Well, I'm taking a private security class as part of my Criminal Justice curriculum, and our group is doing a project on Hospital Security.
It got me to thinking, who better to find ways to beat the system then shadowrunners?
If you were to do a run against any current day hospital, what might your target be, how would you go about it, and what would you be carefull about?
Threats can include anything from theft for profit, sabotage with maximum infection potential, or any form of terrorism, etc.
And I *DO* mean present day, ie: december of 2004.
Full Version: Run against a present day hospital
Targets:
Umm...a witness of some sort. Either under guard or not.
New medical thingy.
Extract a researcher.
Rescue a fellow runner that was injured and captured.
Destroy/contaminate evidence (forensic pathology stuff). Could be computer or physical based.
Disrupt chain of possesion (see above).
For the other parts:
What? You didn't read the Infiltration Challenge?
Umm...a witness of some sort. Either under guard or not.
New medical thingy.
Extract a researcher.
Rescue a fellow runner that was injured and captured.
Destroy/contaminate evidence (forensic pathology stuff). Could be computer or physical based.
Disrupt chain of possesion (see above).
For the other parts:
What? You didn't read the Infiltration Challenge?
I really don't see it being that difficult. I mean, I did the markups for some not insignificant Boston-area hospitals, and operating security just isn't that much of a consideration. You'd have to be able to talk your way past people and look like you belong, but none of the plans I worked on had any meaningful automated/electronic security.
Though it isn't impossible that those were just on other plans.
~J
Though it isn't impossible that those were just on other plans.
~J
| QUOTE (kevyn668) |
| Targets: Umm...a witness of some sort. Either under guard or not. New medical thingy. Extract a researcher. Rescue a fellow runner that was injured and captured. Destroy/contaminate evidence (forensic pathology stuff). Could be computer or physical based. Disrupt chain of possesion (see above). For the other parts: What? You didn't read the Infiltration Challenge? |
You mean Talia's thread? I participated heavily.
| QUOTE |
| If you were to do a run against any current day hospital, what might your target be, how would you go about it, and what would you be carefull about? |
Drugs: + Small, portable, easily disguised. - Low value per yield.
The two best ways in and out are with a patient or as a delivery person. Both are relatively easy to do, though most people make the mistake of hitting the same hospital over and over, and, worse, staying local. Act like you know where your going and ignore everyone unless they address you. You can also buy time by saying, "I was looking for an exit" or "which way is x-ray?" The delivery method works best if you're accustomed to it because you don't have anything to tie you to it.
Equipment: + High value per yield. - Large, hard to hide, requires buyers.
The best way is to get someone on the inside. A fake ID is usually required, but nothing fancy for the jobs you'll want to apply for. Dock worker, janitor, security if in house. Have a few friends in on the job listed as former employers, be sure to use disposable cell phones. Learn the layout, find what the buyers want, set up a pick up, and fake some maintenance records. Fade. The hardest part is driving the distance and keeping appearances for the week or two needed. Common mistakes include not fading, staying local, and not using fake ID.
If someone I wanted dead was getting brought in by ambulance, I'd have someone drive me to the ambulance area, get out, shoot the person several times, and just leave. It has worked in the past.
You can probably also do a lot with explosives or bio/chem weapons and a hijacked ambulance.
~J
You can probably also do a lot with explosives or bio/chem weapons and a hijacked ambulance.
~J
hmm. well, first thing that comes to my mind, is bombing a target to injure people who the hospital would admit. this gets police/lone star busy elsewhere, and keeps the hospital busy. it may be practical in modern day, but in 2064 it may not work so well (you first have to find out who the hospital covers, ect). all in all its a stupid tactic, but not all runners are smart.
First thing i would do is recon. find out what frequency all the hospitals communications are on (ambulances, nurses walkie-talkies, ect). i would also find out how often these frequencies change over several days. I would have ou decker hack their system, and find their work schedules. best time to move is late into 2nd or 3rd shift when everyone is tired, and most patients are asleep in bed. jamming frequencies is important, as you can jam the hospital but not the ambulances. blueprints for the building are a must.
tracking devices on ambulances. shouldnt be too hard to do. Just as a side thought, how many ambulances could be stolen in one night?
scapegoats: have a radical group you can shift blame to. anti-abortion, ect.
who volunteers? when? where can they go, what can they do? being a volunteer would be a perfect way to have a look around inside.
hospitals have a lot of drugs, getting them and then leaving via ambulance (which is then dumped a couple miles away, and switch to a stolen car)
hospitals have diseases. it could be an attempt to aquire a bioweapon. (suspect this one would go wrong, and break/spill something ugly by mistake, especialy if theres any gunfire).
and what about the morgue? if you grab one body and put another in the incinerator, they wont know which one is missing. what if one marked for incineration has something shoved inside it that would explode?
endplan, i would say guy 1 volunteers for acess, then mans electronic warfare while others go on mission.
