Security – Counterting Matrix Threats
The world of Shadowrun experienced a technical as well as magical revolution. Advances in computer technology have revolutionized how metahumans interact with the electronic world around them. Things are connected and accessible on an uprecedented level, giving those connected to the Matrix a fantastic wealth of information and power. However, with this access comes the risk that those with malicious intentions will subvert the system, and abuse the connections of the Matrix. Right from the beginning, those who planned and engineered the Matrix were aware of the need for security. For many years, this was a difficult battle for those looking for security, with the hackers always staying one step ahead of them. After many long years of work, though, the Matrix powers have finally gotten their wish, and the Matrix of 2075 is more secure that it has ever been – and more controlled.
- Device – Rating
- Vending Machine – 1
- Camera – 1
- Door Lock – 2
- Sensor – 2
- Common Drone – 3
- Security Drone – 3
- Workstation – 3
- Corporate Server – 4
- Security Controller – 5
The first and most basic way to protect a device is to limit access to it. By default, all devices run in normal mode, announcing their presence and inviting connections from other devices. The entire Matrix is built on of the premise of devices connecting to one another and being accessible so that people can get information or services from them. In public areas, law enforcement services require people to run their personal device in normal mode so their identity can be verified. When running normally, devices can interact with any other random device that happens to be nearby. However, some devices, such as those connected to a security system, have no such need. In most cases, these devices will be running silent.
In addition to running silent, network administrators work to limit the accessibility of their important devices to the bare minimum necessary for their functioning. The primary way of doing this is to increase the Noise ratinf for those in the vicinity who may have less-than-honest intentions. If the device is outside, landscaping such as earthworks and vegetation can be used to increase Noise between the device and an attacker. If the device is inside, wireless inhibiting wallpaper or paint can increase Noise to the device, or a Faraday cage used in select sections of the building can cut off access from the outside completely. So, a corporation’s top-secret research system will almost never be accessible from outside of the building where it is located. The system may only be accessible from inside the building, or even a specific area (or room) in the building. By forcing potential hackers to have to be in a specific physical location to perform their intrusion, the physical security of the area becomes part of the Matrix security as well.
GODs and Spiders
Matrix security specialists know that even the best and most sophisticated electronic security measures can be circumvented by someone with enough skill. Ultimately, protecting things on the Matrix comes down to the last line of defence: spiders, GODs, and demiGODs. A metahuman security professional whose job is overseeing the security of a particular network (or group of networks) is referred to as a spider. A spider will have much (if not all or more) of the same skills and equipment as any intruding hacker, with the only difference being that they are defending the system rather than attacking it. Just like the physical security forces of a building, the individual abilities and tactics of a spider vary wildly. They do whatever they can to attempt to protect the system by slowing down or stopping the intruder. Since spiders are considered the owners or administrators of the system, they can command any of the devices in that system without having to gain any marks, since they already have the owner mark for all devices. They have the authority to launch or shut down IC, raise or cancel alarms, or even perform emergency shutdown of the entire system. Spiders do their job exclusively in the Matrix, and so can be on-site for whatever network they are protecting, or remote logging in from elsewhere. Having a spider on-site generally leads to faster response times to network threats, but it leaves the spider vulnerable to physical attacks.
The heavy hitters, the virtual boogymen, of the Matrix are the Grid Overwatch Division (GODs) of the Corporate Court and their branches, the demiGODs, that provide security on individual grids. These are the best, brightest, and most well-equipped security forces in the Matrix, and something most hackers rightly fear. They respond to the most serious security breaches, or anything that happens to catch their interest. Repeated intrusions, especially if they go mostly undetected, may draw the attention of the local demiGODs, as well as a particularly persistent or noisy intrusion. A demiGOD is like a hacker in some ways, but has top-level training and the best equipment that nuyen can buy. A GOD agent, or “G-Man”, can be expected to have the equivalent of an owner mark on any device that exists on their grid.
In some circumstances, technomancers will be employed to protect a system as its spider. In this case a technomancer will use the full extent on their unusual abilities to protect the network including compiling sprites. These instances continue to be rare, however, due to the scarcity of the technomancer talent and the corporations’ continued mistrust of them.
