Jump to content

PC Vulnerability while in Standby (Sleep) Mode?


Scoop

Recommended Posts

I've been reading some articles about the question:

 

"Is your PC vulnerable to a cyber attack while in Standby mode?"

 

As with numerous questions like this one, I'm reading some opposing answers so I was wondering what the MBAM forum aces think about this.

 

Here's what I think are the definitions of the Standby Modes (Windows):

 

S1 (Sleep). The CPU is stopped; The RAM is regenerated; the system functions in reduced power.

 

S2 (Sleep 2) The CPU does not have any power; The RAM is regenerated; the system is in lower mode of the S1.

 

S3 (Standby) The CPU does not have any power; The RAM regenerates at minimum; the power supply unit is in mode of reduced power. This mode is also called “Save to RAM”.

 

S4 (Hibernate). All is powered off, but the memory was saved like temporary file on the hard drive. This mode is called “Save to disk”.

 

* Hybrid Sleep: Combination of S3 and S4 modes, primarily designed for Desktop PC's.

 

* (I think I have this correct)

 

I'm currently using S3 mode with Hybrid Sleep disabled in Powercfg since I always close all apps, files, etc, before invoking Standby and don't need the environment to be saved to the HDD. I like the faster wakeup time with S3 mode.

 

Is a PC vulnerable to any malware / virus attack when in Sleep mode?  This assumes that the PC's 'net connection remains connected while unattended.

 

The other question that I have is:

 

Has anyone heard of situations with a PC getting attacked immediately after wakeup, ie, do malware / virus items que up or "stage" themselves, waiting for the PC to be awakened after a Standby state?

Link to post
Share on other sites

It is certainly LESS vulnerable in Sleep or Hibernation Modes.  However that can be reduced even further by not allowing a "Magic Packet" to awake the PC from sleep mode.

 

Being behind a NAT Router or a NAT Router with a full firewall implementation will mitigate the possibility of a Wake on LAN (WoL) packet accessing a PC on the LAN side (that is unless one specifically sets a port forwarding rule).  Disabling WoL and using a NAT Router will mitigate any Cyber Threat.

 

The same can be said for USB devices.  You can Disable "Allow this device to wake this computer".   However if there were a threat it would be a case of the Insider Threat and there may be other things that they can do anyway.

Link to post
Share on other sites

It is certainly LESS vulnerable in Sleep or Hibernation Modes.  However that can be reduced even further by not allowing a "Magic Packet" to awake the PC from sleep mode.

 

Being behind a NAT Router or a NAT Router with a full firewall implementation will mitigate the possibility of a Wake on LAN (WoL) packet of accessing a PC on the LAN side (that is unless one specifically sets a port forwarding rule).  Disabling WoL and using a NAT Router will mitigate any Cyber Threat.

 

The same can be said for USB devices.  You can Disable "Allow this device to wake this computer".   However if there were a threat it would be a case of the Insider Threat and there may be other things that they can do anyway.

 

David,

 

Thanks for the info about the Wake on LAN possibility regarding this question.

 

I have Wake on LAN enabled on my Laptop which I use within the Windows 7 "Homegroup" network through my Router so that I can wake my Laptop from my Desktop PC.  I do that to wake the Laptop before I run a file-copy script with "Autohotkey", a freeware script tool.

 

I'm not sure if this makes my Desktop PC more vulnerable as you mentioned in your post since I use the Magic Packet to wake the Laptop from my Desktop and not vice versa.

 

I'm assuming that I have "Wake on Lan" enabled in my Desktop's BIOS since I'm able to run the Packet from the Desktop to my Laptop.

 

Since my Desktop PC is my everyday workhorse PC, that's the one I'm curious about regarding the vulnerability question and how it relates to your advice on Wake on LAN being enabled in my Desktop PC.

 

I used this link for instructions to set up my homegroup Packet from the Desktop PC to the Laptop PC;;

 

Wake on LAN

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.