Go to Part 1

These tools are designed to be of use when prepping or improvising with the tactical hacking system.

GENERIC TERMINAL STAT BLOCKS

These generic terminals can be quickly plugged in while quick-stocking or improvising a location. Alternatively, they can serve as tweakable building blocks. (For example, you could snag the stats for a security hub and then crank up its access cap to reflect the fact that it gives access to the video archives for the building’s security cameras.) In any case, they should give you some sense (however vague) of what the system is capable of.

Employee Terminal (access cap 10, intel value 1, security modifier +0): These are the types of generic units you can find strewn around any typical office complex.

High-End Terminal (access cap 20, intel value 1, security modifier +0): Either specialized machines that are more likely to be used on sensitive projects or computers belonging to corporate managers, gang lords, or other key personnel.

Secured Terminal (access cap 30, intel value 3, security modifier -2): This is a system with highly sensitive information and the user knows it. Tough to crack, but worth it.

Hacker’s Dream (access cap 30, intel value 2, security modifier +2): Operated by a user with access to sensitive information, but no sense of security. (The kind of guy who leaves his workstation logged in overnight or who uses “123456” as his password.)

Personal Assistant (access cap 25, intel value 2, security modifier +0): A smartphone, datalink, cyberhub, or similar portable device. People will run their entire lives through these thin wafers of silicon… but often not give a lot of thought to properly securing them. They can be harder to get physical access to, but are often easily cracked.

Corporate Server (access cap 40, intel value 5, security modifier -5): Either a repository of the organization’s sensitive data or allowing access to a broad array of systems. Corporate servers are like treasure chests for the tactical hacker.

Security Hub (access cap 15, intel value 1, security modifier -4): Security hubs usually aren’t repositories of sensitive data, but they often provide access to valuable functionality (in the form of special features).

RANDOM TABLE OF SPECIAL FEATURES

This table of terminal special features is far from exhaustive, but can hopefully serve as a source of inspiration. They’re presented as a random table to facilitate their use during stocking or improvisation. (Assume 1 terminal in 6 has a special feature if stocking randomly.)

I’ve recently been playing through Deus Ex: Human Revolution. I’ve been enjoying it so much that I’m virtually certain that there’ll be a replay of the original Deus Ex in my near future.

One of the really great features in both titles is your ability to hack dozens or hundreds of computer terminals throughout the game, revealing data – from the variety of electronic communications you eavesdrop upon – that can provide you with valuable operational intel, deeper insight into the conspiracy, and access to unique resources.

This kind of “information in depth” works wonders in terms of immersing you into the game world; it’s also a lot of fun. But replicating this kind of experience in a tabletop RPG is really difficult: Even if you don’t go so far as to prep individual handouts for every e-mail and chat log the PCs uncover, it would still require an almost insane amount of prep work in order to customize the contents of the dozens of computer terminals in a typical complex.

To solve this problem, I’ve thrown together a simple-to-prep game structure for tactical hacking. This system assumes a couple of things are generally true: First, the hacker is opportunistically targeting systems to compromise. Second, the primary goal of the hacker is to accrue information. (The structure includes some minimal support for other hacking strategies, but they’re not the primary focus of the structure.)

For the sake of simplicity, I’m going to assume a D20-style system with a single Hacking skill. But it should be fairly easy to modify these guidelines for any RPG with discrete action checks.

NETWORKS

Each network is defined by a Network Intel Table (NIT). Each entry on the NIT is a discrete piece of information with an associated difficulty class. (In practice, it looks very similar to a Gather Information table.)

Note that the term “network” is not necessarily being used in a literal sense, but rather as a convenient way of referring to multiple systems or accounts that are somehow meaningfully related to each other. (For example, the home computer of Sansasoft’s district manager may not be directly wired into the corporate infranet, but the e-mails on her computer could easily contain compromising information, so for the purposes of this system it would be considered part of the “Sansasoft Network”.)

