Helping people with computers... one answer at a time.

Hacking a turned-off computer requires a few mistakes on your part. It's unlikely, but possible.

In general, can a PC with no remote software be hacked if it is powered off? The power supply, the internet cable are still connected to the PC. In my discussions with others, 50% say yes, 50% say no. An internet search was also divided in response with no agreement.

In this excerpt from Answercast #12, I walk through an unlikely scenario that could allow a turned-off computer to be hacked and show you how to prevent this from happening.

Fifty percent say no?

Yeah, welcome to the world of computers where there are very rarely black-and-white answers.

One of my most common phrases (that I actually get kidded about from a couple of my assistants) is "It depends." There are very rarely answers that are just yes or no. This happens to be one of them.

Hacking a turned off computer

In general, typically, the answer is "No."

Your PC is off; it's not doing anything. Unless you've taken some extra steps, the PC will not be able to be restarted and hacked from outside if it's been turned off; even if you leave it connected to the internet and to power.

The exception to the rule (and the reason it's not a black-or-white answer) is there is a feature in the network adapter that, when enabled, allows a PC to be remotely turned on and booted. So, in a scenario like that, if the PC has been configured to respond to that request (the remote power-on and the remote boot), then the PC could be turned on remotely.

If at that point the PC did not have appropriate security software installed (say it was not behind a firewall and it did not have anti-spyware, anti-virus... the firewall being the most important part of that equation), then conceivably, it is possible that the PC could be hacked remotely from being powered off.

Allowing remote access

You'll see that this is extremely unlikely. A lot of things have to line up for it to actually happen. You have to have this remote power-on ability (Wake on LAN) turned on in the network; most computers do not.

It's something you have to turn on yourself. If you haven't turned it on; it's probably not turned on. It's a feature in the BIOS in most cases.

And... the PC has to be fundamentally insecure. In other words, it has to be vulnerable when it's running to be being hacked. That's something you can control by putting appropriate security measures into place.

So, like I said, "Sure, it's possible."

It's just extremely unlikely, and you have to make a couple of mistakes to allow it to happen.

Article C5253 - April 26, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

7 Comments
Fred Nerd
April 27, 2012 3:05 AM

My reply (to a normal user) would be "No, BUT your gmail/Hotmail/Facebook/bank/anything-else-online account can be."

Me
April 27, 2012 8:16 AM

I remember once reading a webcomic somewhere. In the first panel it showed the "Hollywood version" in which this guy tries to stop the hacker from accessing the root account but then it doesn't work. Then the second panel had the "reality" version which was just the guy unplugging the computer from the socket. It was pretty funny. Unfortunately I dont remember where I saw it.

Gwyn
April 27, 2012 8:30 AM

An interesting article, as usual. Is your pc less vlulnerable to hackers/malware than it would be othgerwise, if you click on "go offline" before putting it on standby?

Not really. "Go Offline" really only impacts the browser and perhaps the mail program, not networking as a whole.
Leo
29-Apr-2012
Tom R.
April 27, 2012 12:43 PM

#Gwyn: No, that makes no difference. I'll assume that you're referring to the "work offline" command found under the File menu of browsers and email programs. That function merely "disconnects" that program from an active connection to the Internet, it doesn't affect your computer's connection to the Internet. I've never used that function myself as I see no clear benefit to "working offline."

Gwyn
April 27, 2012 3:22 PM

#Tom R: Many thanks for your explanation.

Senrt
April 27, 2012 7:55 PM

All you need is an axe and you can hack any computer, whether it's on or off.

Gwyn
April 29, 2012 11:28 AM

'Not really. "Go Offline" really only impacts the browser and perhaps the mail program, not networking as a whole." '
Thanks for the explanation Leo. In my case it does in fact shut off both the browser and the mail program.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.