Shadowrun RPG Matrix Page

Matrix Nodes and their Functions

Advantage Options

Threat Options

Computer and Hacking Tools

Security System Examples

Damaging Programs and Systems

Just like gear, weapons, and armour, programs and systems can become damaged. As it does with equipment, damage causes programs and systems to become harder to use, and if they’re too heavily damaged, they can’t be used at all. See Table I.5–4: Repairing Gear, on page 89 of the Genesys Core Rulebook; all the same penalties apply. Also, if a system is damaged, the penalty applies to all checks made within the system (this includes attempts to override ice, as well as checks to trace or lock out users).

However, repairing damaged programs and systems works a bit differently than the way it is explained in the Item Maintenance section on page 89 of the Genesys Core Rulebook. The difficulty of the check remains the same, but the character should use the Computers (Sysops) skill, not the Mechanics skill.

Trace Information

A sysop can successfully trace a user up to four times, each time gaining more information about the user. Additional traces don’t reveal any additional information or further decrease the difficulty of the lockout action. Below are what happens with the result of a number of traces on the hacker.

1. The sysops learns what country the runner is currently in (and whether the runner is on the Earth, Moon, or orbit). The sysops reduces the difficulty of the lockout action once.
2. The sysops learns what state, province, or region the runner is in within that country. The sysops reduces the difficulty of the lockout action twice.
3. The sysops learns what city or community the hacker is in (or their location within a 10 kilometre radius). The sysops reduces the difficulty of the lockout action three times.
4. The sysops learns the address or exact location of the runner. The sysops reduces the difficulty of the lockout action four times.

Network Actions

Incidental

Attempt Access (Incidental) - Attempt access is an incidental that characters perform when they want to access a sub-system within the system. If the character is a runner and a system is protected by ice, they immediately encounter the first piece of ice protecting the sub-system (see page an128). If the sub-system is not protected, the runner has access to that sub-system and may use the enact command manoeuvre to manipulate that portion of the system.

Sysops (or anyone who has permission to be in the system) do not encounter ice when performing this incidental.

Action

During a run, characters can perform a number of actions to accomplish their goals in cyberspace. Below, we describe those actions, listing their difficulty and whether they can be performed by a runner or sysop (or both), and we provide a description of how the actions work.

Access System (Action - Runner) - Difficulty to activate varies based on security with a Computers – Hacking check.

Once the runner has a direct link to the system, they need to access the system. This action represents the runner establishing a way into the system, giving them some measure of control so that they can attempt to fully control it later.

As an action, the runner may make a Computers (Hacking) check to gain access to the system. The difficulty of the check is based on the system’s security protocols and overall complexity. See System Security for some example difficulties.

Once a runner has successfully accessed a system, they can move around the system with an attempt access incidental and use the enact command manoeuvre to make the system do what they want (within the system’s limits).

Burn System (Action - Runner/Sysop) - Difficulty to activate Daunting (four purple) Computers – Hacking check.

Sometimes, all a runner or sysop wants to do is sow destruction. This is very difficult, as system programs are generally very robust and can even be self-repairing.

As an action, a runner or sysop may attempt a Daunting (four purple) Computers (Hacking) check to damage a system they currently have access to (in the case of a sysop, this includes a runner’s own computer rig if the sysop has already located it with a successful trace user action).

If the check is successful, the system is damaged one step, plus one additional step for every additional two Successes. Damage follows the rules found in the Item Maintenance section on page 89 in the Genesys Core Rulebook; apply the penalty found on Table I.5–4: Repairing Gear to all checks made to do anything within the system.

Break Ice (Action - Runner) - Difficulty to activate Average (two purple) Computers – Hacking check.

Once a runner has successfully performed the access system action, its sub-systems may still be protected by ice. To interact with those parts of the system, the hacker must override the security program.

Each piece of ice has a program strength. To break the ice, the runner’s attempt must generate a strength that exceeds the strength of the ice they are targeting. To determine that strength, the runner makes an Average (two purple) Computers check. If the check succeeds, their strength is equal to the number of net successes generated on the check.

Often, a runner is using an icebreaker to help them break the piece of ice. If the runner is using an appropriate icebreaker, they add the icebreaker’s strength to the strength of their override check (this works similarly to calculating damage with a ranged weapon on a successful combat check).

If the runner fails, something (usually bad) happens. What happens is determined by the ice. If the runner succeeds, the security program shuts down and cannot be reactivated until the end of the runner’s next turn. Runners can spend Advantages or Triumphs to keep a program shut down longer, or to completely disable it.

Trace User (Action - Sysop) - Opposed Computers – Sysop vs Computers – Hacking check.

Once the sysop knows that their system is being hacked, they still need to know where the run is coming from. The more they know about the origin of the run, the easier it is to lock the runner out of their system.

To find out where the run is coming from, the sysops needs to trace the runner by performing the trace user action. The sysop makes an opposed Computers (Sysops) versus Computers (Hacking) check targeting the runner. If the sysop is successful, they gain one traces (narrowing down the runner’s location). This makes it easier to lock the runner out of the system or even destroy the runner’s gear (see the lockout and burn system actions). It also provides information about the runner’s real-world location. See the Trace Information section, for what information a successful trace provides.

Besides using this information to lock the runner out of the system, the sysop can also use it for other purposes, such as reporting the runner to the NAPD or sending a blackops team to the runner’s apartment. Your GM can also have the sysop perform the trace user action to learn other key details about the runner, such as how to access the runner’s computer over the Network. Your runner can even use this action to learn the physical location of someone else online, such as an enemy sysop or rival runner. (In this case, this would be a special exemption of the action only being available to a sysop, and subject to approval by your GM.)

Lockout (Action - Sysop) - Difficulty to activate Formidable (five purple) Computers – Sysop check.

