CAPEC-474

Detailed Abstraction Level
Meta — Very abstract, high-level category
Standard — Specific enough to understand
Detailed — Tied to specific technique
Draft MITRE CAPEC Status
Stable — Fully reviewed and complete
Draft — Under development
Incomplete — Partially defined
Deprecated — No longer recommended
Obsolete — Replaced by another CAPEC
Likelihood: Medium Severity: High
Signature Spoofing by Key Theft

Description

An attacker obtains an authoritative or reputable signer's private signature key by theft and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Prerequisites

An authoritative or reputable signer is storing their private signature key with insufficient protection.

Mitigations

Restrict access to private keys from non-supervisory accounts

Restrict access to administrative personnel and processes only

Ensure all remote methods are secured

Ensure all services are patched and up to date

Skills Required

[Low] Knowledge of common location methods and access methods to sensitive data

[High] Ability to compromise systems containing sensitive data