Our computers are the heart and soul of the home in more ways than one. There are certain people out there who would wish not to believe that, however, when you consider that all of our financial information, personal data, likes, dislikes, addresses, and phone numbers are on servers somewhere, your computer takes on a whole new meaning.

Even if a hacker doesn’t get a hold of your exact credit card details, they may still be able to access your online shopping accounts using an obtained password and order gift cards to their own email address.

With that knowledge, the idea of protecting your computer and all of your various passwords and information becomes that much more important. A single breach means that everything is vulnerable. In the world of computers, that vulnerable information can be gathered and taken in microseconds. 

So, what can you do? You can have a VPN, own the best antivirus software, and go out of your way to be ever so careful when you use your PC or laptop. None of that changes the reality that there is no such thing as absolute protection.

We all know that when we’re browsing the web or interacting on social media our computers are vulnerable to attack.

But what about when our computers are turned off? Are we then completely protected?

Can A Computer Be Hacked If It Is Turned Off?

A computer with a virus

If the computer is completely turned off, it cannot be hacked. That includes any kind of computer, whether it’s a laptop, PC, tablet, smartphone, smart TV, or any other device that has a computer in it and connects to the internet. 

Now, there is plenty of discourse on the internet that contests the idea that a computer can’t be hacked while it is off. Maybe there is some merit to their arguments. However, the experts tend to err on the side of “no, it can’t” or “it’s extremely unlikely.”

Even if you have some kind of home smart system set up and a hacker is able to hack into it and power on your PC remotely, your PC would have to be connected to the mains. So maybe switching the electricity off at the socket would add even more protection.

At some point or another, the primary question has to be asked, “can a hacker breach an open circuit?” What is an open circuit? If you’re not an electrician, picture a copper wire with electricity running through it. Now, picture that copper wire being split and separated in the middle.

Electricity can no longer pass through the entire cooper wire because electricity needs a conduit through which to travel. Hence, the circuit is “open.” Would a plugged-in ethernet cable on an active gateway constitute a closed circuit? 

That’s true, however, if there is no power to the device, it can no more function as a focal point for an attack than it can run a game because it’s off. There are also two other points to consider. 

The first is a feature known as “wake on LAN.” If this feature is on, it allows the PC to be remotely turned on. Wake on LAN keeps the network adapter running in the background until it receives the command.

Can My Computer Be Hacked If I Am Not Online?

Technically, your computer cannot be hacked if it is not online, at least not remotely. There are ways to hack an offline computer if it was physically accessed or accessed with a connecting device or just by being very close by. There are a few ways in which this can be done.

  • “DiskFiltration” Attack
  • Fansmitter
  • BitWhisper
  • Wired keyboards and laptops
  • USB device 
  • Social Engineering

Things get pretty interesting from here. While gaining access to a computer through a USB port is nothing new, some of these other exploits are pretty bizarre and, thankfully, pretty rare. At least we hope so.

Diskfiltration

Such a strange word that seemingly has so many potential definitions. What it boils down to, is the computer is effectively infiltrated through the use of sounds.

That’s right, gaining access to a computer by analyzing its sounds. Fortunately, this only really works when the computer in question is using an HDD rather than an SSD.

The Hard drive makes a lot of noise as it spins up and the sound can be so precisely analyzed that information can be culled from it.

Fansmitter

Another weird one is the exploitation of the fan’s communication with the motherboard. The way the fan operates, it can be tricked into pulling information from, rather than sending information to, the motherboard.

Bitwhisper

This exploit attacks an offline computer by analyzing heat. The problem is, there have to be two computers side by side. So, it’s nearly impossible to pull off.

We think you would probably recognize that something isn’t right if a new desktop tower showed up right next to yours all of a sudden.

Wired Keyboards, Laptops, and USB Devices

This is the most common way to infiltrate an offline computer. The devices in question are anything that plugs into one of your USB ports. 

The hacker would need access to your USB devices beforehand, to set up the code for when the device is connected.

Social Engineering

All this boils down to something like a fishing expedition. Leave a corrupted USB thumb drive laying around. The idea is that some employees will eventually pick it up and plug it into a computer out of curiosity.

Curiosity might not kill the cat this time, but it will definitely kill the employee’s job.

Related Article: Can A Computer Mouse Get A Virus? (And What To Do)

Can Malware Work When A Computer Is Off?

Malware cannot work when your computer is off. Malware is a set of instructions written in some sort of low-level computer language that will carry out malicious tasks on your device as long as the current state of RAM is running. All programs, including malware, run on RAM and when a computer is switched off, the current state of RAM is deleted and the malware cannot work.

Turning your computer off and on is effectively a reset and will likely ruin any existing malware the moment that you do it. However, there is malware out there that can survive (persist) through a reset.

So turning your computer off may be somewhere in the ballpark of 80% effective, largely depending on the type of malware that you’re dealing with.

There are three places that malware can hide if you attempt to kill it with a reset. 

  • Rootkit
  • Partitions
  • Firmware

Malware in the rootkit is designed to hang out there while the indicted portion on the hard drive is reset. When the computer reboots, what’s in the rootkit reinfects the hard drive.