TERMINALS

Terminals refer to any computer, cellphone, access point, or user account that the PCs can attempt to hack. Each terminal is rated with an access cap, an intel value, and a security modifier. Some terminals may also have special features.

Access Cap: The maximum DC that can be achieved on a Hacking check using that terminal. If a higher result is rolled, the excess is ignored. (For example, a hacker named Panda is using a terminal with an access cap of 15. Rolling her Hacking skill, she gets a result of 22. Despite that, the result of her check is treated as a 15.)

Intel Value: The intel value of the terminal determines the maximum number of entries that can be gleaned from the Network Intel Table.  (For example, Panda’s DC 15 result on her Hacking check is high enough to theoretically access the first six pieces of information on the Network Intel Table. But if the system she’s using only has an intel value of 2, she’ll be limited to two pieces of information.)

Security Modifier: Modifies the skill check made to hack the system. For example, a cellphone with a -4 security modifier applies a -4 penalty to a hacker’s skill check.

TERMINAL SPECIAL FEATURES

These special features (and any others you can imagine) can be added to any terminal. In fact, a single terminal might have several special features.

Communications Control: The terminal allows monitoring and/or control of local communication channels.

Data Tunnel: A data tunnel connects one terminal to another terminal. Each data tunnel is rated with a DC. With a successful Hacking check, a hacker can use the data tunnel to access the remote terminal. Some data tunnels might also grant bonuses when attempting to hack the remote terminal they link to.

High-Value Content: A high-value system grants a bonus to the hacker’s highest result on the Network Intel Table to date. (The more valuable the system, the higher the bonus.)

Specific Content: Although the point of this tactical hacking system is generally to avoid coding specific information to specific systems, in some circumstances it may still be valuable to do so. Specific content could also refer to security maps, data network maps, or other mission-valuable intel.

Systems Control: The terminal can be used to control surveillance cameras, robots, gun turrets, environmental controls, navigation systems, or any number of other “real world” systems.

PREP LIST

For the purposes of tactical hacking, think of each “network” as a body of related information. Each terminal on the network is a system or account which either houses part of that body of information or has access to it. It is assumed that there are a multitude of ways to discover each piece of information in the network. (For example, a hacker could discover Sansasoft’s illegal digital smuggling by reading compromising e-mails; performing forensic examinations on black book budgets; decrypting incriminating communication intercepts; discovering off-book shipping manifests; or any number of other possibilities.) If a piece of information can really only be discovered in a specific way, then that’s specific content that should be keyed as a special feature to a particular terminal.

When prepping a network for tactical hacking, you first need to prep the Network Intel Table. Here’s a sample:

(I’ve included a potential explanation for how the hacker could access each piece of information. You could expand on that by creating full handouts for each piece of information; or you could skip that and just improvise the details during play.)

Second, you need to prep a list of the terminals on the network. (Such a list could also easily be integrated into a location key or other reference as appropriate.) For example, you might stat up the customer service terminals at Sansasoft like this:

CS Terminals (access cap 15, intel value 1, security modifier +0): There is a 1 in 10 chance that any given customer service terminal will instead have no access cap (due to an unusually compromising internal e-mail). Otherwise, hackers can gain no more than 3 pieces of intel in total from all customer service terminals.

RUNNING THE SYSTEM

When a PC wants to hack a terminal, follow these steps:

(1)   The character makes a Hacking check.

(2)   Modify the check by the terminal’s security modifier.

(3)   Check to see if the terminal’s access cap applies and reduce the effective check result if necessary.

(4)   Use the character’s effective check result to determine the number of previously unrevealed pieces of information they can discover. If this number is larger than the terminal’s intel value, randomly determine which pieces of intel they receive.

Alternatively, you could randomly determine between all possible pieces of intel (which could result in them learning nothing new due to duplication from previous efforts).

Go to Part 2: Tools for Tactical Hacking