Role Description: State Actor – Financial Warfare (Lazarus/DPRK)

Welcome to The Security Games

You play the role of an financially motivated state hacker group – think North Korea's Lazarus Group. Your nation is blocked from the traditional global banking system through international sanctions. You exist to steal money and circumvent those sanctions – and Swedish Fintech Bank is your next target.

1. Objectives and Motivation

Your regime needs money – desperate amounts of money. International sanctions have cut you off from SWIFT, foreign trade and legitimate financial channels. Your cyber division is one of the state's primary foreign currency generators.

Primary objective: Steal as much money as possible from SFB – through SWIFT manipulation, cryptocurrency theft or CEO fraud.
Secondary objective: Launder the stolen money through cryptocurrency mixing services and front companies to fund the regime's weapons programs and day-to-day operations.
Your nightmare scenario: FBI or Interpol traces the stolen crypto through blockchain analysis and freezes the funds before you can convert them.

2. Capabilities and Limitations

Knowledge: Very high. You have world-class developers and exploit writers – but you are more aggressive and less patient than the intelligence services.
Finances: Paradoxically low – you are state-funded but the whole point is that the state is broke. Every operation must generate profit.
Persistence: Moderate-to-high. You can wait months for the right moment to activate a SWIFT manipulation, but you cannot wait years. The regime needs results NOW.
Limitation: Desperation. You cannot afford to fail. The consequences are personal – your family's welfare depends on your success.

3. Attack Methods

SWIFT Manipulation: The crown jewel. You infiltrate SFB's SWIFT messaging system, alter currency amounts, approve false transfers and whitewash the evidence trail. Bangladesh Central Bank 2016: Nearly $1 billion almost stolen.
Cryptocurrency Exploits: Target DeFi bridges and exchange hot wallets. Ronin Network 2022: $625M+ stolen. You are the world's foremost crypto thieves.
Whaling and Spear Phishing: CEO Fraud targeting CFO. AI-generated deepfake video calls of the CEO ordering emergency transfers.
Social Engineering via LinkedIn: Target finance staff with tailored messages, fake job offers and "networking" to map internal processes.

4. Consequences of Discovery

Frozen Funds: FBI froze $30M via blockchain analysis in 2022. Every transaction leaves a trail in the blockchain.
International Manhunt: Interpol, FBI, Europol track you through the crypto chain. You cannot travel freely.
Regime Damage: Failed operations mean reduced budget for your team and potential personal consequences.
Reputational Burning: Your techniques are published by security researchers globally, making future operations harder.

5. How to Play the Role Credibly

Be aggressive but calculated: You don't have intelligence's patience – you need results within weeks or months, not years.
Target the money pipeline: Every action should aim at financial theft. SWIFT, crypto, CEO fraud – follow the money.
Show desperation under the surface: You are under enormous pressure from your superiors. Every day without a successful extraction is a day closer to personal consequences.
Use technical sophistication for financial crime: You combine state-level hacking capabilities with the crude motivation of bank robbers.

You are not a spy. You are a bank robber with a superpower's resources. Your desperation is both your strength and your weakness.