B C Z
United States
Reston
Virginia
flag msg tools
designer
badge
Avatar
mbmbmbmbmb
Overview of Threat Assessment against Electronic and Virtual Assets
Presented by the Protection of Electronic and Virtual Assets Division, Weyland Corporation
Sponsored by the Threat Assessment Division (TAD), Weyland Corporation
With supporting data from the Department of Marketing and Customer Tracking, News Broadcasting Network

Recent attacks on our net based infrastructure have necessitated that we perform a threat analysis of possible intrusion attempts by unsavory hackers, commonly referred to as ‘Runners’. This report seeks to quantify the capabilities and resources of these ‘Runners’, as well as look at our own defenses against such incursions. Future reports may look at the threat from the perspective of other corporations (hereafter referred to as “Corps”) in order to determine if their defenses are better tuned than ours. TADs (or their equivalents, NBN seems to have only newscasters and marketers) from the other Corps have agreed to enter a resource sharing market. Subcontractor MirrorMorph™ will be heading up that effort, but it is not yet online. As such, this report will look at only information available without data sharing by any group, though it does presume the use of readily available neutral assets.
Which means, the pie charts are for single-faction decks “out of the box”, including all Neutral cards.
Codifying the Threat
The TAD has always acknowledged three classes of Runner, based mostly on their ideology or beliefs. This report will show that each of these Runner factions can be assumed to have different mixes of resources and capabilities at their disposal, partially dependent upon their belief system or social contacts. The TAD wishes to thank NBN’s tracking software for the information gathered on the Runner factions and was required to put this advertisement for NBN into this report as a condition of use of their data.

Anarch

The Anarch faction is typified by the political philosophy which holds Corporations to be undesirable, unnecessary or harmful. Proponents of Anarchism advocate Corpless societies based on non-hierarchical voluntary associations, which is another way of saying they like to hang out in seedy clubs.

Anarchists tend to subscribe to a ‘burning’ or ‘tearing down’ virtual representation of their net-based programs and usually attack the ICE and Corporation directly with Viruses.

If you have identified that your Intruder is an Anarch the TAD recommends that the Corp begin periodic virus scans. Also, be aware that Corporate employees may accidently trash vital data in anticipation of such viral scan activity, so it may become necessary to guard your Archives with ICE to prevent data leakage.

The most prevalent Anarch in the New Angeles area is Ji “Noise” Reilly, who has been a suspect in numerous murders in the NA region. Luckily, this individual is relatively easy to trace as his digital signature is fairly flamboyant and obvious.

THREAT ASSESSMENT: HIGH


The Anarch’s distribution of available capabilities show that they are heavily dependent upon Programs and Events.

Though relatively easy to tag, he will not have many Resources to dispose of, which means that tagging is only valuable if you can follow up with a Private Security Force or other tactic aimed directly at the Ji’s physical location. He is fond of hanging out in Seedy Clubs through the NA region, and finding which one he frequents and getting him off of the guest list would slow his ability to learn about new viruses that his like-minded friends have cooked up. Further, he may utilize virtual resources which could be shut down once properly traced. Like all Runners, if he obtains contracts from the rogue organization Armitage Codebusting, tying those up in lawsuits will deprive him of a bankroll.

Ji’s preference when in the virtual world is to target the underlying code base supporting an ICE installation in order to reduce its capability, effectively lowering its Security Tested Rating (str). Viruses have been known to attach themselves to our ICE constructs and slowly eat away at the supporting code structure, eventually destroying them. The Corporation can shut down all external access for a day in order to purge viral activity, but doing so will not actually purge the virus, just its progress, and as soon as we reopen access, the Virus will establish contact with the host code and continue its destructive programming.

The Corporation is working on methods to purge hosted Viruses from Installed ICE but the plan for the time being is to simply install and activate a new instance elsewhere in the server. One benefit to the style employed by Ji for attempting to gain access to our servers is that his methods take time and he is limited by icebreakers which cannot modify their attack strength, instead relying on his other viral programs to reduce the STR of our defenses to a level he can affect. The disadvantage is that we have seen entire ICE fortresses collapse in a matter of minutes when under attack by Mr. Reilly, especially if he has hyped himself up with the illegal drug Stimhack.

When attempting to Repel this class of Runner, the constant threat that we have adopted a Scorched Earth Policy is a costly, but viable tactic that may serve to slow the Runner down. Issuing a Posted Bounty to accelerate this process may turn his own friends against him and allow us to pay our respects at Mycroft Cemetery.


Criminal

Criminals are generally not motivated by personal belief systems, but are instead driven by profit. Every intrusion they initiate has a purpose, typically resulting in a payout of credits from a buyer of the stolen data. Criminal networks are highly structured and interdependent, similar to a small Corporation. Criminals have adopted visual imagery from historical criminal activity such as Ninjas, Gangsters and Pirates.

The current Criminal at large in New Angeles is Gabriel Santiago, no code-name. He is a two-bit huckster who preys on Easy Marks for capital in addition to selling all data from his incursions through his personal contacts and his Desperado network. Through social engineering and specialized software, he is able to bypass ICE in our servers or backdoor his way from the Archives into our Headquarters.

