technet.microsoft.com/seanearp/2007/03/25/immutable-laws-of-security). Three of those laws directly apply here:
- Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore.
- Law #7: Encrypted data is only as secure as the decryption key.
- Law#10: Technology is not a panacea.
These laws have so far never been proven wrong. Several types of physical attacks are covered in the next section.
Types of Physical Attacks
Let's explore three types of physical attack categories that impact MFA solutions.
Physical Viewing of Secrets
Viewing or obtaining the authentication secrets held by an MFA device is one of the most common physical attacks. The most commonplace method is shoulder surfing, whereby an attacker is able to view an authentication secret as it is viewed and/or used by the legitimate user. It's ...
Get Hacking Multifactor Authentication now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