One of the more aggravating aspects of malware that is written in a certain way is that part of its program is to copy itself over onto the recovery partition.

Talk about aggravating. Every time you try to restart your computer from a recovery point, you’re effectively resurrecting the malware to rage across your computer again

BIOS and UEFI are the targets for malware that has infected your firmware.

Resetting the PC is meaningless since the malware is simply rebooted with your BIOS.

Can Viruses Work Without The Internet?

Viruses can still work without the internet. For example, a worm is a type of self-replicating computer virus that can spread locally without the need for an internet connection. A worm will continue to propagate, infecting more and more files or processes on your system the longer you leave it unchecked.

Look at it this way. If someone has a cold and sneezes in your face well, the cold virus makes its way down into your system and starts to cause a lot of problems. Does the cold virus go away because you removed yourself from the person who sneezed on you? Nope. 

Viruses are most often tested in offline environments and the internet simply serves as a conduit through which the virus can travel from point A to point B, with point B representing your computer. 

If your computer never had the internet, to begin with, we discussed a number of ways that a virus can still find its way onto your offline computer.

While not having the internet changes the dynamics and makes things more difficult in terms of transmission, it’s still possible. 

Once your computer has a virus, however, disconnecting your computer from the internet won’t make a bit of a difference. It’s already there, copying itself and creating mayhem on your SSD and anywhere else it is programmed to attack.

Can Hackers Access Your Computer In Sleep Mode?

While we haven’t focused on sleep mode yet, we’ve already discussed the fact that a hacker can access your computer just by listening to the funny sounds your hard drive makes, or the communication signals of your fan.

If a hacker can accomplish that, then you know they can get into your computer while it’s in sleep mode. In fact, Microsoft revealed one way that hackers can access a sleeping computer back in September of 2018. They’ve probably gotten more imaginative since then. 

The 2018 exploit involved some level of physical access, however. The hacker would need to get ahold of your laptop, make changes to your firmware, perform a cold reboot with a USB, and gather all of your encryption keys. 

According to F-Secure, an internet security company, “Using a simple tool, Olle and Pasi learned how to rewrite the non-volatile memory chip that contains these settings, disable memory overwriting, and enable booting from external devices.”

The only company that claims their hardware is unaffected by the exploit is Apple but only in MacBooks that have Apple’s T2 chip or newer. The “Wake on LAN” issue was discussed in some detail above, and it’s another way that a hacker could potentially infiltrate your computer while it’s in sleep mode. 

One way that you can always ensure that your computer is unaffected by “wake from LAN” is to always power down your computer completely. Save anything that you are doing that you need to continue with later on and shut the computer completely down. 

Of course, never leave your computer in a position where it could be physically accessed either. If you are in Starbucks and need to go to the bathroom, for instance, pick that laptop up, close it, and take it with you. The laptop won’t mind.

Can A Hacker Turn On My Computer Remotely?

The aforementioned “wake on LAN” is the method that a hacker would use to turn your computer on remotely, so it can be done. 

However, it’s a pretty rare attack. For one, the feature has to be turned on, if it’s not already on by default, although it’s not supported beyond Windows 8.

All of the other methods require some sort of physical access, whether it’s directly on your computer or in the same room as your computer, through some of the aforementioned methods. 

It’s important to ensure that all of your remote access features are turned off when using your computer. Although it is highly doubtful anyone can get in that way, just about anything is possible these days. 

There are also ways to check and see if someone is accessing your computer remotely. Stay on top of your recent activities. 

  • Open Documents
  • Select “This Computer”
  • Select “File Explorer Folder”
  • Look at all of the files that you have recently accessed

If you have a whole bunch of files in your recent tab and you have no recollection of doing anything with those files recently, there’s a distinct possibility that you’re either not the only one using your computer, or that someone is accessing it remotely. 

Also, check your browser history. Every browser compiles its own history in an easy-to-access folder either online or offline. Check it routinely to ensure that the history only contains what you have done.

How Can I Tell If I’m Being Hacked And What Should I Do?

There are several ways that you can tell if you are being hacked, a couple of which (checking your files and browser history) we’ve already mentioned. Those are the primary ways for you to check. However, your computer will also have symptoms. 

When someone is remotely accessing your computer, it’s a drain on the processor, on top of whatever it is that you are doing. You will notice a change in your computer’s speed, whether it’s opening files or browsing the internet. 

You may get ransomware and antivirus messages left and right. Your internet searches are often completely redirected. Certain normal features are disabled. Your bank accounts are draining really fast. 

There are some online tools that you can make use of to find out if you are currently a victim and your computer is compromised. The first is “Have I Been Pawned?” and the second is “Dehashed.” 

If you have been hacked, there are several things that you should do, first and foremost.

  • Contact all of your friends and family members, especially if any of them are associated with any of your accounts, both social and financial
  • Contact your financial institutions
  • Close all of your social media accounts
  • Close all of your online accounts
  • Completely factory reset your computer
  • Reset all of your passwords using a different, unrelated computer

It’s important not to use the same computer to reset your passwords, even if you have factory reset the computer. You never know if there is an inkling of connection that still exists between the computer and the hacker, so change your passwords elsewhere.