Some lunch break gameplay ideas to help guide my development:
- A frontal attack is too difficult on a high security target, so instead, discover a nearby person who works at the target and infect their phone or laptop with malware that has a chance of spreading to the internals of the target network.
- If a target's primary entry point is too secure, but a currently unused backup entry point is less secure, a DOS or other disabling attack to the target's primary entry point could result in the backup entry point becoming active, allowing for entry into the network.
- Some extremely high security, high value networks are air-gapped with the exception of a highly controlled satellite connection via another high security network.
- A target's security personal are only human and can be distracted by attacks on secondary targets on a network, lessening the chance of detection of an attack on the primary target.
- Harnessing the power of a botnet can make it possible to crack crypto-coin wallets.
- Networks containing devices owned by VIPs can yield high value data which can be sold on the blackmarket.
- Messing with VIPs' data will attract the attention of the authorities, raising your suspicion level.
- A high suspicion level will cause the authorities security professionals to actively seek you out. You can reduce your suspicion and lower your chance of arrest by moving your home base.
- Dwelling at the same home base for too long with a high suspicion level will result in the authorities probing your network. If these probes go unnoticed for too long, you will be raided and arrested. Taking the appropriate precautions and looking out for activity by the authorities at your home base will keep you one step ahead.
- Moving your home base takes time and costs significant amounts of money. The new location should be chosen carefully.
- Software and exploits can be purchased from other hackers, finding these hackers can be difficult and some will not deal with you until you've reached a certain skill level.
- The presence of another hacker on a network can be identified by the unusual behavior of a device on the network.
- Other hackers have home bases as well, containing their collection of software and exploits, these devices are extremely high security and difficult to attack. Doing so will not raise your suspicion level with the authorities, but will likely result in retaliation if detected.
- Security advisories can be translated into exploits with a high enough skill level.
- Every workstation has a user. Every user has a home network their other devices may be found on while they're not at work.
I've also added filesystems, money and time too, so here's a picture to keep things colorful: