LegendBegins Moderator

@Katthaj@Finris@sassy1085

The RP has officially started! The opening might be a little different than most RPs on this site, but there's reasoning behind it, and I expect it to balance out more as it goes on. Since we're just dealing with underground acts, you don't have to have an InfoSec agent yet. Feel free to open yours up however you'd like; just know that every hacker participating received a similar email from The_Elder with the same link to Th3_Calm. I'm really excited for what's in store and I think you all are going to like it.

Some hacking background if you're interested: OffByNone broke into a server located at service.taiwan.gov.tw and downloaded the entire archive folder onto their device, presumably obtaining government secrets. They then executed rm -rf /, which is another way of saying "Delete literally every file that exists on this computer." #DragonScythe1339 is an IRC channel, which (if you're not familiar) is kind of like Discord but much older and less sophisticated. The secure stream implied that The Elder was watching OffByNone through a camera somewhere in their house and had it automatically transcribed. I know I used "they" a lot, which is typically poor writing practice, but I don't want to give up secret info that early, haha.

OffByNone slid back in their leather swivel chair and wiped a bead of sweat off their face. Ugh, that was painful. But let's see who has you in their back pocket, Taiwan... As soon as the cursor hovered over the newly created blackmail folder, an email notification popped up under the mouse, redirecting OffByNone to Outlook. Nonono— agh! What is this??



OffByNone looked at the email in confusion. Not only had this sender known about Dragon Scythe's campaign against the Taiwanese government, but this "Elder" had somehow managed to get a hold of their personal email as well. And there was a Discord link as well. discord.gg/R7aQXMt
...Discord? Well, OffByNone had a Discord, but had never seen anyone use it for any kind of underground operation. A prank? But still, how would "Elder" know about the mission? Redux pulling a prank? But Redux didn't have access to this email address. The VPN was active, so what harm could it really do? The next moment, the left button on the mouse depressed and data began to travel throughout the ever-expansive labyrinth of networking equipment, streaming into the cramped and stuffy bedroom. OffByNone had entered Th3_Calm.

Hacker
OffByNone
U.N.K.N.O.W.N.
Pakistani VPN. Authorities have traced potentially correlated traffic to Israel, but no concrete details have been confirmed.
Dragon's Scythe (Ad Hoc). The organization is responsible for releasing secret government documents exposing corruption and generating significant public unrest in over 30 countries across the globe. Chile has offered a $150,000 bounty for information related to Dragon's Scythe and President Trump has described the organization as "a major threat to cyber for the U.S., maybe even the world." While not a consistent member, OffByNone has proven him/herself regularly valuable.
OffByNone is rarely active on Saturday afternoons and has an interest in all things scientific and technological. Attempts to pin down precise working hours have failed, but OffByNone willingly reveals trivial personal hobbies such as shows he/she is following, recent memes, and qualms with societal structure and customs. Authorities have built a comprehensive personality profile of OffByNone.

---

Obviously approved =). IC post should be up soon, and I think you all will really like what you'll find.

@sassy1085

Definitely; I'm building the first IC post. Expect it this week—I'll be sure to ping all of you as well.

@sassy1085

Hacker approved!

@Finris

Yep, feel free.

@Katthaj

Hacker Approved!

@Finris

Hacker and InfoSec approved! Great details; it sounds like we'll be getting into some dangerous hardware vulnerabilities.

@sassy1085

Still working on the hacker or is it just the infosec professional that's left?

@Finris@sassy1085

I went ahead and created a thread for the RP. I'll wait a couple of days before starting. roleplayerguild.com/topics/177991-h-c…

Click.
Click.
Click.

...I'm in.

Cyber Attacks. Advanced Persistent Threats. Hacktivist Organizations. All of these have become a standard artifact of daily life in our digitally interconnected world. And as more systems become digitized, a certain subset of the population grows more powerful: Hackers. Threats have skyrocketed to lethally dangerous levels, to the point where a simple script kiddie has the potential to take down physical systems connected to the net. Crash trains. Pollute water treatment. Burn fuel. But fortunately, another group has risen to counter this insurgence of malicious actors. Information Security professionals, many of them ex-hackers themselves, are perpetually at work to restore order to the cyber world and stay ahead of this game of cat-and-mouse, lest those with no stake in the game obtain the power to destroy it.

