Wanted: Megacorp Security Summary, specifically Wuxing Towers in Seattle Options

[Semerkhet]

Hey all,

Riffing off an idea I saw on DS a while ago, I'm considering having my team get hired to break into one of the Wuxing Towers in Downtown Seattle. Their mission will be to place a number of items in various locations in the tower in order to disrupt the carefully maintained feng-shui of the tower. This will require that the team get entry to the main atrium area, a handful of offices, and get access to the HVAC control system. They will not be required to enter the most secure portions of the tower. So yes, they're breaking into a megacorp's regional HQ but not the most secure portions of said HQ.

So as I start putting together my first serious high security opposition in 4e, I was wondering if anyone on DS had a security template, approximately fitting the above description, they would be willing to share. I expect Wuxing to be heavy on magical security and not quite as heavy on matrix and physical security. I'm sure I could put something satisfactory together, but I figured the collective knowledge of DS might keep me from completely reinventing the wheel.

Thanks in advance for any help or suggestions.

[MikeKozar]

For what it's worth, I had my players do a run on the MCT Towers last mission, so I have some security forces lying around you can check out. It was less well defended then an MCT research base just because of the public access, but I came up with an interesting layered design for the security forces.


The security forces are layed out in 9 classes, divided among three tiers; Security, High Threat Response, and Executive Protection. Each tier has slightly different stats for Grunts, Sergeants,and Commanders, based on the same layout.

Security was your basic rent-a-cops - they don't have significant cyberware, but they are equipped with image/sound links and biomonitors to connect them back to the security office. They are lightly armed - pistols and tasers, with SMGs in weapons lockers if the situation gets serious. Since the gear is reusable and the investment in personnel is so light, the Security tier has lots of 'feet on the ground' acting as remote sensors for the spider. They primarily work sensors and checkpoints, calling for backup if they detect a threat. In groups, they would probably be a match for gangers.

High Threat Response is much smaller then Security, but much better equipped. The basic HTR unit has 100k worth of upgrades - enough to give them an extra IP, and a few decent combat bonuses (IIRC, Aluminum bone lacing, Reaction Enhancers, and Muscle Replacement). They get great gear, too - light Military armor, chameleon coated, with vision/sound enhancements in the helmet, and Ares Alphas with smartlinks and some useful grenades in the underbarrel launcher. They're light for Runners, but they attack in groups of 8-12, and are smart enough to ambush.

Executive Protection is your Prime Runner level - I think the ones I had rolled up had 2,500,000+ worth of Deltaware. These guys are expected to save the day solo, and so they were worth as much as an entire HTR squad.


Anyway, just some ideas about how things might be layed out.

[Caadium]

This will require that the team get entry to the main atrium area, a handful of offices, and get access to the HVAC control system. They will not be required to enter the most secure portions of the tower. So yes, they're breaking into a megacorp's regional HQ but not the most secure portions of said HQ.

The level of security for the offices will be higher or lower depending on the specific office. However, HVAC control is something that I'd assume to be fairly well locked up. Just something to bear in mind.

[nezumi]

Mike - that stuff available somewhere where I can stea... err... borrow it? (IMG:style_emoticons/default/smile.gif)

[Semerkhet]

The level of security for the offices will be higher or lower depending on the specific office. However, HVAC control is something that I'd assume to be fairly well locked up. Just something to bear in mind.

I'm trying to get my head around Matrix topology for a facility like this. Reading through Unwired, I thought it might make sense to have a chokepoint security node for each tower acting as the gatekeeper to the rest of the system. By that logic, the security nodes are the only ones connected to the outside world and the rest of the systems are low Signal wireless nodes that don't extend coverage more than a few meters outside the building. Question is, where do you put the HVAC control systems? Slaved to the security node? Or somewhere in the system in a less protected node, on the assumption that it is adequately guarded by the security chokepoint? I'm still pretty new to SR4 security concepts, so this is taking a bit more time to grok than I'd originally planned.

Also, they'll be breaking into the offices of the VP of Shipping and a few more junior executives in the same department. Pretty high, but not the highest tier of management. It's not going to be easy, that's for sure.

Another factor is that the operation has to be either totally unnoticed or else balanced with a diversion serious enough to draw attention away from the real op.

[Semerkhet]

For what it's worth, I had my players do a run on the MCT Towers last mission, so I have some security forces lying around you can check out. It was less well defended then an MCT research base just because of the public access, but I came up with an interesting layered design for the security forces.

/snip
Anyway, just some ideas about how things might be layed out.

Thanks much, Mike. That definitely gives me a framework for the physical security structure.

Any suggestions on other sensors and magical defenses?

