Get in. Do a thing. Get out. Look awesome doing it.
That's your typical cyberpunk adventure, and it always involves some sort of security. On this episode, we discuss real-world hacking inspiration, cinematic heist scenarios, and strategies for balancing game difficulty. We dive into the nuances of netrunning, social engineering, and how even the best-laid plans can spiral into chaos.
Examples are drawn from the Cyberpunk RED and Cities Without Number role-playing games, with the occasional digression into Dungeons & Dragons, Blades in the Dark, and Scum & Villainy.
Quotes
"You can plan it out meticulously and think you've got everything covered… but then you get five minutes into it, and everything has gone wrong… something's always gonna go wrong, and that's where the drama happens." - David
"There is crazier stuff going on in the real world in, like, cybersecurity right now than you're going to think of in your game, I guarantee it." - Chris
Chapter List
0:00 Intro and Cyberpunk Security2:15 Cyberpunk Red Heists and Netrunning Mechanics8:45 Chris Miller’s Real-World Cybersecurity Insights12:10 Cinematic Inspirations for Cyberpunk RPGs15:45 Balancing Player Roles in Heist Missions21:30 Real-World Hacking vs. Fictional Depictions27:15 Strategies for Planning Heists in RPGs35:10 Handling Consequences and Failed Plans39:45 The Art of Improvisation in Cyberpunk Campaigns45:00 Outro
Video
https://youtu.be/paCzPGt-EPw
Show Notes
Cyberpunk Resources
Broken Loop - Our Cyberpunk RED Actual Play Campaign
Cyberpunk RED Role-Playing Game Resources
Locked Out: Doors, Locks, & Security Homebrew Rules for Cyberpunk RED
Thinking About Cyberpunk Security
Planning the Network/Scoping the Heist
Two main choices:
Scale the network difficulty for your players (story mode), or
Don’t, and design for the idea that some things are beyond the capabilities of you team (but they might get lucky)
Remember the Defender’s Paradox (Defense must be perfect, but attackers need to succeed only once):
The Net Architecture Difficulty section on p210 of the Core Guide help with this
For the D&D minded, things of the daemons and such as counterspells and denizens of a dungeon. That’s what this is.
Inspiration
The examples in the core guide are pretty good
Real world threat intelligence guides are a great inspiration: for example – Visual Threat Intelligence: An Illustrated Guide For Threat Researchers
Movies, while cheesy, can provide some inspiration – OH GOD NOT SWORDFISH WHY
Podcasts – Hacking Humans from Cyberwire, Darknet Diaries, news programs
Books - oh so many (history of Space Rogue’s book on L0PHT, Kevin Mitnick, etc)
Role-preservation
Know your players. What are their roles and what are their skills?
What skills is the crew missing?
If you are missing a role, what opportunities can you create to give the players options for getting past the challenge.
If you lack a TECH, MEDTECH, or NETRUNNER, you’re unlikely to bypass electronics.
Creative Thinking
Encourage your players to think outside the box. How else can you get into the room or past the door, or through the challenge?
Consequences
Noise attracts guards … and the more time it takes to get through security, the greater chance the guards will show up.
C4 may destroy the thing you came to snag.
Not all security is a locked-down barrier
It could be a drawing in a conference room
It could be a data drive hidden in a crystal necklace at a party
Protected by guards, surveillance
It could be a person or animal (remember Ein the corgi from Cowboy Bebop)
Time Pressure
Start a clock! If not using a clock (with increments advancing toward an event) then just advance time … and have consequence for advancing time.
What happens on a failed roll?
Are they not getting through?
They get through but there is a complication