Which of us haven't wondered at some point in their lives how it's really done? How hackers actually manage to break into systems? Wonder no longer. H@ck3rz is an RP that takes place in our world and engages in scenarios that are akin to what real attackers encounter and how they interact with systems across the globe. No information security or computer science experience required. Every player will generate two characters: A hacker (including hacktivists, foreign government agents, malware developers, lone wolves doing it for the lulz, etc.) and an information security professional (including penetration testers, defense specialists, compromise analysts, local government agents, etc.). The attackers cause some degree of mayhem that corresponds to their particular goals, whereas the security professionals aim to nullify efforts of malicious actors and to protect the world from their antics.

I am an information security professional IRL, and I'm more than willing to answer any questions you might have (now and throughout the RP), and I'll gladly work with you to ensure that you have a good understanding of the direction you want to take the attack/hunt and will give you any resources you'd like to carry out whatever situation you have in mind. H@ck3rz is about the players, not the GM, and in a world where cyber criminals can hit just about any system, virtually no attack is too outlandish to carry out in one way or another, be it through social engineering, exploit development, or even physically breaking into secure facilities. I have access to real attack tools and can provide anything from screenshots to software in order to ensure that your vision of your incident is fulfilled. Be prepared to solve puzzles, look for evidence, and defeat the hackers once and for all.

If you have any questions or interest, please let me know. Below I've included samples of potential scenarios and engagement locations. If you feel that you want to join, we will be beginning soon here: roleplayerguild.com/topics/177991-h-c…

Thank you.

Click.
Click.
Click.

...I'm in.

Cyber Attacks. Advanced Persistent Threats. Hacktivist Organizations. All of these have become a standard artifact of daily life in our digitally interconnected world. And as more systems become digitized, a certain subset of the population grows more powerful: Hackers. Threats have skyrocketed to lethally dangerous levels, to the point where a simple script kiddie has the potential to take down physical systems connected to the net. Crash trains. Pollute water treatment. Burn fuel. But fortunately, another group has risen to counter this insurgence of malicious actors. Information Security professionals, many of them ex-hackers themselves, are perpetually at work to restore order to the cyber world and stay ahead of this game of cat-and-mouse, lest those with no stake in the game obtain the power to destroy it.

Every player will generate two characters: A hacker (including hacktivists, foreign government agents, malware developers, lone wolves doing it for the lulz, etc.) and an information security professional (including penetration testers, defense specialists, compromise analysts, local government agents, etc.). The attackers cause some degree of mayhem that corresponds to their particular goals, whereas the security professionals aim to nullify efforts of malicious actors and to protect the world from their antics. Every hacker can be stationed at anywhere in the world, while the professionals are either based in America or travel to the same location. Every scenario is akin to what real attackers encounter and how they interact with systems across the globe.

I am an information security professional IRL, and I'm more than willing to answer any questions you might have and I'll gladly work with you to ensure that you're prepared to take the attack/hunt in the direction you want it to go and I'll give you any resources you'd like to carry out the situation you have in mind. H@ck3rz is about the players, not the GM, and in a world where cyber criminals can hit just about any system, virtually no attack is too outlandish to carry out in one way or another, be it through social engineering, exploit development, or even physically breaking into secure facilities. I have access to real attack tools and can provide anything from screenshots to software in order to ensure that your vision of your incident is fulfilled.





Character Sheet Template (feel free to modify however you think is best):

Hacker/InfoSec
NibbleOverfl0w (Screen name/username)
U.N.K.N.O.W.N. (Hackers may have names if well known, InfoSec agents will have names, but they might be fake)
Country (If known)
Dragon's Scythe (If the hacker is a part of a hacking group or other team, put it here. The InfoSec agent will most likely work for a company or be a freelancer)
Place personal history or personality details about the individual. InfoSec agents may have a life, a family, hobbies, etc. Hackers may have the same and it's up to you whether to keep those secret, but they'll likely have some sort of known personality among online friends.



Again, feel free to modify it to suit you. Since you're making two of them, they don't have to be abhorrently long, just reasonably enough to get the details across.