[Tias]

For one thing, there are no regular security forces - the one there are will definitely be 'tie-wearing security', in place to restrain employees for some reason or other. The ones manning the bottom floor are probably professional guards, with a wide range of disabling and lethal weapons, as well as in-house mages and security riggers. In the event of a run against them, elite corpsec commandos will be flown or driven in, armed and augmented with some of the very wizzer weaponry corp money can buy.

Also all kinds of scanners on every floor, I suppose, as well as landscaping - wide corridors linking austere officers for ease of firearms where the corpsec artillery comes into it's right, and stuff like cameras and retractable tungsten barricades out front (for stopping ramming or bomb-wired vehicles from going to town on the front doors).

[kzt]

Executive protection teams might be very deadly, but their job is to keep their principals alive and hopefully uninjured. So if you don't go after the VP's, his limo or his office....

[BRodda]

I'm trying to get my head around Matrix topology for a facility like this. Reading through Unwired, I thought it might make sense to have a chokepoint security node for each tower acting as the gatekeeper to the rest of the system. By that logic, the security nodes are the only ones connected to the outside world and the rest of the systems are low Signal wireless nodes that don't extend coverage more than a few meters outside the building. Question is, where do you put the HVAC control systems? Slaved to the security node? Or somewhere in the system in a less protected node, on the assumption that it is adequately guarded by the security chokepoint? I'm still pretty new to SR4 security concepts, so this is taking a bit more time to grok than I'd originally planned.

Ok here is my corp matrix security 101.

HVAC, Lighting and other background infrastructure are on their own network. This network is completely fiber optic and the cables are probably in 1inch pipes that run up and down the building with a small wire mesh that lets the system know it the pipe has been cut. One node for every floor that controls the thermostats, lights and such for that floor. The main Nexus is probably in the same room as the building's spider and has its own alert systems. This system should NEVER interact with the security system. It can issue alerts, but the Spider has to manually command it to issue them.

Security should have 1 Nexus for every 2-3 floors. It is also hardwired to the security devices (cameras, sensors, maglocks) it should have 1 node for each type of security device per floor. All the Nexi in the building should report to the main security Nexi in the Spider's room.

Communications should be wireless per floor with a Nexus hardwired to each floor to the main communications Nexi. This is what people tend to think of when they think of an office buildings "Matrix". Its where files are stored and each worker should have a personal node with security dependent on the sensitivity of their work. Some Executives will have a highly encrypted and secured network that has no wireless access and that would also be hardwired through the same pipes that run the facilities and securities fibers. Communication Nexi will be in the Comm Closet someplace out of the way. The Spider will spend most his time watching traffic here because this is where most deckers will hit.


Hope that helps a bit. Nice layered security that isn't to harsh.

[Shinobi Killfist]

I have a hard time seeing anyone breaking into the HVAC control system, I can see conning your way in as a more likely choice. The physical security is relevant if things go wrong, but I'd suspect they would be interacting with them directly. I would not expect top flight guards though, just very little options if any options outside of a con. Its a room, it has guards in it, you can't really sneak past them into the room they are in and start moving furniture without being noticed.

So the things they'd need to do s hack the system so it looks like a repair crew is coming, have appropriate disguises, successfully con the guards with bonus dice for a good disguise and proper docs. How tough is the matrix security, tough enough for the Decker that he is challenged, how slick are the guards probably not too slick the main part of this scam is the decker let his contribution shine.

If you want details on how good the security should be that kind of depends on two things, how good is the team(what kind of stats), and how challenging do you want this to be. How secure a AAA corp low security areas would be is almost irrelevant to making an adventure. If it is too secure for the team whether it is realistic or not all you did was either make them call the johnson and quit or they get killed, if it is not secure enough for your team they get bored because it is too easy. Also does your team trend towards pink Mohawk or the trench coat crowd.

Sorry if this comes across as unhelpful because that is not my intent. Anything past generalities I just find it impossible to help with without knowing the team a bit and what kind of adventure you want this to be. It is not my style of gaming to make sure everything is realistic to how a corp would respond to security, I know there are plenty of people who like that style its just not me. I want to challenge the group enough that they have to think and they have fun, but I don't want the challenge to be so much that the most likely outcome is a TPK. Too many layers will most likely outcome will be a TPK because eventually you do screw up a roll. A 3 layer system as someone mentioned is probably a good ballpark system, more than that and you are asking for a smack down from the dice gods.

[Semerkhet]

I have a hard time seeing anyone breaking into the HVAC control system, I can see conning your way in as a more likely choice. The physical security is relevant if things go wrong, but I'd suspect they would be interacting with them directly. I would not expect top flight guards though, just very little options if any options outside of a con. Its a room, it has guards in it, you can't really sneak past them into the room they are in and start moving furniture without being noticed.

