A Mini-Game for Computer Hacking
This article originally appeared in the
March/April 2022 issue.
Mr McClain’s
PDF of the rules can be downloaded here.
Introduction (Jeff Zeitlin)
Late in January, I was perusing the discussion in a room on the Traveller Discord, and came across a link to Mr McClain’s rules for computer hacking. I inquired, and subsequently had a discussion in e-mail with him about these rules and whether Freelance Traveller would be permitted to publish them. Permission was granted, and thus I present them here. [Mr McClain’s PDF of the rules (without the introduction, notes, or example game) can be downloaded from Freelance Traveller’s website; follow the link to them above or from this issue’s contents page.]
The Core Rulebook for Mongoose Traveller Second Edition, on page 64, offers the following two tasks that would seem to be relevant to computer hacking:
To search a corporate database for evidence of illegal activity: Difficult (10+), Electronics (Computers) check, (1D hours, INT)
To hack into a secure computer network: Formidable (14+), Electronics (Computers) check, (1D×10 hours, INT)
Mr McClain indicated that two of his players wanted a form of hacking that took less time than the multiple hours (or days) that the tasks above required. While he was working on some rules for this, it occurred to him to make it a counter-game, and the final results were as presented here.
The Rules (John McClain)
Introduction
This minigame replaces the traditional Electronics (Computers) check for hacking in Mongoose Traveller Second Edition. This replacement takes the form of a two-person counter-game. The Traveller that initiates the hack will be referred to as the attacker. The Referee will serve as, and be referred to as, the defender. The attacker may end the hack at the start of any round.
Operation Points
Operation points serve as the competitors’ currency which may be spent each round by performing operations. Each operation that is attempted will consume one operation point.
At the start of a hack, the attacker’s operation points are equal to the total result of the attacker’s Electronics (Computers) check; Include the Dice Modifier from any intrusion software in this check.
Security/0 | 4 Operation Points |
Security/1 | 6 Operation Points |
Security/2 | 8 Operation Points |
Security/3 | 10 Operation Points |
The defender’s operation points are equal to the total result of the defender’s Electronics (Computers) check. The use of security software on the defender’s system will grant additional operation points as shown in the table (right).
Agent/0 | DM +1 |
Agent/1 | DM +2 |
Agent/2 | DM +3 |
Agent/3 | DM +4 |
A defending system may have one of two types of operator: An NPC, or an Agent Program. If a defending system has no operator, it will only have operation points equal to the bonus given by any security software. If the defending system is using an agent program as an operator, it will make its initial Electronics (Computers) check with Dice Modifier as shown in the table (left).
Only one operation may be performed per side each turn. If both sides run out of operation points, the hack will be terminated.
Advantage
Advantage is a representation of the ground gained, or the gains denied, by both the attacker and the defender. Advantage ranges from -3 to 5 and may be changed through the operations performed each turn. An advantage of -3 indicates that the attacker has been completely shut-out and the hack will end at the end of that round. An advantage of 5 represents a situation in which the defender’s system has been completely compromised and is at the whim of the attacker. Advantage starts at 0.
No operation may be resolved if it would cause the advantage to exceed 5 or drop below -3.
Operation Turns
The minigame is organized into a series of turns, each of which lasts for one minute. At the start of each turn, both the attacker and defender will choose an operation, and conceal it. After choosing an operation, either side may declare that they wish to reverse the order of resolution for the soon-to-be revealed operations. Attempting to reverse this order will cost one operation point. At this point, both operations will be revealed and resolved in the following order, if they were not reversed: Attacker, Defender. If both side attempted to reverse the order of resolution, it remains unchanged.