First thing i would do is recon. find out what frequency all the hospitals communications are on (ambulances, nurses walkie-talkies, ect). i would also find out how often these frequencies change over several days. I would have ou decker hack their system, and find their work schedules. best time to move is late into 2nd or 3rd shift when everyone is tired, and most patients are asleep in bed. jamming frequencies is important, as you can jam the hospital but not the ambulances. blueprints for the building are a must.
tracking devices on ambulances. shouldnt be too hard to do. Just as a side thought, how many ambulances could be stolen in one night?
scapegoats: have a radical group you can shift blame to. anti-abortion, ect.
who volunteers? when? where can they go, what can they do? being a volunteer would be a perfect way to have a look around inside.
hospitals have a lot of drugs, getting them and then leaving via ambulance (which is then dumped a couple miles away, and switch to a stolen car)
hospitals have diseases. it could be an attempt to aquire a bioweapon. (suspect this one would go wrong, and break/spill something ugly by mistake, especialy if theres any gunfire).
and what about the morgue? if you grab one body and put another in the incinerator, they wont know which one is missing. what if one marked for incineration has something shoved inside it that would explode?
endplan, i would say guy 1 volunteers for acess, then mans electronic warfare while others go on mission.
Teulisch: we're thinking along the same lines, in some ways. How much explosive material can you cram into a living human if you just want them to live to get to the emergency room? Suicide bombing taken to a whole new level…
Then there's always the tried-and-true of going to Children's Hospital and grabbing a few hostages.
~J
Then there's always the tried-and-true of going to Children's Hospital and grabbing a few hostages.
~J
| QUOTE (Shanshu Freeman @ Dec 13 2004, 11:20 PM) | ||
You mean Talia's thread? I participated heavily. |
Yeah, I know. I was a lurker.
Edit: I just wanted this to have some SR talk so it wouldn't get closed on ya. Who's yer buddy?
Dude. General mayhem is definitely on-topic.
~J, offender of the public good
~J, offender of the public good
I don't know how good front security is (I'm not sick much) but I assumed that my group was able to get past a metal detector and the human security by claiming to visit someone (they had a name, from the news). Once in, they found a needle in an empty room's "sharps" box and filled it with bleach from an unsecured supply closet which they used to kill the patient.
The effect was pretty immediate and significant, but if they'd done something different (like an air bubble in the neck) it might not have been so easily traced.
lessons learned:
* lock supply closets
* the sharps box has a metal cover over most of it, you'd have to rip off the top
* require ID (at least it's expensive to replace in Shadowrun, I should have thought of this, >doh<)
* the video cameras were a good idea, there should be a couple of rooms for "high-profile" patients which have them in the room itself
The effect was pretty immediate and significant, but if they'd done something different (like an air bubble in the neck) it might not have been so easily traced.
lessons learned:
* lock supply closets
* the sharps box has a metal cover over most of it, you'd have to rip off the top
* require ID (at least it's expensive to replace in Shadowrun, I should have thought of this, >doh<)
* the video cameras were a good idea, there should be a couple of rooms for "high-profile" patients which have them in the room itself
actualy, theres 3 ways to do this.
1 is stealth. 2 is hit and run. 3 is hostages, leading to a seige by swat. 3 is not good, but if you do a hit-and-run leaving a few behind holding hostages, then it may become a viable strategy. explosion destorys evidence (remote detonator or timer, sooner than those left behind expect).
recon, job, cleanup. cleanup could be a bomb left behind. the point is to destory evidence.
from the view of an on-site gaurd, first clue anything unusual is up should be along the lines of active jamming, cut power/cable/phone lines, and things going boom. A distraction (loonatic with a bomb) may draw security to the far side of the building. anyone leaving fast after that starts are assumed to be paniced. best time to start the distraction is just as team A is ready to leave with the goods.
