Running the Net
“Computers are like Old Testament gods; lots of rules and no mercy.”
There are many different rules for using computers and how they interact with the Net – protect your passwords, don’t jack into a site you don’t trust, keep a virus scanner running at all times. Those rules haven’t changed much from the early 21st Century – if you want to know more, go pick up an old book.
Hacking a system requires three steps – Getting a Connection, Breaking In, and Accessing the System. To hack at all, though, requires knowledge of computer Interfaces and Levels of Access.
There are four basic interfaces to the ‘net: old-fashioned physical terminals, augmented reality, virtual reality, and total immersion interfaces. An interface, especially an AR, VR, or Total Immersion interface, is often called a ’rig’.
The Interface Modifier
The Interface Modifier is an abstract method of detailing how fast and easy to use a particular interface is. An interface with a -2 Interface Modifier is extremely clumsy to use, while an interface with a +4 Interface Modifier is highly intuitive to use, allowing fast access to almost any device.
A negative Interface Modifier applies to all rolls to use the computer’s systems, from writing to piloting a vehicle. This is typically offset by Taking Extra Time – twice as long to eliminate a -1 penalty or four times as long to eliminate a -2 penalty.
Positive Interface Modifiers are used to offset penalties for multitasking (generally -2 per extra task), Haste (-1 per 10% reduction in time spent), or operating complex devices such as military vehicles. They do not apply to normal use – you can operate the computer much faster than normal, but you don’t suddenly become a highly-skilled operator just because you’re jacked in.
Artificial Intelligences utilize a Total Immersion interface to operate their own computer and when connecting through the net, or whatever interface is available when operating another computer.
A Terminal interface utilizes an old-fashioned physical terminal to interact with the computer. This is typically a datapad or portable terminal for the active netunner, though workstation terminals and computerized crew stations tend to be used while back at the base. Many netrunners will have highly customized and expensive terminals, providing bonuses to their skill use.
Augmented Reality interfaces utilize a heads-up display to project computer-generated imagery directly onto the netrunner’s field-of-view. In effect, it renders virtual elements within the normal environment. This provides a +1 Interface Modifier; this stacks with any Interface Modifier from terminal type but cannot exceed +2.
A Basic Virtual Reality interface is an extension and upgrade to the Augmented Reality interface, replacing the normal terminal input with perfectly accurate gestural controls along with more detailed and varied output. This provides a +2 Interface Modifier, replacing that from terminal type.
Full VR provides a +3 Interface Modifier, but completely replaces the netrunner’s visual and auditory senses with a three-dimensional projection of the cyber environment, rendering him blind and deaf to the outside world. Jacking in or out of full VR takes a single Ready maneuver, and there are no ill effects if the VR suddenly ends.
The netunner becomes the computer. Only high-grade neural interface implants can operate at this level. This is a further extension of the Augmented Reality interface, allowing the user to both operate the interface without any movement or action besides thought. This provides a +3 Interface Modifier, but if the connection is severed without 1d seconds of preparation, the netrunner must roll a Fright Check, at +3 if the netrunner’s computer is Hardened.
The netrunner may elect to fully immerse himself in the interface, replacing his senses with those of the computer. The netrunner becomes effectively in a state of deep sleep, and can only recognize outside stimuli through the computer’s sensors; physical pain is the only sense that the netrunner retains from his own body. This provides a +5 Interface Modfifier. Jacking out takes 1d seconds of preparation and results in the netrunner being stunned until he can make an IQ roll. If the netrunner is disconnected without preparation, he is both stunned and must roll a Fright Check, at +3 if the netrunner’s computer is Hardened.
Levels of Access
When accessing a computer network on the Net, you won’t always be able to do everything you like immediately. Files will be encrypted, folders won’t open, programs won’t run – in general, access will be restricted. Sometimes you’ll be able to do a small number of things the network is set up for – such as access a Search program that can utilize a specific Database for a network like //HackNet.Webcrawler. Other times, all you’ll have access to is a log-in screen – and others, you won’t even get that. If you want to get at the real juicy stuff, you’ll need to get past the Gatekeepers and either upgrade your user account or log-in to a new account. Different user accounts have different levels of access, and higher-level user accounts typically require more complex security keys.
