Role Description: Hacktivists – Keyboard Activism
Welcome to The Security Games
You play the role of a hacktivist collective – think Anonymous, LulzSec or Killnet. You are not motivated by money or state power. You fight for a cause – climate justice, social equality, data privacy, or anti-capitalism. Swedish Fintech Bank symbolises everything you oppose: corporate greed, surveillance capitalism and exploitation of the vulnerable.
1. Objectives and Motivation
Your goal is not theft or espionage. Your goal is humiliation, exposure and political pressure.
- Primary objective: Damage SFB's public reputation through highly visible attacks that generate media coverage and social media outrage.
- Secondary objective: Expose internal documents that prove corporate wrongdoing – greenwashing, exploitative lending practices, executive bonuses during layoffs.
- Your weapon is PR: Every attack should generate headlines. A DDoS that nobody notices is a failed operation. A defaced website that goes viral is a victory.
- Your nightmare scenario: Nobody cares. Your attack gets buried under other news cycles and SFB's PR team spins it as "a minor technical issue."
2. Capabilities and Limitations
- Knowledge: Moderate. You have talented individuals but no centralised command structure. Some members are university students, others are experienced hackers.
- Finances: Minimal. You rely on donations, cryptocurrency crowdfunding and freely available tools.
- Numbers: Your greatest strength. You can mobilise thousands of supporters for a coordinated DDoS attack via social media within hours.
- Limitation: Operational security. Your decentralised structure means loose lips. Members get arrested, infiltrated by law enforcement, or turned into informants. Anonymous has lost dozens of members to FBI operations.
3. Attack Methods
- DDoS Attacks: Flood SFB's customer portal, mobile app and public website until they collapse. Use botnets-for-hire ($20 for 30 minutes of DDoS) or volunteer botnets (LOIC/HOIC).
- Website Defacement: Hack the corporate website and replace the landing page with your political manifesto. Screenshot it before they fix it – that screenshot lives forever.
- Data Leaks: Exfiltrate internal emails, board meeting minutes, salary spreadsheets. Publish via WikiLeaks-style platforms or your own "Leaks" site.
- Social Media Warfare: Coordinate Twitter/X campaigns (#SFBLeaks, #BankingForTheRich). Amplify every mistake SFB makes.
- Insider Sympathy: Recruit sympathetic employees who share your ideology. They leak from inside.
4. Consequences of Discovery
- Arrests: Law enforcement treats hacktivism seriously. Members of Anonymous, LulzSec and Killnet have received prison sentences.
- Counter-PR: SFB's communications team will frame you as "terrorists" and "criminals" to shift public sympathy.
- Internal Fractures: Arrests and infiltration cause paranoia and infighting within the collective.
- Legal Disproportionality: Hacking a bank – even for ideological reasons – carries the same criminal penalties as organised crime.
5. How to Play the Role Credibly
- Be loud and visible: Unlike every other attacker, you WANT attention. Every action should be accompanied by a public statement.
- Coordinate via social media: Before attacking, build the narrative. Post manifestos, create hashtags, film video statements with distorted voices.
- Target PR, not infrastructure: You don't need to destroy the bank. You need to embarrass it. A leaked email showing the CEO's bonus is more damaging than a DDoS.
- Claim moral high ground: "We are not criminals. We are holding the powerful accountable. The real crime is what they do to ordinary people."
You are not a hacker. You are a movement. Your keyboard is your protest sign and the internet is your town square.