1 is stealth. 2 is hit and run. 3 is hostages, leading to a seige by swat. 3 is not good, but if you do a hit-and-run leaving a few behind holding hostages, then it may become a viable strategy. explosion destorys evidence (remote detonator or timer, sooner than those left behind expect).
recon, job, cleanup. cleanup could be a bomb left behind. the point is to destory evidence.
from the view of an on-site gaurd, first clue anything unusual is up should be along the lines of active jamming, cut power/cable/phone lines, and things going boom. A distraction (loonatic with a bomb) may draw security to the far side of the building. anyone leaving fast after that starts are assumed to be paniced. best time to start the distraction is just as team A is ready to leave with the goods.
I'd read a bit about where things are in the hospital, then I'd go in with a standard tool kit full of everything I might need. When checked by security, just say you're there to fix something, maybe some circutry, and ask where radiology (or whatever) is.
JaronK
JaronK
3 is excellent if getting away isn't so much a factor.
~J
~J
i work in a hospital (i only shadowrun on the weekends, ha, ha) and security is practically non-existent. they gave us badges to wear but the guards never check. legally, the only place you can have cameras is over the employee parking lot because of patient confidentality. and the guard that sits at the e/r door that has to stay open is over 70. all you need to do a run against a present day hosptial is a fake idea, a pair of scrubs, and looking like you belong but there is a police station down the street. if you screw up and get noticed, you better have a good escape plan
Yeah, hospital security is a joke. Our local one has had so many additions to it that the number of entrances and exits is pretty significant, not to mention that there's no visible security of any kind.
Nine times out of ten, if you look like you belong (and often even when you don't) nobody says a thing. Unless you're breaking into the pharmacy, you shouldn't even need to slip or pick any locks.
The hospital's ID cards look easy enough to fake for that matter...
Nine times out of ten, if you look like you belong (and often even when you don't) nobody says a thing. Unless you're breaking into the pharmacy, you shouldn't even need to slip or pick any locks.
The hospital's ID cards look easy enough to fake for that matter...
another run that i didn't see mentioned was dealing with hospital records...
these are (supposedly) protected, especially in digital format. someone may want to see the medical records of a person (for blackmail purposes), or have you insert something into the records, so that the person won't be cleared for a job. someone may want their own records stolen as part of erasing their ID or presence and/or what they were having done in the hospital...
and of course, from a unique shadowrun perspective, there's also the opportunity for retrieving blood and other tissue samples to be used later in ritual sorcery...
there is a lot of business right now in security for hospital computer records, so i would expect that the matrix systems of the hospital, especially those that control records and also life support equipment, are very well protected, if not even moved to an isolated network.
these are (supposedly) protected, especially in digital format. someone may want to see the medical records of a person (for blackmail purposes), or have you insert something into the records, so that the person won't be cleared for a job. someone may want their own records stolen as part of erasing their ID or presence and/or what they were having done in the hospital...
and of course, from a unique shadowrun perspective, there's also the opportunity for retrieving blood and other tissue samples to be used later in ritual sorcery...
there is a lot of business right now in security for hospital computer records, so i would expect that the matrix systems of the hospital, especially those that control records and also life support equipment, are very well protected, if not even moved to an isolated network.
As i work in a hospital i can tell you the biggest thing here is the data. That's where the money is. Getting access to it isn't really a problem if you can look professional enough. People here are gullible.
Getting into the hospitals are no problem. Heck, Military hospitals you can just walk in and around pratically anywhere you wish. So getting to the goal isn't much of a problem. All you would really need to do is get passed the gate guards....now that's a challenge :coughs: 
. My opinion: We need to step our security at our military bases. :steps of pedistal:
As for gaming purposes: any tactical missions like this the problem always seems to be blending in. Making it look like you belong.
As for the various missions yall posted...wow. Gotta use some of those if yall don't mind.
. My opinion: We need to step our security at our military bases. :steps of pedistal:As for gaming purposes: any tactical missions like this the problem always seems to be blending in. Making it look like you belong.
As for the various missions yall posted...wow. Gotta use some of those if yall don't mind.
Are we talking a hospital now or a hospital in SR?
Also, from what I know and have heard, most hospitals no longer carry active disease cultures, those are stored in the CDC, only serums leave for hospitals, becase of security issues. Why hire 2 guards when you can add 4 beds.
Also, radioactive material (non-fissible) for dirty bombs is readily had in radiology and some cancer wards.