Each Level of Access beyond None has an ‘Access Modifier’ – this is important to Computer Hacking attempts.
If you have no access at all, you have no presence on the network and can not hack it. You may not have access for a variety of reasons – perhaps the network is set up to only allow access from certain IPs, or maybe the network requires a direct physical connection and isn’t connected to the Net at all.
If access is Denied, then you’ve at least connected to the target network. With Denied access, you can only attempt to log in to another user – you can not access any files or run any programs on the network. Typically, the only thing you’ll have access to on the target network is a Gatekeeper program, but occasionally you won’t even get that – just a message telling you you can’t continue. Still, that’s better than having no access at all – you can at least run programs against the network. Access Modifier: -8.
You don’t have a proper account on the network, but you can view public data and submit data in standard formats, such as registering for a User account on a public messaging board. You can also interact with certain public programs on the target network. Access Modifier: -4.
You have a proper User account on the network, giving you access to the network’s files and programs. You can run programs on the target network, call up files, etc. Files on another user’s account are Encrypted and can not be directly accessed, and you have no access to computer security programs such as ICE software. Access Modifier: +0.
You have full and unhindered access to the target network. You can turn on or off computer security programs, alter account passwords, give another account a new level of access, view any file on the network, etc. The only thing you can not alter is an AI’s core functionality. Access Modifier: +4.
Artificial intelligences have one level of access further than Admin, giving a user full and complete access to everything on the network – including the AI’s core programming, allowing a savvy hacker to alter the AI’s personality, modify skills, etc. Access Modifier: +8.
Getting a Connection
To hack a computer system, the hacker needs a line in; if he can’t even connect to the system, how’s he going to trick it to give up the goods?
On the Net
Many systems are connected to the net, allowing the hacker to use his net connection of choice. Most public systems can be found without any skill roll, while lesser-known systems can be found with a Research roll (taking one hour) or a Netwise roll (taking five minutes).
Top secret systems are often isolated, requiring a break-in to either access the terminal directly or to rig a link with an Electronics Operation (Communications) roll.
Some systems only allow access from a list of pre-defined ‘friendly’ systems; these are common for internal corporate or banking networks, for example. Use Netwise to determine what the ‘gatekeeper’ system is and gain User-level access to its system, then attempt to break in to the target network. Alternatively, you can mount a Man in the Middle attack, either putting a physical tap in the communications line between the two systems with Electronics Operation (Communications) or taking over an internet routing system between the two with Computer Hacking.
There are two primary methods of hacking into a system – exploiting holes in the software and somehow accessing and using the correct key.
Exploiting holes in the software is a Quick Contest of skills: the hacker’s Computer Hacking against the ICE skill of the system’s Intrusion Countermeasure Electronics (ICE) software. If the hacker wins the Quick Contest, he may now Access the System; if he loses, he may retry at a -1 penalty per previous attempt; if he loses by 5 or more, or if he fails on his skill roll, the target system is alerted to his hacking attempt with whatever consequences that are appropriate.
ICE software has a base skill between 10 and 25, depending upon the ICE software’s Quality. The following modifiers apply to this roll:
- System Administration: The target’s system administrator may configure the ICE software. Roll their Computer Security skill; if they succeed, then the ICE software gains a +2 bonus. If they critically succeed, then it gains a +4 bonus.
- Target Access: The target Level of Access gives a bonus or penalty to the ICE software’s skill equal to its Access Modifier (-4 for Guest access, +0 for User access, +4 for Admin access, +8 for Root access).
- Compromised Software: If any illegally-sourced software is installed in the computer, even if it isn’t currently running, then there is a -4 penalty.
- Current Updates: If the operating system and ICE software have been allowed to update regularly, no modifier. If they have been prevented from updating (for example, due to not being connected to the net or having the update funtion disabled), a -2 penalty. Worsen this penalty by one every month the computer is not updated, to a maximum penalty of -5.
There are a number of modifiers to the hacker’s Computer Hacking roll.
- Current Access: The hacker’s current Level of Access on the system gives a penalty or bonus to his Computer Hacking skill equal to its Access Modifier (-8 for Denied access, -4 for Guest access, +0 for User access, +4 for Admin access).