Attacker Operations | ||
---|---|---|
Operation Name | Advantage Change | Description |
Wait | - | You wait for this turn. This does not consume an operation point. |
Probe | +1 | Attempt to probe the defender’s system for vulnerabilities. This may not be used if the Advantage is greater than +2. |
Exploit | +2 | Attempt to exploit the defender’s system. This may only be done if Probe was done within the past three turns. |
Blind Exploit | +2 | Attempt multiple common exploits all at once. This can be prevented by a defender’s successful 10+ Electronic (Computers) check. |
Phish | +2 | Try to trick the defender into creating a vulnerability in the system. This may be resisted by a defender’s successful 8+ Electronics (Computers) check. The defending system must have an operator in order to use this operation. |
Intense Scan | +2 | Perform an extensive scan of the defender’s system. If the defender succeeds at a 10+ Electronics (Computers) check, change the advantage by –2 instead of +2. |
Install Backdoor | –1 | Installs a backdoor on the defender’s system. Block Connection now requires a 10+ Electronics (Computers) check to be performed. |
Operate Mechanism | –2 | Operates a computer-controlled mechanism. Examples: Pistons, Lights, Doors, etc. |
Steal Information | –2 | Steal a moderate amount of information from the defender’s system. |
Steal Database | –3 | Steal a large amount of information from the defender’s system. |
Modify Information | –5 | Discretely modify information in the defender’s system. This may be detected by a successful 12+ Electronics (Computers) check by the defender. |
Modify Ownership | –6 | Discretely modify the ownership information for the system. This may be detected by a successful 12+ Electronics (Computers) check by the defender. |
Disable Computer | –8 | Disable the defender’s system |
Defender Operations | ||
---|---|---|
Operation Name | Advantage Change | Description |
Wait | - | You wait for this turn. This does not consume an operation point. |
Listen | - | Probe and Intense Scan now require a successful 10+ Electronics (Computers) check by the attacker. |
Remove Vulnerabilities | –1 | Attempt to remove vulnerabilities from the defender’s systems. Exploit only changes advantage by +1 (instead of +2) if performed within the next two turns |
Remove Backdoor | –1 | Attempt to remove a backdoor program. Requires a defender’s successful 8+ Electronics (Computers) check. This will stop any currently running Backdoor programs. |
Obscure Defenses | –1 | Attempt to obscure the nature of the defender’s security system. This may be stopped by an attacker’s successful 10+ Electronics (Computers) check. |
Change Passwords | –2 | Change passwords for compromised accounts. This may not be done again for another two turns. |
Set Trap;Trap is removed once it has been triggered | - | Set a trap for a specific attacker operation, with the exception of Disable Computer. Conceal the chosen operation from the attacker. When the trapped operation is performed, change the advantage by –2. The defender may only have one trap set at a time. |
Full Audit | –2 | Perform a two-turn audit of your security to make adjustments. You may attempt no operation next turn. |
Trace | - | Obtain a rough location of the attacker’s computer. The advantage must be less than 0 to perform this operation. |
Block Connection | –2 | Attempt to block the attacker’s primary connection. This can be prevented by a successful 10+ Electronics (Computers) check by the attacker. |
Restart Firewall | +2 | Restart the firewall configuration. In two turns, change the advantage by –3. |
Reset | - | Initiate a system reset. You may attempt no further operations until this is complete. This will complete in two turns. |
Notes (Jeff Zeitlin)
- All operations succeed unless the description specifically requires a player to make a roll.
- Advantage being “less than” or “below” a specified value means that it is more favorable to the defender than that value. “Greater than” or “above” is more favorable to the attacker. Similarly, positive Advantage changes are favorable to the attacker; negative changes to the defender.
- When an operation takes multiple turns (Full Audit, Reset), the defending player must choose Wait until the requisite number of turns has passed.
- Attacker operations with large negative Advantage may represent goals of the hack. This, plus limitations on operations that may be used, encourages tactical planning by the attacker.
Sample Game (Jeff Zeitlin)
Scenario:
The player-characters have been hired by a megacorp to hack into the computers of a small office of a subsidiary of a competitor to find evidence that the competitor has been providing “covert” support for a pirate band that has been preying on the megacorp’s ships. The referee rules that if the player-characters can achieve a “steal database” operation, they will have sufficient evidence to satisfy their employers. However, word has leaked out, and the target is aware that a “hack” is a possibility.