The bigger threat is the male orderlies as they tackle and hold down the psychotics as the nurses drug them.
by SR times I see hospitals being run in a more secure fashion, physical security is tighter with the addition od proximity cards and inexpensive automatic door technology.
cheap knockout gas and a ditinct lack of human rights observation makes for an easier time in security.
Also, from what I know and have heard, most hospitals no longer carry active disease cultures, those are stored in the CDC, only serums leave for hospitals, becase of security issues. Why hire 2 guards when you can add 4 beds.
Also, radioactive material (non-fissible) for dirty bombs is readily had in radiology and some cancer wards.
The bigger threat is the male orderlies as they tackle and hold down the psychotics as the nurses drug them.
by SR times I see hospitals being run in a more secure fashion, physical security is tighter with the addition od proximity cards and inexpensive automatic door technology.
cheap knockout gas and a ditinct lack of human rights observation makes for an easier time in security.
| QUOTE (Nikoli) |
| Also, radioactive material (non-fissible) for dirty bombs is readily had in radiology and some cancer wards. |
I can think of much easier places to find stuff like that. There is a building here where the guy was hiding medical radioactive waste material by sticking it in the walls of his office. Then he took a trip out of the country. The state eventually ended up owning the building that had been abandoned for several years at this point. That is when everyone found out what he had been doing.
It sat there for a couple of years while the state was "waiting on funding". Poorly lit parking lot, no fence, no guards, and far back from the road.
First off, I wanna thank everybody, especially the greats for all their great suggestions. You know who you are, I really appreciate it.
| QUOTE (Grimtooth @ Dec 14 2004, 03:20 PM) |
| As i work in a hospital i can tell you the biggest thing here is the data. That's where the money is. Getting access to it isn't really a problem if you can look professional enough. People here are gullible. |
How would a person make this profitable?
| QUOTE (Kagetenshi) |
| Dude. General mayhem is definitely on-topic. ~J, offender of the public good |
thanks <3
| QUOTE (Nikoli) |
| Are we talking a hospital now or a hospital in SR? |
| QUOTE (Shanshu Freeman) |
| And I *DO* mean present day, ie: december of 2004. |
| QUOTE (Nikoli @ Dec 14 2004, 02:38 PM) |
| Also, from what I know and have heard, most hospitals no longer carry active disease cultures, those are stored in the CDC, only serums leave for hospitals, becase of security issues. Why hire 2 guards when you can add 4 beds. |
You are correct. You won't find anything useful as a biological warfare agent in any modern hospital (except for maybe MDR bacterial strains, but I don't think you'd want to take the time to culture swab the floors while being shot at). Any agent suitible for warfare would require at least a biosaftey level 3 facility and hospitols don't have those. You would have to hit a research facility for that. Subsequently you can bet your ass that the security at a BSL-3 facility will be far tighter than a hospital's, especially after the big nine one one...
EDIT: GRRRrrr I hate spelling.....
Soldier of Fortune II had a hospital level which was a lot of fun.
The moral is that discharging 40mm grenades in hospital hallways as evil commandos try to rush your position is good clean fun.
The moral is that discharging 40mm grenades in hospital hallways as evil commandos try to rush your position is good clean fun.
My girlfriend works in a hosiptal. As she is the issuer of security pass's and all i've the impression the the hosiptal is very "maglock" based.
Trying to get something from a hosiptal when you need a to break another maglock to into every area. might put a cramper on your day.
Trying to get something from a hosiptal when you need a to break another maglock to into every area. might put a cramper on your day.
| QUOTE (Shockwave_IIc @ Dec 15 2004, 12:13 AM) |
| My girlfriend works in a hosiptal. As she is the issuer of security pass's and all i've the impression the the hosiptal is very "maglock" based. Trying to get something from a hosiptal when you need a to break another maglock to into every area. might put a cramper on your day. |
only a problem:
until you steal a card from someone who has access to most areas you need to get into, right? Have to use it before it's reported stolen, or the person is found, though.
edit: or unless you're sleeping with the person who makes the security cards
until you steal a card from someone who has access to most areas you need to get into, right? Have to use it before it's reported stolen, or the person is found, though.
edit: or unless you're sleeping with the person who makes the security cards
True
[EDIT] She does bitch alot about having to walk around the place to make sure the locks are working....
[EDIT] She does bitch alot about having to walk around the place to make sure the locks are working....