Their HVAC objective is to mess with thermistor readouts on a couple of floors to convince the system that the air temperature is a few degrees warmer than it actually is, causing the environment controls to keep the air a bit chillier than normal. I'm guessing this could actually be done at the site of the temperature sensors themselves with a Hardware and/or Hacking Test.

If you want details on how good the security should be that kind of depends on two things, how good is the team(what kind of stats), and how challenging do you want this to be. How secure a AAA corp low security areas would be is almost irrelevant to making an adventure. If it is too secure for the team whether it is realistic or not all you did was either make them call the johnson and quit or they get killed, if it is not secure enough for your team they get bored because it is too easy. Also does your team trend towards pink Mohawk or the trench coat crowd.

Sorry if this comes across as unhelpful because that is not my intent. Anything past generalities I just find it impossible to help with without knowing the team a bit and what kind of adventure you want this to be. It is not my style of gaming to make sure everything is realistic to how a corp would respond to security, I know there are plenty of people who like that style its just not me. I want to challenge the group enough that they have to think and they have fun, but I don't want the challenge to be so much that the most likely outcome is a TPK. Too many layers will most likely outcome will be a TPK because eventually you do screw up a roll. A 3 layer system as someone mentioned is probably a good ballpark system, more than that and you are asking for a smack down from the dice gods.

It's not unhelpful at all. I want this run to be quite challenging from a planning and execution standpoint, but not from a deadly combat standpoint. My group and I trend toward trenchcoat, but we're not too far off the middle point of the Mohawk-Coat continuum.

The whole point of the op is to disrupt the carefully maintained feng-shui of the Wuxing Shipping division's offices and have the intervention go unnoticed just long enough to throw off the Wuxing execs' mojo during some important negotiations.

As was mentioned, a weakness of the Wuxing Towers is that the lower floors are open to the public. I'd think that security would focus on keeping unauthorized people from getting any higher than those first few floors. So heavy emphasis on passkeys for the elevators and stairwells. Cameras and security guard checkpoints, etc. I'd think that security on the floors where the lower and mid-management work would have a bit less security, relying on the chokepoints further down to keep intruders out.

There are definitely several ways to get in. Like you mentioned, a hacked repair crew authorization or other con job. A pure hacking/infiltration stealth job. Using a loud diversion to make it seem like some other portion of the building is the real target of the operation. And so on.

I'm less worried about specifics, like guard stats, as I'm perfectly capable of adjusting the threat level. I'm more interested in a structural and organizational overview because, as I said, I'm pretty new to 4e and I've not yet had the team get hired to do a high-security B&E.

Thanks to everyone for your suggestions thus far.

[Semerkhet]

Ok here is my corp matrix security 101.

HVAC, Lighting and other background infrastructure are on their own network. This network is completely fiber optic and the cables are probably in 1inch pipes that run up and down the building with a small wire mesh that lets the system know it the pipe has been cut. One node for every floor that controls the thermostats, lights and such for that floor. The main Nexus is probably in the same room as the building's spider and has its own alert systems. This system should NEVER interact with the security system. It can issue alerts, but the Spider has to manually command it to issue them.

Security should have 1 Nexus for every 2-3 floors. It is also hardwired to the security devices (cameras, sensors, maglocks) it should have 1 node for each type of security device per floor. All the Nexi in the building should report to the main security Nexi in the Spider's room.

Communications should be wireless per floor with a Nexus hardwired to each floor to the main communications Nexi. This is what people tend to think of when they think of an office buildings "Matrix". Its where files are stored and each worker should have a personal node with security dependent on the sensitivity of their work. Some Executives will have a highly encrypted and secured network that has no wireless access and that would also be hardwired through the same pipes that run the facilities and securities fibers. Communication Nexi will be in the Comm Closet someplace out of the way. The Spider will spend most his time watching traffic here because this is where most deckers will hit.


Hope that helps a bit. Nice layered security that isn't to harsh.

Thanks for your matrix security overview. Very helpful. Nevertheless, a few questions.

So, in the above setup, if a hacker wants to feed false information to sensors and open locked doors, what is the path of penetration? Can the hacker break into one of the security sub-nodes without going through the main security node? If a hacker does manage to break into the main security node, can they just run the op from there if they keep editing the access log every (System) Combat Turns and avoiding the resident IC and Analyze and the Spider. I realize that's a lot of ifs.

[BRodda]

Thanks for your matrix security overview. Very helpful. Nevertheless, a few questions.

So, in the above setup, if a hacker wants to feed false information to sensors and open locked doors, what is the path of penetration? Can the hacker break into one of the security sub-nodes without going through the main security node? If a hacker does manage to break into the main security node, can they just run the op from there if they keep editing the access log every (System) Combat Turns and avoiding the resident IC and Analyze and the Spider. I realize that's a lot of ifs.

