An attack targeting a device that has been shut down and left unattended. The attacker physically accesses the target device without the owner's knowledge (as an untrustworthy cleaning crew might rummage an office's physical files—hence, "evil maid").