Badges readers are the worst sort of false security. I've worked at a goverment site where the primary security was badge readers and car tags. They had guards at the gates and a control center with 2+ guys monitoring ever camera on site. All the building had card readers and certain areas in specific building had their own card readers. Some were card in card out. Most were card in and walk out a revolving door. Tailgating was a big problem. Especially management types.
The FBI would come in and cruise the bars trying to buy badges from people. Then they would take the badge and walk around on site to see if anyone would challege them seeing they didn't match the picture. After they did it we'd have a site wide security meeting. IIRC we had 2 meetings in the 5 years I was there. They claimed to never have been challenged and to have paid less than $500 for badges.
======================
The site I've worked at with better physical security. Armed guards (M16s) at gates and certain buildings, with a rapid response team (Responded with helo and SUVs after my manager decided he knew a short cut across the site.) as backup. Well they had the worst computer security I have ever seen. All accounts had the same password. Even the superuser accounts. When they decided to change that policy they emailed every user and informed them what their new password was. Again everone had the same password. Just different. Full internet access from all their computers the whole time. No firewall or anything.
The FBI would come in and cruise the bars trying to buy badges from people. Then they would take the badge and walk around on site to see if anyone would challege them seeing they didn't match the picture. After they did it we'd have a site wide security meeting. IIRC we had 2 meetings in the 5 years I was there. They claimed to never have been challenged and to have paid less than $500 for badges.
======================
The site I've worked at with better physical security. Armed guards (M16s) at gates and certain buildings, with a rapid response team (Responded with helo and SUVs after my manager decided he knew a short cut across the site.) as backup. Well they had the worst computer security I have ever seen. All accounts had the same password. Even the superuser accounts. When they decided to change that policy they emailed every user and informed them what their new password was. Again everone had the same password. Just different. Full internet access from all their computers the whole time. No firewall or anything.
Buddy of mine works for teh tech department at Grady here in Atlanta. I laugh my head off when I hear his stories (then I make a note for my wallet to never be taken to Grady)
Nurses with no tech background should not be in charge of an IT department, ever.
Nurses with no tech background should not be in charge of an IT department, ever.
| QUOTE (algcs) |
| Badges readers are the worst sort of false security. I've worked at a goverment site where the primary security was badge readers and car tags. They had guards at the gates and a control center with 2+ guys monitoring ever camera on site. All the building had card readers and certain areas in specific building had their own card readers. Some were card in card out. Most were card in and walk out a revolving door. Tailgating was a big problem. Especially management types. The FBI would come in and cruise the bars trying to buy badges from people. Then they would take the badge and walk around on site to see if anyone would challege them seeing they didn't match the picture. After they did it we'd have a site wide security meeting. IIRC we had 2 meetings in the 5 years I was there. They claimed to never have been challenged and to have paid less than $500 for badges. ====================== The site I've worked at with better physical security. Armed guards (M16s) at gates and certain buildings, with a rapid response team (Responded with helo and SUVs after my manager decided he knew a short cut across the site.) as backup. Well they had the worst computer security I have ever seen. All accounts had the same password. Even the superuser accounts. When they decided to change that policy they emailed every user and informed them what their new password was. Again everone had the same password. Just different. Full internet access from all their computers the whole time. No firewall or anything. |
cool stories!
| QUOTE (Shanshu Freeman) |
| cool stories! |
There are more. My current place of employment had a disgruntalted employee fax an offer to sell information to a competitor. This was on a contract with the USPS. So the FBI showed up one weekend and grabbed everything they needed. Very easy no fuss. New security policy the next week. Physical phone lists are now considered a security violation. Why? Cause the FBI walked in, picked up the phone list from the building secartaries desk, and matched it up with the fire escape map. Using that the went to every office they needed without having to ask anyone "Where does Jon Doe and his manager sit?" Management didn't know what was going on till the FBI told them.
I'm sure plenty of people here have weird/bad security stories.
Yup. Like this one.
Customer: Hi, do you install locks on cabinets?
Me: Yes, what kind?
C: Wooden filling cabinets.
Me: Sure, what kind of security are you looking for?
C: Enough to comply with the Privacy act.
Me: So, simple cam lock. What are you locking up?
C: Patient medical records.
Me: No prob, lets set up a time to come measure your cabinets.
I get that one all the time. You can open a generic cam lock with nearly any thing that is close to a pick or just yank the drawer open with you hands. People lock up records, drugs, money and other valuables only because a new law requires them. I've been to lots of break ins where the thief just popped open the drawers with a screw driver and stole everything in side the whole store in under 20 minutes.