Hosts and IC
Any network owner that is really serious about protecting their devices will use a Host. A Host is an integrated system architecture where all devices exist inside a single Matrix entity that can run more complex programs. Creating a Host is akin to constructing a building an putting important things inside. None of the devices can be accessed without first gaining access (via a mark) to the Host itself. The Host then becomes the Master for all the devices within it, thus providing the same protection as a WAN. However, the biggest additional protection that a Host provides is the ability to run Intrusion Countermeasures (IC) programs.
IC are a unique class of program that are like a drone, but in the virtual realm of the Matrix. IC are constructed with a specific set of abilities and given a defined purpose. Some IC look for intruders, other inhibit intruders, and a few can harm a hacker’s equipment or even their person. Although IC are fairly single-minded and not terribly adaptable, they are very good at performing their intended purpose when set on it. The real strength in IC comes in the swiftness of their response, and their resiliency. IC are run as Programs on the Host, and thus can be activated just as quickly as any other program in a single Combat Turn.
This means that IC can respond to a threat within seconds of it being identified. IC programs can be crashed, but can simply be reactivated the very next turn by the Host. This means that IC can be delayed, but never permanetly destroyed. A Host can have up to its Rating in active IC programs at one time.
IC are not terribly selective in their targeting, however, so IC owners need to be careful to not attack legitimate users. For this reason, as well as the speed with which IC can be deployed. Hosts will generally not have many IC programs running constantly. The only kind of IC that is safe to keep running is a Patrol IC. A Patrol IC acts like a physical security guard would, moving about the Host, validating identities and looking into suspicious activity. If an intruder or nefarious activity is detected, the more poactive IC programs can be launched by the Host.
Hosts and IC programs are generally affordable, so any organisation serious about protecting their Matrix assets will install them. As a result, this is the most common kind of system that a hacker will encounter. Creating a Host doesn’t prevent system administrators for employing other forms of network protection such as Access Limitation, and the Host will (of course) exist on a specific Grid.
PANS and WANS
Another way to protect individual devices is to connect them as slaves to a master device in a personal area network (PAN) or wide area network (WAN). By connecting less sophisticated and vulnerable devices to a single more powerful and secure Master device, the entire network is made more secure. When configured in this way, every device uses the Rating of the Master instead of its own when doing any sort of test. This makes all devices in the network as strong as the Master device, which greatly increases the security of the entire network. However, the protection provided in this manner is still a device’s inhernt protetion. It is just protection from a more sophisticated device.
The most common way that a hacker will circumvent the protection of a network is by making a direct connection to a device that is part of that network. To make a direct connection, a hacker must have a physical (wired) connection to the device, which necessitates close physical proximity. With this connection, the hacker can target the device separetely from its Master, and thus gain marks against the much lower Rating of the device. Network administration and security spiders are well aware of the vulnerability of a direct connection to devices on a network and will take steps to protect that vulnerability. This usual means physically protecting the device – for example, placing it behind a wall, inside a locked casing, or put somewhere difficult to access physically. Since the device will normally, legitimately, be accessed via wireless placing it in an awkward physical location doesn’t pose any inconvenience for the device owners.
It is possible for a network owner to decide to forgo wireless connections entirely and instead connect their system using traditional wires. This is rare due to the inconvenience it presents, but still an option for those mistrusting of the security wireless offers. All Matrix devices connected via wireless by default, with many of the less expensive ones not having a wired connection option. If an organisation wants to wire a network, the cabling must be purchased and installed throughout the location where the network exists. This limits the placeement of devices and requires maintenance of the proper connections. Wired networks are still vulnerable in many of the same ways as wireless networks. If a wire is breached and tapped anywhere along its length, the signals can be intercepted and retransmitted via wireless anyway. It should be noted, though, that between grids, hosts, IC, Spiders, and GODs, coprorations are feeling very confident in the security of their wireless networks. This means that runners are only likely to encounter wired security in the hands of the exceeding protective or paranoid.
Storyline: Seattle Elections 2069
This site is constantly under revision, no blog posts are final as this is a work in progress place for me to develop my game settings and rules. Some posts might be placeholders for future content, so feel free to check back later for updated information.