Since the sysop has direct control over the system being hacked, they can lock any users out of the system. As long as they can find a runner, they can give them the boot.

Once the sysop is aware of the runner’s presence, the sysop may make a Formidable (five purple) Computers (Sysops) check. If the sysop is successful, the runner targeted by this action loses access to the system. At the GM’s discretion, the runner may be able to regain access to the system by performing the access system action again.

However, if they don’t do something to disguise their signal (such as routing it through another server), the difficulty of the access system action increases by 2.

Reduce the difficulty of the lockout action once for every successful trace against the runner, to a minimum of Easy (one purple)

Sweep (Action - Sysop) - Difficulty to activate Hard (three purple) Computers – Sysop check.

Even when the sysop doesn’t know if there’s an intruder in their system, they can use their own programs to sweep for intruders. This is similar to a guard checking to make sure everything is all right (and is thematically similar to a Perception check to spot someone sneaking around).

If the sysop fails, they do not do a thorough job checking, and do not know if there are any intruders on their system or not. If they succeed, they spot one intruder who has access to their system, plus one additional intruder for every additional Success.

Manoeuvres

During a run, there are also certain manoeuvres a character can perform while interacting with a system. They follow the same format as Network actions, but without the difficulty, since they don’t require a check.

Enact Command (Manoeuvre - Runner/Sysop) - This manoeuvre is what characters use to do things within a system after accessing it. What they do with this manoeuvre depends on the capabilities of the system, and could range from looping footage, to opening doors, to downloading data, to resetting a guard drone’s targeting parameters.

The enact command manoeuvre only lets your character perform a single command within a system (if what your character wants to do is too complex, your GM may require them to spend two or more enact command manoeuvres to do it).

Characters can only perform this manoeuvre after they have successfully performed the access system action. Remember that some parts of a system may be protected behind ice, which must be encountered and passed before the character can enact commands affecting that part of the system.

Activate Program (Manoeuvre - Runner/Sysop) - Characters use this manoeuvre to activate (or reactivate) ice and icebreakers, as well as programs that do not fall into either category.

If a sysop activates or reactivates a piece of ice, a runner can’t access (or can no longer access) any of the subsystems behind it until they break through the piece of ice (or break through it again). If a runner activates an icebreaker, all of their other icebreakers automatically deactivate. A runner may only have one icebreaker active at a time.

You can think of this manoeuvre as similar to drawing and readying a weapon in the real world, except that in cyberspace, your character’s weapons are ice and icebreakers.

Programs

Security Programs - Barrier ICE

When most people think of ice, they think of barriers. Barriers simply create an electronic “wall” that keeps anyone without the proper credentials from accessing the portions of the system “behind” the barrier. This simplicity allows coders to make barriers far stronger than other ice, which in turn makes barriers some of the most reliable and efficient ice for protecting a system.

Barrier ICE –
• Barrier 5 - Ice Wall
• Barrier 6 - Fire Wall, Great Wall
• Barrier 7 - Heimdall 1.0 (R)
• Barrier 8 - Hadrian's Wall

(R) Restricted

Security Programs - Sentry ICE

Sentry ice doesn’t keep intruders out of systems; it simply spots them and alerts a sysop to the intrusion. However, some sentries go further, backtracing the runner’s origins and even attempting to attack the runner directly.

Sentry ICE –
• Sentry 3 - Sentinel, Shinobi (R)
• Sentry 4 - Hawk's Eye
• Sentry 5 - Archer (R)
• Sentry 9 - Janus 1.0 (R)

(R) Restricted

Security Programs - Code Gate ICE

Code gates challenge anyone who attempts to pass them. If a user has the proper authentication, they can pass. If not, the code gate responds. Actual defensive code gates boot the user from the system, but other code gates have been designed to limit an unauthorized user’s options, or even just trigger annoying spam.

Code Gate ICE –
• Code Gate 2 - Pop-Up
• Code Gate 3 - Authenticator, Enigma, Tollbooth
• Code Gate 4 - Viktor 2.0 (R)
• Code Gate 6 - Syn 2.2

(R) Restricted

Security Programs - Icebreakers

It is possible to purchase weaker Icebreakers ranging down to Strength 0, with each step down in strength reducing the rarity of the code. If its at Strength 0 and not rarity 0, it can be reduced further for damaged code.

Icebreaker ICE –
• Icebreaker 0 - Remora (R)
• Icebreaker 1 - Yog.0 (R)
• Icebreaker 2 - Garrotte
• Icebreaker 3 - Crypsis (R), Gordian Blade
• Icebreaker 4 - Corroder (R), Femme Fatale (R)
• Icebreaker 5 - Faerie
• Icebreaker 6 - Athena (R), Battering Ram, Sagittarius A* (R)
• Icebreaker 9 - Torch (R)

(R) Restricted

Using Drones

Drones are not “smart” enough to operate on their own unless they are following a specific set of predetermined instructions or are working within the parameters of a simple daily routine. This works fine for delivery drones and street sweepers, but the drones used by military forces need to be run by skilled operators to be of any great use.

Anyone with a communications link and the right setup can control a drone. This requires the character to spend their action and manoeuvre to allow the drone to perform an action and manoeuvre. Characters may have talents and abilities that modify this (for example, most drones have the Telepresence ability, which makes them better when directed by an operator).

If a drone is not being directed by an operator, it can still function in a limited manner. The exact limits of what it can do are up to you, the GM, but generally, you should have it follow a simple (and literal) set of instructions. Camdrones told to scan crowds for certain faces will sit in one spot and study everyone who passes by, for example. The one thing a drone can’t do autonomously is kill someone. Ethical considerations mean that drones are hardwired not to fire on a living target unless an active controller gives them kill authority.