- Intrusion Software: A hacker may use special intrusion software (a Computer Hacking software tool) to perform his attack. If he has no dedicated intrusion software, he is at a -5 penalty (for improvised equipment); basic intrusion software gives a +0 bonus, and higher-quality software can increase that bonus.
- Time Taken: The normal time for an intrusion attempt is 5 minutes; the standard rules for haste and extra time apply (p. B346).
- Knowledge of Operating System: If the target operating system is unknown, roll at -6. An unknown operating system may be identified with a roll against Computer Operation at a penalty equal to half of the Current Access Modifier. Each attempt takes 5 minutes. Familiarity penalties apply if the hacker isn’t familiar with the operating system!
- Knowledge of Applications: If the programs running on the target system are unknown, roll at -2. Applications can be identified as above.
- Exploits and Trojans: An Exploit or a Trojan may be used to gain a significant bonus on the hacking attempt; see below for the rules. Bonuses for Exploits and Trojans are not cumulative with each other – take the highest bonus applicable.
- Complementary Skills: Computer Security may be used as a complementary skill on any hacking attempt. If the target is running mass-market software, Netwise may be used as well, representing shared knowledge of mass-market vulnerabilities that have not yet been patched. Computer Programming may be used to tailor software to an attack; this requires one hour of preparation. Computer Programming (AI) may be used as a complementary skill when attempting to gain access to an AI-controlled system; this represents knowledge of AI behavior and programming, rather than creating a dedicated system, and takes no extra time.
- Routing: The hacker may accept a penalty on his Computer Hacking roll in order to make it more difficult to trace the hack by routing the attack through a number of different proxies. Every -1 penalty accepted to the hacking roll adds a -2 penalty to the trace roll; both Computer Operation and Electronics Operation (Communications) can be used as complementary skills to offset these penalties.
Exploits are holes in the security software which, once discovered, give an attacker a bonus to their Computer Hacking roll. Only one Exploit may be used per hacking attempt. A hacker may discover an Exploit by analyzing the software in a controlled environment, at a -5 penalty unless he has access to the software’s source code. Roll Computer Security skill. On a success, you discover an Exploit that may give a +2 bonus; on a critical success, you discover an Exploit that can give a +4 bonus. Each attempt takes one day and requires Admin access to a computer running the software to be analyzed.
The hacker community runs on the trade and knowledge of Exploits that have never been used. Exploits may be purchased or sold on the black market. Roll Netwise skill, with a penalty for software rarity, to locate someone selling an Exploit; if the roll critically fails, the exploit is a trap that will make any attempt to use it an automatic critical failure! Exploit price depends upon both software rarity and the bonus’s magnitude.
|Exploit Purchase Table|
|Bonus||Software Rarity||Price||Netwise Penalty|
Exploits are one-use items – they only apply during the current adventure. After that, the Exploit is considered discovered and patched and the bonus no longer applies – you’ll have to discover or purchase another exploit!
A Trojan is a software program that, once run on a computer, opens up a hole in its security software. Creating a Trojan requires a Computer Programming roll; the Trojan gives a +4 bonus to the Computer Hacking roll on a success, or +8 on a critical success. Trojans must be inserted into the computer’s system in some fashion, such as by physically loading it onto the system or through infecting an otherwise-innocuous file with the Trojan’s code and having the system download it; a simple method to do this would be to email the file to a recipient with access to the target system – use Netwise to figure out who to send it to. Trojans may be blocked by an active virus scanner; this is a quick contest of the Computer Hacking skill of the Trojan’s creator versus the ICE software’s base skill – no bonuses or penalties apply to the ICE software.
Using the Key
The easiest way to break into a system is to just use the key. Sometimes this is as simple as having the correct password or electronic keycard; others, it means a brainscan or something similarly difficult. A hacker may dumpster-dive or use social engineering to get access to a password or have an IT department reset the password; he may break into a user’s personal braincomp implant in order to copy the cipher to a target system; he may use make-up and disguise techniques to fool a biometric system based on facial recognition; he may record the target’s voice and then use Electronics Operation (Media) to create a vocal print for a voice match system.
Keys are defined by their Key Rating; a more complex key is both more difficult to spoof and more time-consuming and error-prone than a simpler key. Key Ratings are Simple, Average, and Complex. ICE software that caters to more complex keys is more expensive than that which requires simpler keys.
