CAPEC-474 - Signature Spoofing by Key Theft

An attacker obtains an authoritative or reputable signer's private signature key by theft and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Severity

Likelihood

Confidentiality

Integrity

Availability

  • Attack Methods 2
  • Analysis
  • Spoofing

Low level: Knowledge of common location methods and access methods to sensitive data

High level: Ability to compromise systems containing sensitive data

An authoritative or reputable signer is storing their private signature key with insufficient protection.

Restrict access to private keys from non-supervisory accounts
Restrict access to administrative personnel and processes only
Ensure all remote methods are secured
Ensure all services are patched and up to date