Get in. Do a thing. Get out. Look awesome doing it.
That’s your typical cyberpunk adventure, and it always involves some sort of security. On this episode, we discuss real-world hacking inspiration, cinematic heist scenarios, and strategies for balancing game difficulty. We dive into the nuances of netrunning, social engineering, and how even the best-laid plans can spiral into chaos.
Examples are drawn from the Cyberpunk RED and Cities Without Number role-playing games, with the occasional digression into Dungeons & Dragons, Blades in the Dark, and Scum & Villainy.
Quotes
- “You can plan it out meticulously and think you’ve got everything covered… but then you get five minutes into it, and everything has gone wrong… something’s always gonna go wrong, and that’s where the drama happens.” – David
- “There is crazier stuff going on in the real world in, like, cybersecurity right now than you’re going to think of in your game, I guarantee it.” – Chris
Chapter List
0:00 Intro and Cyberpunk Security
2:15 Cyberpunk Red Heists and Netrunning Mechanics
8:45 Chris Miller’s Real-World Cybersecurity Insights
12:10 Cinematic Inspirations for Cyberpunk RPGs
15:45 Balancing Player Roles in Heist Missions
21:30 Real-World Hacking vs. Fictional Depictions
27:15 Strategies for Planning Heists in RPGs
35:10 Handling Consequences and Failed Plans
39:45 The Art of Improvisation in Cyberpunk Campaigns
45:00 Outro
Video
Show Notes
Cyberpunk Resources
- Broken Loop – Our Cyberpunk RED Actual Play Campaign
- Cyberpunk RED Role-Playing Game Resources
- Locked Out: Doors, Locks, & Security Homebrew Rules for Cyberpunk RED
Thinking About Cyberpunk Security
Planning the Network/Scoping the Heist
- Two main choices:
- Scale the network difficulty for your players (story mode), or
- Don’t, and design for the idea that some things are beyond the capabilities of you team (but they might get lucky)
- Remember the Defender’s Paradox (Defense must be perfect, but attackers need to succeed only once):
- The Net Architecture Difficulty section on p210 of the Core Guide help with this
- For the D&D minded, things of the daemons and such as counterspells and denizens of a dungeon. That’s what this is.
- Inspiration
- The examples in the core guide are pretty good
- Real world threat intelligence guides are a great inspiration: for example – Visual Threat Intelligence: An Illustrated Guide For Threat Researchers
- Movies, while cheesy, can provide some inspiration – OH GOD NOT SWORDFISH WHY
- Podcasts – Hacking Humans from Cyberwire, Darknet Diaries, news programs
- Books – oh so many (history of Space Rogue’s book on L0PHT, Kevin Mitnick, etc)
Role-preservation
- Know your players. What are their roles and what are their skills?
- What skills is the crew missing?
- If you are missing a role, what opportunities can you create to give the players options for getting past the challenge.
- If you lack a TECH, MEDTECH, or NETRUNNER, you’re unlikely to bypass electronics.
Creative Thinking
- Encourage your players to think outside the box. How else can you get into the room or past the door, or through the challenge?
Consequences
- Noise attracts guards … and the more time it takes to get through security, the greater chance the guards will show up.
- C4 may destroy the thing you came to snag.
Not all security is a locked-down barrier
- It could be a drawing in a conference room
- It could be a data drive hidden in a crystal necklace at a party
- Protected by guards, surveillance
- It could be a person or animal (remember Ein the corgi from Cowboy Bebop)
Time Pressure
- Start a clock! If not using a clock (with increments advancing toward an event) then just advance time … and have consequence for advancing time.
What happens on a failed roll?
- Are they not getting through?
- They get through but there is a complication
- The clock ticks up.
What happens on a failed gig?
- Consequences for not securing the thing.
The Situations
As in Blades in the Dark, think about the type of engagement that the players might execute.
Situation 1: Sample Retrieval
Break into a secure vault in a biolab. Retrieve a sample. You have 24 hours. (hard target infiltration)
- Hack your way past the physical security & Infiltrate their network to bypass or control networked security
- Blast your way in.
- Talk your way in (but it could be really hard)
Examples: Resident Evil, Die Hard, Terminator 2, Fast Five
Situation 2: Steal data from a secure terminal
Steal data from a secure terminal in a ZetaTech subsidiary. It must be completed in one week’s time. (Soft target infiltration: Open to the public and easily infiltrated)
- Forge identities to infiltrate the company (steal the ID card, hack the computer to add your record)
- Go legit: they get themselves hired by the company
- They break into the building
- Go in as solos and blast their way through the building
Example: Sneakers, Cyberpunk 2077 – Arasaka tower, V and Jackie
Situation 3: Corpo Defection
A corporate operative wants to defect to a non-profit, but they’re constantly watched by security officers. They will be at a high-profile Zetatech gala and it’s their only chance for extraction. You’ve got a month until the gala.
- Rockerboy gets hired as the entertainment
- Get hired as supplemental security or medical support
- Go in hard – hire goons to attack the party, giving you the chance to snag the operative (if you don’t care about the collateral damage)
- Hack the building – Cut power, bypass remaining security
- Fake it – Do the Mission Impossible thing.
Example: Ocean’s 12, Count Zero
Feedback
We love feedback! You post a comment below or connect with us using these channels:
Featured Image Meta
The map from our Cyberpunk RED campaign’s infiltration of Elysium HQ. Art is from the Traveller Starships GeoMorphs fan source book for the Traveller RPG.
Podcast: Play in new window | Download