Thursday, April 13, 2023

Playing A Hacker In Delta Green

Hackers can be incredibly effective Delta Green Agents, especially in the standard modern setting, where digital technology is pervasive. But many people might be intimidated, because Delta Green strives for a realistic feel and they think that they can’t play a hacker well if they don’t know how "real" hacking works. In this post I list some techniques that a real life hacker could use to break into systems and how to map them to Delta Green skills.

Social Engineering

Social Engineering is the art of gaining access to systems by exploiting human weaknesses. The best hackers are not only experts in manipulating computers, but also people, so make sure to put some points into related skills.

Phishing

Set up a fake duplicate of a website, send a link to the target with a spoofed email address and hope that they enter their username and password. Use Persuade or HUMINT to make the website convincing.

Impersonation and Voice Phishing

Pretend you are someone else to convince your target to divulge login credentials. Use Persuade or Disguise to impersonate an authority figure or HUMINT to find out how to best approach your target.

Coercion

This approach is also known as rubber-hose cryptanalysis. Use blackmail, threats or torture to extract the information you need from your target. This is done with the Persuade skill, but HUMINT and Psychotherapy might help you find out what the best interrogation method for your victim is. Be aware: this tactic might cost you SAN!

xkcd: Security

Digital Intrusion

Break into a computer system. This is what most people think hacking is all about.

Direct Access Attack

Hacking a system is much easier if you have direct physical access. Use Stealth and Craft (Locksmith) to break into the building that your target is in. Once inside you can clone hard drives, install malware by simply plugging in a prepared USB stick, install a hardware keylogger or other surveillance equipment, etc.

Vulnerability Exploitation

Identify a weakness in a computer’s security system and take advantage of it. This is the gold standard of all hacking disciplines, because it is often the most difficult and time consuming. Use Computer Science to find an entirely new weakness in a highly secure system. Use SIGINT to use off-the-shelf tools to attack unpatched systems. Use Criminology to buy exploits on darknet black markets.

Brute Force

Sometimes there is no other way than to try every possible password and hope you get lucky. Use SIGINT or Computer Science to use cracking tools that try common passwords first or just rely on a Luck roll. The Handler decides if brute force has any chance of working and if you have to roll at a penalty.

Side-channel Attacks

You can use a side-channel attack if your target has a very secure computer system, but unintentionally leaks information in some other way. E.g. you can perform Van Eck phreaking/TEMPEST to see your targets screen by the electromagnetic radiation that it emits. Or you can recover passwords from a computers memory after it has been shut down and cooled with freeze spray (cold boot attack). Side-channel attacks often require expert knowledge about the system in question and the attack itself, e.g. Science (Physics) or Craft (Microelectronics). The Handler decides if a side-channel attack is possible and which skill is appropriate.

Inside the System

You are inside the system, but your work is not yet done. Here are some things you can do next.

Install Malware

Install a Remote Access Trojan (RAT) to spy on your target. Destroy data with a wiper virus. Use ransomware to encrypt your target’s data and extort them. Use Computer Science to program your own malware or use Criminology to buy existing one.
You can also try to get your victim to install the malware by themselves with a Phishing attack (see Social Engineering).

Privilege Escalation

What if you have broken into a normal user account, but need admin privileges to access/destroy/steal the data you are interested in? You can try to find another vulnerability using Computer Science or SIGINT or you can buy a zero-day exploit on the black market with Criminology (see Vulnerability Exploitation).

Steal Data

Download database dumps, encrypted password files, browser cookies, etc. Use SIGINT to identify and break encryption. To crack more advanced encryption schemes you might have to develop your own decryption algorithm using Computer Science or Science (Mathematics).
Some modern encryption algorithms are too strong to break, even with access to a supercomputer. The Handler decides if that is the case.

3 comments:

  1. 'Some modern encryption algorithms are too strong to break, even with access to a supercomputer' But what if Delta Green gives you access to a functional quantum computer?

    ReplyDelete
    Replies
    1. Quantum resistant algorithms are already available, so even with a quantum supercomputer...

      Delete
    2. I think that the Handler's Guide mentions that the Program inherited quantum computing capabilities from Majestic, so this could be a real possibility. A powerful enough quantum computer could indeed crack the most commonly used encryption schemes. Like the other commenter mentioned, there is research into quantum-resistant encryption algorithms, but I don't know if these are already used to any significant degree.

      Delete