These rules can be used as a replacement for Lockpicking or Electronic Operations (Security) rolls to break into electronic locks, not just for accessing computer systems.
A Password or passphrase is a simple, short word or phrase that identifies the user to the system. A Simple Password is a single natural-language word like ‘butterfly’; an Average Password is either a natural-language word with some additional letters/numbers added on (and possibly with some letters in the Password interchanged with numbers or other letters) or a short natural-language passphrase using multiple words. A Complex Password does not use a natural-language word at all; instead, it is a random assortment of letters, numbers, and symbols.
Guessing a Password is a Psychology or Computer Security roll with a penalty based on complexity. Simple passwords are at a -8 penalty, Average passwords are at a -12 penalty, and Complex passwords can not be guessed at all. There is a base +2 bonus if the user is well-known to the hacker or a -2 penalty if the user is completely unknown. Research may be used as a complementary skill to get background information on the user or Scrounging to look through their trash, as can Fast-Talk or Interrogation if the user can be directly interacted with. A user may save a Password to some other location in order to prevent forgetting it; roll against the user’s IQ, and if he fails by 5 or more he has written it down somewhere in access range of the system in question. If the user has a computer implant, they almost certainly have their passwords saved in its storage; breaking into the implant would give you full access to all of his passwords.
This is a more complex version of the Password key type, commonly used to verify a user’s identity when asking to change a password. Challenge/Response keys are based on the system providing a question and the user inputting an answer, both typically involving the user’s life experience. Simple Challenge/Response keys ask a small number of simple questions. Average Challenge/Response keys require more complex answers and ask multiple, more detailed questions. Complex Challenge/Response keys are effectively based upon cryptography, giving a string of letters/numbers that must then be ran through a cipher and fed back.
Guessing a response is a Research roll for Simple or Average keys, with a -5 penalty for Simple keys and a -10 penalty for Average keys. This penalty is at an up to +5 bonus based on how well the user is known; if this bonus applies at all then an IQ roll may be substituted for the Research roll. If the user is completely unknown, then it is impossible to spoof the Challenge/Response system! Psychology skill can be applied as a Complementary Skill, as can an IQ roll from anyone else who knew the authorized user.
In order to break a Complex Challenge/Response key, either a copy of the cipher is required (which makes breaking it immediate) or it must be figured out through cryptographic analysis of a set of ‘accepted’ challenges and responses. This is a Cryptography roll – see the Cracking the Code section for more details.
Visual Biometric keys are actually a class of keys, each requiring a different key type but all following the same basic pattern. Examples of Visual Biometric keys are Fingerprint, Retina, or Facial Recognition keys; Gait Recognition is a similar type, but follows slightly different rules. Visual Biometric keys all utilize some type of scanning mechanism to ‘look’ at some aspect of a user and match it to a database of authorized users, only unlocking if the patterns match. A Simple Visual Biometric key only requires the appropriate pattern – a photograph will work fine. An Average Visual Biometric key requires both texture and actual size to match – a 3D model is required. A Complex Visual Biometric key requires the pattern, texture, and a number of other features to match as well, such as the presence of a pulse, blood flow, and appropriate temperature – a dead body won’t work.
Use Forensics or Photography to get the biometric pattern; Disguise at a -4 penalty for an Average or Simple key, or -8 for a Complex key, can create a convincing replica. Forgery, Artist, and Physiology may all be used as Complementary Skills on the replication roll.
Gait Recognition follows the same rules, but requires Body Language skill to find the pattern and Acting skill to replicate it.
A Voice Print key requires the user to speak and then analyzes the sound to match it with the authorized user’s vocal patterns; voice print systems are commonly able to notice stress markers in a user’s vocal patterns and refuse to unlock if they are present. A Simple key requires the authorized user to say a few words – any words will do, and a high-fidelity recording of the user’s voice would suffice. An Average key requires the user to say a single passphrase – use the Password key rules to first uncover the password. A Complex key requires the user to read a random passage or to actively converse with the lock – a static recording will not work.
A Voice Print system may be spoofed by mimicing or recording the user’s voice; a Simple key simply requires a recording and no roll, while Average and Complex keys require skill rolls. When interacting with the user, use Fast-Talk to get the target to say the appropriate phonemes, or use Shadowing to keep close enough to him while he is conversing to someone else. Use Electronics Operation (Media) to manipulate the recording to string together the appropriate words or phrases – this roll is at -4 to perform on-the-fly in order to break a Complex key.