OK here you go in order:

1) The path of penetration is either at a lock/sensor or at the fiber optic cable transporting the systems data.

2)Yes the hacker would work his way from the point of penetration in towards the system core. So sensor, sensor floor node, sensor CPU, security CPU. However if the spider notices he can cut off that connection to the main security server and just let the IC already in the nodes fend for themselves rather than loose the main CPU.

3) They can run the op from there if they are stealthy enough. However they can only run one system at a time (the reason they are on different networks to be honest.) The only way to to control all the networks is from the Spiders nest or with a few friends.

[Caadium]

Their HVAC objective is to mess with thermistor readouts on a couple of floors to convince the system that the air temperature is a few degrees warmer than it actually is, causing the environment controls to keep the air a bit chillier than normal. I'm guessing this could actually be done at the site of the temperature sensors themselves with a Hardware and/or Hacking Test.

The whole point of the op is to disrupt the carefully maintained feng-shui of the Wuxing Shipping division's offices and have the intervention go unnoticed just long enough to throw off the Wuxing execs' mojo during some important negotiations.

One thing to bear in mind, something along the lines of altering the temperature is more likely to be noticed than some slight furniture rearrangement (to simplify what you're getting at). Remember, HVAC affects everyone in the area (floor/building/etc), where general feng-shui will only be slightly off for those few that are attuned to it. The more people you expose to a change, the greater the chance it will be found. Afterall, many people notice when their work is hot or cold compared to usual. This type of thing leads to complaints, which lead to repair teams, which can lead to evidence of tampering (physical sensor tampering, or in the life-support node).

I would assume that if this feng-shui distrubance is for important negotiations it would be important to make sure that not only were they not detected prior to the negotiations, but probably not immediately after (thereby linking it to the company negotiating with Wuxing).

[Semerkhet]

One thing to bear in mind, something along the lines of altering the temperature is more likely to be noticed than some slight furniture rearrangement (to simplify what you're getting at). Remember, HVAC affects everyone in the area (floor/building/etc), where general feng-shui will only be slightly off for those few that are attuned to it. The more people you expose to a change, the greater the chance it will be found. Afterall, many people notice when their work is hot or cold compared to usual. This type of thing leads to complaints, which lead to repair teams, which can lead to evidence of tampering (physical sensor tampering, or in the life-support node).

I would assume that if this feng-shui distrubance is for important negotiations it would be important to make sure that not only were they not detected prior to the negotiations, but probably not immediately after (thereby linking it to the company negotiating with Wuxing).

Good point. My thought was to make the change in temp subtle enough to avoid immediate calls to maintenance, but perhaps you're right that any change in temperature is too much change for the level of subtlety I'm trying to convey.

[LurkerOutThere]

Depends on the size of the building/space and the size of the space, I can't speak for everyone else but i've never worked in a place that allowed employees to call maintenance just because it felt a little chilly in the office. Adjust the thermostat maybe, but some places restrict that to certain people. It could work and I think adds a nice touch. YMMV

[kzt]

We can enter work orders if the temp is off. If they get a bunch they will tend to prioritize it. Phone calls from senior managers also work. (IMG:style_emoticons/default/smile.gif)

But the other thing to think about is that you can slowly adjust the temp a few to many degrees before the people in the space realize it's changed. Someone walking into the room will realize it's hot, but people in the room while it heated up won't tend to be as aware of that until you point it out.

[Earlydawn]

The run could include getting into the maintenance node, setting up a filter for any complaints related to "minor heat", and then disguising it. Just a fun little side operation for the hacker if you decide to go the physical route for messing with the thermostats.

[Semerkhet]

The run could include getting into the maintenance node, setting up a filter for any complaints related to "minor heat", and then disguising it. Just a fun little side operation for the hacker if you decide to go the physical route for messing with the thermostats.

Intriguing. Thanks!

[Ascalaphus]

Maybe Wuxing has a special department for Office Feng Shui (DOFS).

Now, common wageslaves will probably be rather scared of this department. At first they think the DOFS is silly, and then a couple get made an example of for rearranging things against DOFS orders, because senior management takes this seriously.

So what you do, is fake DOFS orders to rearrange part of the workspace of low-level workers who'll be afraid to complain.

[Semerkhet]

Maybe Wuxing has a special department for Office Feng Shui (DOFS).

Now, common wageslaves will probably be rather scared of this department. At first they think the DOFS is silly, and then a couple get made an example of for rearranging things against DOFS orders, because senior management takes this seriously.

So what you do, is fake DOFS orders to rearrange part of the workspace of low-level workers who'll be afraid to complain.

Nice idea!