Anti-Sleep Software

The subject installs or enables software, scripts, or hardware devices designed to prevent systems from automatically locking, logging out, or entering sleep mode. This unauthorized action deliberately subverts security controls intended to protect unattended systems from unauthorized access.

Characteristics

• Circumvents policies enforcing session locks, idle timeouts, and mandatory logout periods.
• May involve third-party applications ("caffeine" tools), anti-idle scripts, or physical devices such as USB mouse jigglers.
• Typically deployed without organizational approval or awareness.
• Leaves systems continuously unlocked and accessible, undermining endpoint security and physical safeguards.
• Renders full disk encryption protections ineffective while the system remains powered and unlocked.
• Creates opportunities for unauthorized access, data exfiltration, or device compromise by malicious insiders or third parties.

Example Scenario

A subject installs unauthorized anti-sleep software on a corporate laptop to prevent automatic locking during idle periods. As a result, the device remains accessible even when left unattended in unsecured environments such as cafes, airports, or shared workspaces. This action bypasses mandatory screen-lock policies and renders full disk encryption protections ineffective, exposing sensitive organizational data to theft or compromise by malicious third parties who can physically access the unattended device.