A company's Tencent Cloud server was attacked and automatically isolated, and then shut down by the staff. However, after shutting down the server, the Tencent Cloud console continued to detect abnormal activity, extending the isolation period. This has left the team puzzled, wondering if a shut-down server can still be attacked. Some experts claim that a shut-down server is no longer vulnerable to attacks, while others, including Tencent Cloud's customer support, say it is still possible. I am seeking clarification on this and would appreciate it if someone could provide an explanation for how this is possible.