Alternatively, a character may attempt to mimic the authorized user’s voice directly. This is an Acting roll at -8; this penalty is ignored if the character has the Mimicry advantage.
A Brainlock is a special type of encryption-based key based around connecting to the computer through a neural interface. The Brainlock accesses the neural interface and then analyses the target’s brain, matching it with records in the database. A Simple Brainlock only accesses the target’s implant computer – no analysis of brain patterns is performed. An Average Brainlock does a quick scan of the target’s brain patterns through the neural interface. A Complex Brainlock utilizes a hyMRI machine as well as a question-and-answer session to map the user’s brain patterns; this process takes ten minutes to an hour and requires a separate hyMRI machine connected to the Brainlock device.
A Simple Brainlock can be spoofed by making a copy of the user’s implant computer. An Average Brainlock can be spoofed through the use of a Doppelgeist Personality Mirror implant. There is no way to spoof a Complex Brainlock, and traumatic events or other big changes in personality can make a Complex Brainlock fail to unlock for the authorized user.
X-Ray Analysis uses advanced active scanning systems to take a picture of the inside of the user in order to determine their identity. A Simple key takes a surface-level scan and checks bone structure; this can be defeated with appropriate full-body cyberware and a Disguise-4 roll. An Average key looks at the user’s cyberware – location, type, etc. – and checks that it matches the user. Complex keys look at everything – .skeletal structure, installed cyberware, evidence of past surgeries, etc. Complex keys must be reset after any major surgery!
X-Ray Analysis requires a separate scanning device in order to function. Surgery may be utilized to implant appropriate cyberware and alter bone structure in order to defeat this type of key, but the more common method is to hack into the database and insert or alter a pattern to fit a new unauthorized user; see the rules above for how to accomplish that.
This method analyses a blood or cheek swab sample from the user and matches it to an authorized user. Simple keys take only moments to unlock, but perform a very simple check – a close relative could pass as an authorized user. Average keys take a few minutes to analyze and require an exact DNA match, but identical twins or clones would still fit. Complex keys match both DNA sequences and viral antibodies in the bloodstream; this takes thirty minutes and will fail if the user had a significant disease between when the original sample was taken and the new access attempt.
Use Forensics or Physician to get a DNA sample from an authorized user; use Sleight of Hand to make it stealthy. Use Sleight of Hand to insert the false DNA into the recepticle without observors noticing. A Complex key requires a recent blood sample, while an Average or Simple key can utilize synthesized DNA from a piece of hair or other DNA source.
This is using social skills to bypass the need for a key to have an authorized user give you a key. Fast-Talk can be used to get genral access to a network or to convince a specific user to give you their key; Savoir-Faire can either replace Fast-Talk or act as a complementary skill for an apropriate organization. Acting is required to convince an IT representative that you are a specific user. In all cases, Administration can be used as a complementary skill.
Roll a quick-contest of the skill versus the target’s IQ. Success by 5+ means the target gives you the key or otherwise helps you out. Failure means the target notices the deception. Success by less than 5 means the target does not materially help you out, but neither does he raise the alarm.
Accessing the System
Once “inside” a system, the hacker can use Computer Operation to steal or alter data (like identity databases), Electronics Operation (Communications) to spy on communications the system manages, Electronics Operation (Security) to neutralize computerized security, Electronics Operation (Surveillance) to hijack computer-controlled cameras, etc.
No skill roll is required in order to execute a simple program from a computer system with which you have Familiarity; roll against Computer Operation to control an unfamiliar system. Different programs require different operation skills – Writing for a word-processor, Guns or Gunner for a targetting program, etc. In general, if it’s a software tool then the operating skill is whichever skill the tool is for, while games use Hobby Skill (Video Games), security software uses Computer Security, and general software uses Computer Operation.
