Off isn’t always off.
It’s extremely unlikely.
Conditions have to be just right for a turned-off computer to get hacked. I’ll describe those and show you how to prevent it.
Become a Patron of Ask Leo! and go ad-free!
Computer hacked if it's off?
In order for a turned-off computer to be hacked, it must first somehow be remotely powered on, either by the “Wake on LAN” feature (which is normally disabled) or if standby mode resumes unexpectedly. Then the computer must also be vulnerable in some way while it’s running. As long as you follow common security best practices, the risk is small.
Hacking a turned-off computer
In general, the answer is no, you cannot hack into a computer that’s been turned off.
Unless two conditions are met, the PC cannot be restarted and hacked from outside, even if you leave it connected to the internet and to power.
One of those conditions involve a feature called “Wake on LAN”. If it is enabled, it allows a PC to be remotely turned on and booted. When enabled, the network adapter for the computer is not turned off completely. Instead, it monitors for specific instructions arriving via the network telling it to wake up. When those instructions are received, the computer turns on and boots.
The other condition is nothing more than a lack of security. If the PC turned on remotely did not have appropriate security software installed and was not behind a firewall, then it is conceivable the PC could be hacked remotely.
One caveat: standby
It’s not uncommon for a laptop to be placed into standby mode only to wake up on its own a while later. The exact reasons this happens vary — I can’t give you a simple explanation.1
There is a simple workaround: if you find your laptop waking up on its own and it concerns you, don’t use standby.
If standby works for you, great, but I generally avoid it for a variety of reasons, including this one.
Allowing remote access
Hacking a turned-off machine is extremely unlikely. Two things have to line up for it to happen.
- Wake on LAN needs to be enabled. It’s a setting in the UEFI or BIOS that’s off by default. (Or you’re using standby and it wakes up for unknown reasons.)
- The computer needs to be vulnerable to being hacked while running. Avoid that with up-to-date security software, firewalls, and internet safety best practices.
So, as I said, it’s possible.
It’s just extremely unlikely.
Footnotes & References
1: Or any explanation at all, really. It seems really, really random.