The WSL2 architecture video lists two motivators from WSL1 based on number of Github issues. One of them being file performance and the other syscall compatibility with some specific examples being the ptrace syscall and Docker compatibilty.
https://youtu.be/lwhMThePdIo?t=755
If the motherboard of the PC being controlled supports Wake-on-Lan that may be a viable option to send a packet from the local subnet to boot up the computer.
https://en.wikipedia.org/wiki/Wake-on-LAN
This is how we implemented it at an ISP I worked at before. All our peering routers sampled traffic using IPFIX and sent it to an Arbor collector for fingerprinting and analysis. If the collector detected malicious flows it would automatically send a BGP Flowspec message with the list of malicious flows to our peering routers. The BGP Flowspec message would cause our peering routers to redirect the matched traffic to a Arbor TMS server which would scrub the DDoS traffic from the dirty traffic and send the cleaned traffic back to our routers to be routed normally to the end-user. There are other ways to mitigate DDoS but this is what ended working best for us.
The HN submission for the youtube video also has discussion about the same topics. https://news.ycombinator.com/item?id=19868282