Controlling Networked Devices
Some computer systems are set up to control a network of peripheral devices – security doors and cameras, surveillance equipment, emplaced gun turrets, drone systems, communication devices. This typically requires User-level access. Use Computer Operation to discover any networked devices, then use an appropriate Electronic Operation skill to control them (see the skill descriptions for what they can control); this allows you to activate or deactivate them as well as alter their settings, control what they’re doing, etc. Some systems will require you to use another skill as well as the Electronics Operation skill – in those cases, the appropriate Electronics Operation skill is the ‘master’ skill when using those systems. When rolling against a DX-based skill to remotely operate a networked device, use the lower of the skill or Electronics Operation floated to DX.
Example: Jake has hacked into the security computer for a secret Umbra Corporation facility. He rolls Computer Operation skill and discovers that the security computer is networked to a number of surveillance cameras, the door controls, and two automated turrets. Jake disables the surveillance cameras and unlocks all the doors in the facility – this requires two Electronics Operation (Security) rolls; he could have used Electronics Operation (Surveillance) to disable the cameras instead. Jake then looks at the turrets – after rolling Electronics Operation (Security) once more he recognizes that the turrets are set to activate once an alarm sounds and to fire at anyone who isn’t wearing an Umbra RFID tag. The turrets have a skill of 12 for their Gunner (Machine Gun) skill. Jake can use Electronics Operation (Security) to disable the turrets entirely or, at a penalty, reprogram the turrets to automatically fire at anyone not wearing an Umbra RFID tag. Jake could also take control of one of the turrets directly; Jake has an Electronics Operation (Security) skill of IQ+2; his Gunner (Machine Gun) skill of 15 is DX+3. When he siezes control of the turret, Jake will be firing using Gunner (Machine Gun) at DX+2, 14.
Use Computer Operation to find out what data a computer contains; you may substitute Research skill when looking for a specific piece of data. Once found, a file or database may be operated upon in a number of ways.
A file may be modified; use Computer Operation to alter a database or Computer Programming to alter a program. Use Computer Hacking to hide the modifications and Computer Security to detect modifications – treat this is a Quick Contest.
A file may be copied to another system at a rate depending on the slower system’s Complexity – the base speed is 1 megabyte per second at Complexity 0 and increases at a rate of x10 per +1 Complexity; this goes to 1 gigabyte per second at Complexity 3, then 1 terabyte per second at Complexity 6. This requires no skill roll. A file may likewise be deleted, but a file deleted in this manner may still be retrieved at a later time. A file may be securely deleted using Computer Security skill – this takes ten times as long as copying a program. A retrieval attempt can be made with Computer Security or Electronics Repair (Computers) skills; this is a Quick Contest against the deleter’s Computer Security skill, with a -1 penalty for successive attempts to retrieve; if the deleter wins by 5 or more or critically succeeds on his roll, then the file is impossible for the retriever to access. The retrieval attempt is penalized by time since deletion – a -1 penalty for a day since deletion, with the penalty increasing by 1 per doubling of time.
Use Computer Operation or Electronics Operation (Communications) to discover connected computer networks. Once detected, you may use either skill to listen in on data that is being transmitted through the computer. You may also use Computer Security or Electronics Operation (Communications) to detect if anyone else is listening in on a connection – treat this as a Quick Contest. You may also use Computer Hacking to jam the connection by overwhelming it with massive amounts of input – this is a straight success roll and is not contested. If succesfull, the connection is completely jammed, but this jamming is immediately detected – use Computer Security to find the origin of a jam.
Encryption and Decryption
Certain software may encrypt files or databases, making them impossible to read without decrypting them first – preferably with the proper key. Ordinary encryption systems are rated on their Encryption Complexity (EC) – this is the Complexity of computer required to make one decryption attempt per hour. Most operating systems come with the ability to encrypt files with an Encryption Complexity of 8, but higher-EC software must be purchased and installed separately.
Decryption attempts require an appropriate software tool. The Complexity of the computer attempting decryption is the Decryption Complexity (DC). The difference between the Encryption Complexity and the Decryption Complexity determines the time per decryption attempt. This time may be modified by Time Use modifiers and by dedicating multiple computer cores to the decryption task; divide this time by the number of computer cores being dedicated to decryption. Positive Interface Modifiers do not apply!
Quantum computers have twice the Decryption Complexity of other computers for their rated Complexity.
|EC – DC||Time to Decrypt|
High-grade encryption software may create One-Time Pads, which are capable of creating perfectly-strong encryption that can not be defeated without the corresponding key. Decryption attempts against One-Time Pad systems focus upon gaining access to that key, rather than typical decryption methods.
