No announcement yet.

Hacking: A first draft

  • Filter
  • Time
  • Show
Clear All
new posts

  • Hacking: A first draft

    Not sure if something like this has been done before, but here's a thing.


    Hacking is the art of getting into computer systems that do not want you there. This is a vastly complex topic, but to simplify, there are two reasons that a person might want to get into a system: to see the information that exists on that system, and to access the functions of that system.

    Information has value - we all know that knowledge is power. Because information has value, people want to protect their information. A hacker might want to acquire that information for any number of reasons: to sell or hold for ransom, to blackmail, simply for the sake of knowing, etc.

    The functions of a system can be anything that a device does. With the proper level of control over a system, a person can open automatic doors, project images to screens, detonate bombs, or any other action that the system has control over.

    For game purposes, there are three structures that need to be discussed: Devices, Networks, and Links.


    A Device is anything that uses computerized control. This can be as complex as a supercomputer or as simple as a door sensor. Devices have 4 attributes: Access, Security, Intel Cap, and Functions.

    Access: In order to hack a Device, a hacker needs to have Access to that Device.

    Physical Access: A hacker with the proper equipment and physical access to a Device always counts as having Access. "The proper equipment" depends on what form the Device takes: a computer terminal requires no equipment other than your hands and eyes, but a router that is welded into a steel box obviously would require a lot more work to get at.

    Internet Access: Beyond getting their physical hands on it, a hacker needs to find an electronic route to the target Device. Some Devices are connected directly to the wider Internet, in which case anyone with an Internet connection has Access.

    Network Access: Devices not connected to the Internet are typically connected to a Network, in which case a character who has penetrated a Device on the same Network has Access to other Devices on that Network.

    Link Access: A hacker who has penetrated a Device has Link Access to any Devices that are Linked to that Device. Additionally, a hacker who penetrates a Link using specialized equipment has Link Access to the Devices connected by that Link.

    A singular Device with no Internet connection can only be Accessed physically.

    Security: Getting into a system isn't as simple as having access, however. Every Device has a Security rating, and most have a rating from 1 to 5, but extremely well defended systems can range much higher. A Device with an effective Security of 0 can be used by anyone who has Access.

    Dice Pool: Intelligence + Computer vs. Obstacle (Security)

    Roll Results

    Success: The character can see any Intel the Device has access to, and use the Device's Functions.

    Exceptional: The character gains the Inspired Condition, in addition to penetrating the system.

    Failure: The character has a choice: Either they fail to gain entry to the system, or the system's operator(s) notice the intrusion.

    Dramatic: The character has blundered across the system's Security, and has left traces that can be tracked back to them. They gain the Trace Condition.

    Modifiers: If the character has already successfully hacked a Device on the same Network, they take +2 bonus dice. A character with the proper equipment and ability to connect with a Device's hardware directly (rather than through a user interface) also gets +2.

    A character can bypass a Device's Security all-together if they get their hands on the credentials that would give them legitimate entry to the system. This can lead to so-called "rubber hose hacking", the details of which I'll leave to your imagination.

    Intel Cap: Once a hacker is past a system's Security, they can get their hands on the information that Device has access to, which we'll call Intel. Intel is explained further under Networks, but put simply, a Device's Intel Cap indicates the maximum rating of Intel it can provide to an intruder.

    Functions: This is any action that the Device can perform in physical space: perhaps a Device can manipulate a massive crane, or shut off all the lights in a facility. A hacker that has defeated the Security of a Device can use any of the Functions on that Device.


    Networks are groups of connected Devices, and can range from something as simple as a door sensor connected to the motors that drive the door, or as complex as the Internet itself. Hacking a Device on a Network might give you Access to other Devices on that Network.

    A Network can be visualized as a graph, with Devices acting as nodes, and Links being the lines between those nodes. There are four types of Networks:

    Open Networks: Every Device on this Network connects directly to the Internet, and can be Accessed by anyone.

    Choked Networks: Only certain Devices on this Network have Internet Access, called Chokepoints. In order to gain Access to other Devices on the Network, one must either penetrate the Chokepoint, or get Physical Access to the target Device.

    Closed Networks: These Networks have no Internet Access. In order to hack any Device on the Network, a character needs to have Physical Access to at least one Device on the Network in order to get Network Access.

    Network Webs: Sometimes a Chokepoint doesn't have Internet Access - instead, it has a Link to a Chokepoint on another Network. This can result in extremely complex systems where a hacker has to penetrate each Network on the system one at a time.

    Intel: A Network generally contains some kind of information relevant to the owners and users of that Network. We'll call this info Intel. Intel can be anything from grocery lists to nuclear codes. Every piece of Intel has a rating, generally from 1 to 5, though on a complex Network, this number might range higher. A hacker who penetrates a Device's Security can access any Intel on the Network up to the Device's Intel Cap.


    A Link is a trusted connection between two Devices. If a hacker has penetrated a Device, hacking any Linked Devices becomes easier, as they count as having their security reduced by 1. Links come in two types: Physical Links and Wireless Links.

    Physical Links are typically wires, whether electrical or fiber optic. Wireless Links are encrypted communications passed by various types of radiation. With the proper equipment, a hacker can penetrate a Link and view communications passed along it. Effectively, the character has Link Access to both Devices, and doesn't need to penetrate their Security to view Intel available to those Devices. Think wiretapping.

    Penetrating a Link requires the same hacking roll as penetrating a Device, but requires specialized equipment to do so. The Link has a Security rating equal to the lower of the Security ratings of the two Linked Devices.


    Trace (Persistent)

    Due to a bungled hack, the character has left traces of their presence in the targeted system. These traces might get tracked back to the hardware they used to hack the system.

    Beat: The character faces trouble from the owners of the hacked system.

    Resolution: The hacker ditches or loses the traced hardware.

    Like all systems, this should only be used when needed/desired. I'm currently building a cyberpunk Chronicles of Darkness game, and this is one of the things I've written for it. I'd like any constructive criticism that anyone has. Also, if you like the system, feel free to use and/or hack it yourself.

    Also, credit where it's due, the basic idea for this system comes from Justin Alexander over at the Alexandrian. Twisted it and expanded it for my own usage.
    Last edited by Airlock; 04-01-2021, 01:55 PM.

  • #2
    I think something more like chase rules and an extended action would make more sense.

    So the Hacker would be rolling Int + Computers - Security and need to get (say) 5 successes; if they alert whoever they're hacking then that side starts rolling Int + Computers - Hacker's Security or can physically pull the plug or send people after them (if the hacker has physical access).

    I really like the idea and the breakdowns of what is what, though, it's more realistic than most hacking in games without being obnoxiously simulationist.

    Mentats - a 2e Free Council Obrimos Legacy (Mind/Forces) built around being a human computer; Thaumatech Engineers - a 2e Free Council Obrimos Legacy (Matter/Prime) focusing on the creation of Imbued items and the enhancement of Sleeper technology


    • #3
      I think you're right that making the main hacking roll an extended action probably makes more sense, but I don't think I'd use the chase rules. Intrusions are almost impossible to detect in real-time, they're almost always either caught automatically by countermeasures or detected after the fact. I'll tinker with this a bit later.

      Edit: Although, on the other hand, if you're trying to hack your way into a network, making each hacking roll extended could result in a lot of rolling. I'll have to give this a think.
      Last edited by Airlock; 04-01-2021, 04:06 PM.


      • #4
        I really like this system. It gives more detail and a framework for describing what exactly the hacking character is doing. It also allows for player choice and dramatic tension.

        I would only use chase rules if there is an actual opposition in place, i.e. a cyber-security guy is actively trying to block the hacking.
        But you could also use Airlock's system for that: each turn, the cyber defense can attempt to block Functions and Accesses, close Links etc. so that the hacking player needs to decide what Device or Intel to access before it gets blocked.