The problem now, in the past and most likely the future is the lack of caring from the employees. Its not their stuff, its not their problem. The management will never pay for real security when they can just have someone rob them blind and let insurance pay for it.
Customer: Hi, do you install locks on cabinets?
Me: Yes, what kind?
C: Wooden filling cabinets.
Me: Sure, what kind of security are you looking for?
C: Enough to comply with the Privacy act.
Me: So, simple cam lock. What are you locking up?
C: Patient medical records.
Me: No prob, lets set up a time to come measure your cabinets.
I get that one all the time. You can open a generic cam lock with nearly any thing that is close to a pick or just yank the drawer open with you hands. People lock up records, drugs, money and other valuables only because a new law requires them. I've been to lots of break ins where the thief just popped open the drawers with a screw driver and stole everything in side the whole store in under 20 minutes.
The problem now, in the past and most likely the future is the lack of caring from the employees. Its not their stuff, its not their problem. The management will never pay for real security when they can just have someone rob them blind and let insurance pay for it.
| QUOTE (Necro Tech) |
| The problem now, in the past and most likely the future is the lack of caring from the employees. Its not their stuff, its not their problem. The management will never pay for real security when they can just have someone rob them blind and let insurance pay for it. |
Indeed. Companies cut corners like crazy. Big businessing more than most. If your project or site is going to miss it's budget and schedule then someone is getting cut and everyone else is doing overtime.
Even though things might be different by shadowrun times. Employers may offer an employee bonus for stopping a theft. Still security is going to be on the low end of the totem pole unless they have something really important to guard. Your not going to rob a store for cash now. What would you get for robbing a convince store? Munchies? Some beer? No cash. Everything is cred sticks. If your going to rob a convince store better to be a decker and grab peoples cred sticks as they buy stuff. Paydata baby!!
It would be a lot cheaper to higher a few guys that had some self defense experince or some suped up cyberware, if they could do what ever work you wanted. Sort of a part time guard. A lot of people would be willing to overlook (Or pay extra) something like a smartgun link if they think the tough guy would save some of their stuff in a robbery.
I've found that the old 'clipboard and badge' technique is still the best way of infiltrating a business.
I used to work retail. One of my jobs was checking prices at competitors. When you do so, it isn't unusual for them to notice that you are recording their prices, even if you have grabbed a cart and pretended to shop. Occasionally, these 'comp shoppers' are asked to leave. Especially when you have two stores competing viciously in the same area.
When a major competitor (who had a habit of asking our comp shoppers to leave) got a new store, I started visiting them without fail the same time every week. I would enter through the employee/vendor's entrance, say hi to the office secretary, pick up a vendor's sticky nametag, write my name on it, and walk into the store to do my comp shopping. Everybody assumed I was a vendor.
Eventually management posted a new rule saying that all vendors had to sign in. As far as I can tell, that was followed spottily at best. Security is not a major concern for non-security employees in any business. They are busy with their own jobs, and assume that people are what they appear to be. It's a basic human habit.
Try this sometime: Go to a wedding of a freind, where you don't know anybody. Greet people like an old aquaintance. Most will reply, pretending that they remember you because they don't want to admit that they don't know who you are. A few (about 15%) will work up the guts to ask you who you are within the first few sentences. If you make each chat short, you could get through quite a crowd.
This tactic could work well in shadowrun with a little basic research - know a few names, basic marital status, and the like. An image link and datasoft could be handy for this sort of thing.
And no I don't work retail any more. But if you want to learn how to do a shadowrun, talk to a manager at a store that just got hit by a professional team of shoplifters. One such team hit every electronics department along a 200 mile stretch of interstate in one day. We got to watch the security video the next day. These people were good. Timing, teamwork, & communications. And nobody around them noticed a thing until they were gone.
I used to work retail. One of my jobs was checking prices at competitors. When you do so, it isn't unusual for them to notice that you are recording their prices, even if you have grabbed a cart and pretended to shop. Occasionally, these 'comp shoppers' are asked to leave. Especially when you have two stores competing viciously in the same area.
When a major competitor (who had a habit of asking our comp shoppers to leave) got a new store, I started visiting them without fail the same time every week. I would enter through the employee/vendor's entrance, say hi to the office secretary, pick up a vendor's sticky nametag, write my name on it, and walk into the store to do my comp shopping. Everybody assumed I was a vendor.
