The attack on RSA [12] in early 2011 represented a big surprise for the IT security industry. It showed that major security companies are attractive targets for stealthy attacks because of the important information they possess. The RSA attack induced an interesting discussion in the security industry and the research community alike. In particular, researchers at RSA modeled stealthy takeovers of a resource in their FlipIt game [13]. FlipIt is an attacker-defender game in which the players compete for the control of a resource, which can correspond to the practical case of updating and compromising a cryptographic key.In this paper, we present FlipThem, a generalization of the FlipIt game to multiple resources. In particular, we consider two control models: In the AND control model, the attacker needs to compromise all resources to gain access to the target system, whereas in the OR control model, the attacker only needs to control a single resource to reach her goal. First, we propose combinations of basic, single-resource FlipIt strategies and study the best choices for the defender and the attacker. Then, we extend these basic strategies with the Markov strategy class to represent more complex combinations of moves.Based on our FlipThem model, we can provide a few guidelines for the defenders. First, in the AND control model, we found that the defender should update her resources independently. On the other hand, the defender should generally update her resources synchronously in the OR control model. We also found that periodically updating resources is a good choice against a non-adaptive attacker in the FlipThem model, however, it suffers from the same weaknesses against an attacker with feedback as in the basic FlipIt model. Thus, the defender needs to carefully assess the potential information available to the attacker when choosing her strategy. In summary, our results enable a defender to plan her defense strategy against a range of attacker strategies.