The Attacker in this scenario is one of the player-characters, INT 10 (DM +1) and Electronics (Computers) 2. The player rolls Electronics (Computers) and rolls a 10, +1 for INT DM, +2 for Electronics (Computers) skill. For this scenario, the Attacker has 13 Operation Points.
The referee rules that the targeted computer has Security/1 software (grants 6 Operations points) and an Agent/1 operator (DM +2). The referee rolls Electronics (Computers) and rolls a 7, +2 for the Agent/1 DM, +6 for the Security software’s Operations points. For this scenario, the Defender has 15 Operation Points.
Round 1 (Advantage 0):
Attacker has 13 Operation Points
Defender has 15 Operation Points
Attacker attempts: Steal Database
Defender attempts: Block Connection (and Reverses)
Since the Defender was expecting the attack, they spend the extra Operation Point to reverse the order of resolution. This reversal succeeds (because the Attacker didn’t also try a reversal). The attempt at blocking the connection requires that the Attacker now roll Electronics (Computers) for 10+; given the Attacker’s DM +3, the connection will succeed if the Attacker rolls 7+. The roll is only 6, however, and the connection is blocked. The Advantage is now -2. The Steal Database operation fails, as the Advantage change of -3 would put the total Advantage past -3.
Round 2 (Advantage -2):
Attacker has 12 Operation Points
Defender has 13 Operation Points
Attacker attempts: Blind Exploit
Defender attempts: Obscure Defenses
Since the Attacker’s operation is resolved first, the blind exploit succeeds, moving the advantage to 0. Then, the Defender attempts to obscure the system’s defenses, which can be prevented if the Attacker rolls Electronics (Computers) for 10+ (7+, and then add the INT DM of +1 and the Electronics (Computers) skill of +2). The roll is 8 before applying DMs, meaning that the Attacker succeeds, and the defenses are not obscured.
The above is how the round was presented in the PDF. However, it has been (correctly) brought to our attention that the Defender should have had an opportunity to block the Blind Exploit by rolling Electronics (Computers) for 10+. The sample game plays out the same if the Defender rolls 7-, as the Agent/1 operator grants a DM of +2.
Round 3 (Advantage 0):
Attacker has 11 Operation Points
Defender has 12 Operation Points
Attacker attempts: Steal Database
Defender attempts: Change Passwords (and reverses)
The Defender realizes they’ve made a mistake, and now tries to fortify the system quickly, in a panic, so they spend the extra Operation Point to change system passwords ahead of the attacker’s next phase of attack. The Advantage moves to -2 as a result, and the Attacker’s attempt to steal the database is again foiled (it would move the advantage past -3).
Round 4 (Advantage -2):
Attacker has 10 Operation Points
Defender has 10 Operation Points
Attacker attempts: Phish
Defender attempts: Remove Vulnerabilities (and Reverses)
The Defender is still trying to fortify the system ahead of the next attack phase, so again spends an extra Operation Point to reverse the order of resolution. The attacker did not also try to reverse the order, so the Defender’s reversal succeeds, and the Remove Vulnerabilities is resolved first, moving the Advantage to -3. The Attacker’s attempt to Phish is now resolved, and the Defender rolls Electronics (Computers) for 8+, with a DM of +2 since the operator is Agent/1. The referee rolls a natural 9, and the Defender easily resists the Phish, leaving the Advantage at -3.
Since the Advantage is at -3 at the end of this round, the attack ends (the Attacker is locked out of the system), and the Attacker has failed in their objective.
Closing Thoughts (Jeff Zeitlin)
As written, the mini-game uses the rules for throwing task checks from Mongoose Traveller Second Edition. Converting them to other versions of Traveller wouldn’t be difficult.
These rules were written with a single attacker and a single defender in mind. If you want to have teams of hackers (attackers) or of operators (defenders), consider having each additional team member add to that team’s Operation Points without otherwise changing play. A first guess at how to do this is to add the team member’s INT DM and Electronics (Computers) skill, and divide by two, rounding up.