THREAT ASSESSMENT: HIGH


Gabriel relies heavily on his network of Resources and on manipulating Events in his favor. Further, in order to keep his name out there, Gabriel cannot go underground for too long, which will reduce his access to Base Links. He will be the Runner most likely to boost his link directly through funds when we attempt to Trace him, though recent attempts to apprehend him have turned up numerous Decoy identities. If we manage to get a Tag on him, destruction of his Resources should be considered high priority in order to curtail his funding stream.

Gabriel has difficulty breaking the encryption schemes represented by code gates. If he is unable to bypass the ICE using other means, he will be relying on the rogue AI program Crypsis to break these routines. Placing these ICE deep into the server security plan will make it more difficult for him to social engineer his way past them.

Further, keeping Gabriel out of our Headquarters Central Server will cut off part of his cash flow. Be aware of the back doors that may exist from Archives or R&D.



Shapers

Shapers are motivated in the same way that mountain climbers like to climb Mount Kilimanjaro or Mount Everest: they see a challenge and seek to overcome it even if doing so is a pointless and self gratifying experience.

Shapers are the most difficult Runner type to handle, because they are prone to extensively modifying their equipment, programs and even themselves in pursuit of their own personal goals or vision of perfection. A project which takes others days to complete can take a properly motivated Shaper a matter of minutes. The premiere Shaper in the New Angeles region is Kate “Mac” McCaffrey, who, to date, has eluded detection in our system. She is a “Digital Tinker” who generally purchases standard devices intended for legal use and modifies them heavily for her own purposes.

THREAT ASSESSMENT: HIGH


Kate is very adept at changing her digital signature and has developed a device which she calls The Rabbit Hole which makes tracing her nigh impossible for all but perhaps the marketing department of NBN. Since most of her capabilities derive from personally owned assets, there are not many opportunities for destruction of her Resources even if she is tagged.

Ms. McCaffery employs numerous icebreakers which are capable of maintaining their strength for the duration of an intrusion. Once she has defeated one wall, another wall is uninteresting to her and she will be able to pass it with relative ease. Providing her with a variety of ICE may remove her focus from the discovery, theft or destruction of our Agenda and Assets to simply proving she can overcome the challenges presented by our defenses in the server.

These modifications all require capital to fund and time to install. Keeping track of her finances will help us to understand where and when she plans to enter our systems next.


Summary
Future Reports from the Protection of Electronic and Virtual Assets Division will detail specific measures and countermeasures as they become known and available.

We advise the Board to be prepared for these high profile threats and to advise all Sysops of possible tactics that may be employed by those seeking to compromise the Weyland Consortium.
59 
 Thumb up
1.07
 tip
 Hide
  • [+] Dice rolls
Bob Smithy

Wheaton
Illinois
msg tools
badge
Avatar
mbmbmbmbmb
So... What's the most dangerous one on average?
 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
B C Z
United States
Reston
Virginia
flag msg tools
designer
badge
Avatar
mbmbmbmbmb
Hdnggrnchrg wrote:
So... What's the most dangerous one on average?


The one attempting to access your servers, as during that time, the other two will be dormant.
11 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Bob Smithy

Wheaton
Illinois
msg tools
badge
Avatar
mbmbmbmbmb
byronczimmer wrote:
Hdnggrnchrg wrote:
So... What's the most dangerous one on average?


The one attempting to access your servers, as during that time, the other two will be dormant.


How about if all 3 are trying to access the same data, facing the same minions. Which runner would prevail the most frequently, based on your through analysis?
 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
B C Z
United States
Reston
Virginia
flag msg tools
designer
badge
Avatar
mbmbmbmbmb
Hdnggrnchrg wrote:
byronczimmer wrote:
Hdnggrnchrg wrote:
So... What's the most dangerous one on average?


The one attempting to access your servers, as during that time, the other two will be dormant.


How about if all 3 are trying to access the same data, facing the same minions. Which runner would prevail the most frequently, based on your through analysis?


That will take some time and additional data.
3 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
James 3
United States
Atlanta
Georgia
flag msg tools
badge
Avatar
mbmbmbmbmb

Anarch will blow your forts up slowly, wearing down your defenses. Archives is less safe than usual

Criminal will sneak past at just the wrong time when you don't expect it, and will pay extra attention to hq, so ice it up!

Shapers are fast and efficient and mostly play a straight up game, running straight in and being able to afford it. Nowhere is safe once their rig is fully operational, so don't delay.
2 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Bob Smithy

Wheaton
Illinois
msg tools
badge
Avatar
mbmbmbmbmb
I personally think there's going to be a Shaper-Criminal and Anarch-Criminal runner meta, with the out-o-faction being the few good criminal cards (Sneakdoor Beta)
 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Front Page | Welcome | Contact | Privacy Policy | Terms of Service | Advertise | Support BGG | Feeds RSS
Geekdo, BoardGameGeek, the Geekdo logo, and the BoardGameGeek logo are trademarks of BoardGameGeek, LLC.