Much activity on a computer is monitored by the resident operating system and recorded in access logs – including connections made, files accessed, accounts modified, etc. A user must have Admin access in order to read or modify these logs. Use Computer Security to read the access logs in order to trace a hacker’s steps, finding out what computer they hacked in from. Use Computer Hacking to modify those access logs. Detecting this modification is itself a Quick Contest of Computer Security versus Computer Hacking; if the system administrator wins, then the modification is detected, but the actual data isn’t recovered unless he wins a second Quick Contest.
Discovering a Hack
An active system administrator, or an AI resident on the system, may attempt to detect a hack while its in progress. This is a quick contest of the system administrator’s Computer Security skill versus the hacker’s effective Computer Hacking skill (after intrusion modifiers); if the system administrator wins, then the hack is detected and he may proceed to attempt to Trace the Hack (see below) or sever the connection. If the system administrator loses, he may retry five minutes later at no penalty.
Tracing a Hack
A system administrator may attempt to trace a hack after it has been discovered. This is a Computer Security roll, taking 5 hours per attempt if done after the hack or five minutes per attempt if the trace is attempted during the hack, during which time the administrator must continuously be at his computer, tracking the culprit down. This roll is penalized by twice the Routing penalty the hacker accepted when hacking the system. If the roll succeeds, the hacker’s computer ID and location are identified. If the roll fails, it may be retried at no penalty. If it critically fails, or fails by more than five, then the searcher has lost the trace and can not succeed.
If a hacker made no attempt to hide his location (accepting no Routing penalty), then a simple Computer Security roll may locate him; this takes five minutes per attempt.
Due to the threat of a trace, it is generally a good idea to wipe the logs as best you can when hacking and to accept as large a Routing penalty as you can. Another option is to ‘cut the chain’ – after hacking a system routed through a proxy chain, the hacker may gain Admin access to one of those proxies and modify its logs or, in extreme cases, alter its operating system files so much as to damage the computer system (see below). This can prevent the trace from succeeding – unless the searcher detects and recovers those modified logs.
Damaging the System
Once a hacker has Admin-level access, he may alter user accounts at whim – this is a simple Computer Operation roll. A more nefarious hacker may attempt to modify the operating system, making the computer crash or – in extreme cases – overheat and damage its components. Simply making the system crash is a Computer Hacking or Computer Operation roll; success means the system is crashed and the operating system must be repaired, taking one day but costing no money; all files and programs can be retrieved with a simple Computer Security or Electronics Repair (Computers) roll.
A hacker may instead choose to truly damage a system, physically breaking it. This is a Computer Hacking or Computer Security roll at a -5 penalty, or -8 if the target system is Hardened; against most computers, success causes a catastrophic system crash and disables the system until it can be repaired, taking 1d days and costing 1dx10% of the computer’s base price in repairs.
Effects are more severe if a user is connected to the target through a neural interface. They immediately take 1d burning damage to the brain (multiply damage normally for injury location); a Hardened computer effectively gives 3 DR. Targets must then make an immediate HT roll at a -1 penalty per 2 injury taken, even if they were not wounded. If they fail, they become stunned and can attempt to recover on successive rounds with a HT roll at the same penalty. If they succeed, they can act normally; remember to apply shock penalties! Stunned targets may be attacked again; they resist at -5. This is called ‘flatlining’ and can rapidly lead to death.
A damaged system’s access logs are recoverable as if they were securely deleted with a Computer Security skill of 15, taking one hour per attempt and physical access to the computer; a critical success on the damage attempt makes them impossible to recover.
Altering an AI
If a user gains Root access to an AI, they may alter that AI’s core programming. This is a quick contest of Computer Programming (AI) against the AI’s Will. The hacker is at a -1 penalty per 5 points of disadvantages added or removed. If he wins, then the AI is permanently altered; if he fails, then he may try again – at no penalty for successive attempts! This takes one day per attempt.
Setting • Characters • Cyberware • Gear • Weapons • Armor • Drugs • Netrunning • Action • Credits
Main • Hardware • Hardware Catalog • Software • AI Catalog • AI Templates • Running the Net