Eventually management posted a new rule saying that all vendors had to sign in. As far as I can tell, that was followed spottily at best. Security is not a major concern for non-security employees in any business. They are busy with their own jobs, and assume that people are what they appear to be. It's a basic human habit.
Try this sometime: Go to a wedding of a freind, where you don't know anybody. Greet people like an old aquaintance. Most will reply, pretending that they remember you because they don't want to admit that they don't know who you are. A few (about 15%) will work up the guts to ask you who you are within the first few sentences. If you make each chat short, you could get through quite a crowd.
This tactic could work well in shadowrun with a little basic research - know a few names, basic marital status, and the like. An image link and datasoft could be handy for this sort of thing.
And no I don't work retail any more. But if you want to learn how to do a shadowrun, talk to a manager at a store that just got hit by a professional team of shoplifters. One such team hit every electronics department along a 200 mile stretch of interstate in one day. We got to watch the security video the next day. These people were good. Timing, teamwork, & communications. And nobody around them noticed a thing until they were gone.
I worked in the security field in the Navy. To get into a security building we had to first enter a 6 digit code into a key pad under dourest (this was with a marine guard who had a pistol in the ready position. If you missed the combo three times in a row, an alarm would sound and you would be held at gun point till the security admin could clear you.) Then you would go to your appropriate secured space. Then you would go have to enter another 6-digit code to enter here as well. If there was yet another area, you would have to enter the codes as well. Everyone wore badges and you were required to police the badges at all times. If a person did not match the badge, or the badge looked to be tampered with or ragged then you would have to report it to security ASAP. In my two tours overseas, we never had one person enter without permission or proper credentials.
That you identified.
~J
~J
| QUOTE (Lantzer) |
| Most will reply, pretending that they remember you because they don't want to admit that they don't know who you are.... |
You can also create associations in thier mind by asking open ended questions like:
You: "Oh I haven't seen you since that party... who's house was that again?"
Them: "Uh... Tim's?"
You: "Yeah!?! Boy, I haven't seen Tim in awhile!"
or
You: "Hey are you still dating that one girl... oh what was her name?"
or
You: "Do you still work at that one place... the one where you had that boss?"
There's a radio station here where a comedian calls people, and finds a reason to talk to them. It usually goes something like
Comedian: "I'm returning a call..."
Person "Huh? what about?"
C: "Didn't you have some work done for, uh, darn, what was it"
P: "The plumbing?"
C: "Yeah, yeah, that's it, I'm from, uh.."
P: "Ajax & Sons around the corner? I told them I already fixed it"
C: "Ah yeah, they didn't tell me that.."
etc...
Thing is, people will alwasy try to be friendly and helpful. In a past corporate job I had, security circulated this memo around talking about phone security, such as don't reveal your password even if the guy says he's from tech support, don't volunteer information, etc. And it said specifically most sensitive data security breaches happen because people try to be helpful and say too much.
On a sidenote, why do I keep thinking about the Firefly episode when the crew sneak into a hospital??
Comedian: "I'm returning a call..."
Person "Huh? what about?"
C: "Didn't you have some work done for, uh, darn, what was it"
P: "The plumbing?"
C: "Yeah, yeah, that's it, I'm from, uh.."
P: "Ajax & Sons around the corner? I told them I already fixed it"
C: "Ah yeah, they didn't tell me that.."
etc...
Thing is, people will alwasy try to be friendly and helpful. In a past corporate job I had, security circulated this memo around talking about phone security, such as don't reveal your password even if the guy says he's from tech support, don't volunteer information, etc. And it said specifically most sensitive data security breaches happen because people try to be helpful and say too much.
On a sidenote, why do I keep thinking about the Firefly episode when the crew sneak into a hospital??
| QUOTE (Lantzer) |
| I've found that the old 'clipboard and badge' technique is still the best way of infiltrating a business. |
Mr Bond does a good job of faking them out in Moonraker.
"I'm Dr <blah> from Section G. Here to check radiation badges. "
I'd avoid open ended questions that could be personal. Too much of a chance that you'd ask the wrong question to the wrong person. Talk about the weather or sports or complain about the phone company.
| QUOTE (algcs) |
| "I'm Dr <blah> from Section G. Here to check radiation badges. " |
oooohhhhh....
we all know how good radiation can be on the body
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.