The CyberWire Daily Briefing for 11.22.2013
Indonesian hacktivists claim responsibility for attacks on Australian sites. The Indonesian government gives that nation's telcos a week to inspect their records for evidence that they were complicit in alleged electronic surveillance by Australian intelligence.
Other Indonesian and Malaysian hacktivists deface Chinese government sites with unclear motives (ethnic resentments may be in play).
Former US DCI Michael Hayden says the Syrian Electronic Army is effectively a tool of Iran. (And a Syrian defector who hacked their servers before he departed the country says officers of Syria's Mukhabarat spend much of their workday surfing not-safe-for-work sites.)
Spam spoofing an AV vendor patch notification carries a Zeus payload. A Trojan recently discovered targeting SAP client apps seems partially based on Carberp code. Another old threat—Conficker—is still making its rounds.
Social engineers are probing bank call centers. New malicious spam impersonating WhatsApp carry a malicious payload that pulls infected machines into a botnet. McAfee detects new efforts to circumvent Android digital signature app validation.
CryptoLocker continues its malign spread, with over 12,000 new victims this week. High turnover in command-and-control servers helps it thrive: it rarely uses a server for more than a week.
Prolexic warns of rising distributed reflection denial-of-service attacks.
Increased military use of COTS technology prompts fresh concerns over supply chain cyber security.
The cyber insurance subsector's tentative growth is inhibited mainly by scanty threat data—more sharing is needed.
Pakistan's military says it has new software that renders its installations hack-proof (observers are reluctantly moved to skepticism).
Notes.
Today's issue includes events affecting Australia, Austria, Belgium, China, Finland, Germany, India, Indonesia, Iran, Luxembourg, Malaysia, Netherlands, Nigeria, Norway, Pakistan, Sweden, Switzerland, Syria, United Kingdom, United Nations, and United States..
Cyber Attacks, Threats, and Vulnerabilities
Indonesian Hackers Take Credit for Australia Cyber Attacks (Jakarta Globe) The websites of the Australian Federal Police and the Reserve Bank of Australia have been the victims of an apparent cyber attack, with reports Thursday blaming Indonesian hackers
Code–Newbie Team from Indonesia and Malaysia Hacks 44 Chinese Government Domains (Hack Read) A group of Indonesian and Malaysian hacker going with the handle of Code-Newbie has hacked and defaced 44 Chinese government sub-domains belonging to Fifth Agriculture Division of the country
Hayden: Pro–Syrian hacker group working with Iran (The Hill) The pro-Syrian hacker group, dubbed the "Syrian Electronic Army" is likely working in conjunction with or directly for Iranian military and intelligence on cyber warfare operations
Hackers Broke Into Syria's Secret Police Computers And Found…Porn (Forbes) An exiled Syrian hacker has claimed to have cracked the systems of the country's brutal secret police to find evidence that intelligence officers spent their working days watching pornography
Spam from an anti–virus company claiming to be a security patch? It's Zbot/Zeus malware… (Naked Security) Julie Yeates of SophosLabs (thanks Julie!) alerted us earlier today to a spam campaign that seemed to originate from a whole raft of different security and anti-virus companies
Trojan program steals log-in credentials, other sensitive data from SAP client applications (ComputerWorld) A recently discovered malicious program steals log-in passwords and other sensitive information from SAP client applications and allows cybercriminals to access SAP servers from infected workstations
SAP Trojan based partially on Carberp code (Help Net Security) Bit by bit, details about the first information-stealing Trojan discovered targeting SAP enterprise software are being unveiled, and Microsoft researchers have tied at least part of its source code to that of the infamous Carberp banking Trojan
Five Years Old And Still On The Run: DOWNAD (TrendLabs Security Intelligence Blog) Five years ago, Conficker/DOWNAD was first seen and quickly became notorious due to how quickly it spread and how much damage it caused
Financial Institution Call Centers Targeted By Social Engineers (Dark Reading) One in every 2,500 calls to these sites is from a fraudster trying to steal money, new report says
Fake WhatsApp 'Voice Message Notification' themed emails expose users to malware (Webroot Threat Blog) We've just intercepted a currently circulating malicious spam campaign impersonating WhatsApp — yet again — in an attempt to trick its users into thinking that they've received a voice mail. Once socially engineered users execute the malicious attachment found in the fake emails, their PCs automatically join the botnet operated by the cybercriminal(s) behind the campaign
Newly released proxy–supporting Origin brute–forcing tools targets users with weak passwords (Webroot Threat Blog) In need of a good reason to immediately improve the strength of your Origin password, in case you don't want to lose access to your inventory of games, as well as your gaming reputation? We're about to give you a pretty good one
New threats subverting digital signature validation (Help Net Security) McAfee Labs found new efforts to circumvent digital signature app validation on Android-based devices. The McAfee Labs team identified a new family of mobile malware that allows an attacker to bypass the digital signature validation of apps on Android devices, which contributed to a 30 percent increase in Android-based malware
Botnets Hike Usage of Google Cloud (Industrial Safety and Security Source) Mobile botnets are on the rise and one of the areas attackers are using the Google Cloud Messaging service as a stepping off point to send data from command-and-control servers to malware, researchers said
Ransomware Running Wild… (Industrial Safety and Security Source) There have been over 12,000 victims of the malware CryptoLocker in less than a full week, which has been locking up computers with ransomware over the past couple of months, researchers said. "CryptoLocker servers are changed very often – it is rare that a command-and-control server remains online for more than a week," according to security technology company Bitdefender Labs
Soaring price of Bitcoin prompts CryptoLocker ransomware price break (Ars Technica) CryptoLocker operators may be ruthless, but they don't lack business smarts
What You Need To Know About CryptoLocker (Dark Reading) CryptoLocker ransomware is terrorizing home and business users alike. Here's how to protect yourself
A spurned techie's revenge: Locking down his ex's digital life (Ars Technica) Revenge porn is just the tip of the iceberg when it comes to cyber-domestic abuse
DrDoS attacks—They're new and they're coming for you (FierceITSecurity) There is a new kind of cyber threat on the horizon. It's called a distributed reflection denial of service attack and it's on the rise, according to security firm Prolexic Technologies
Call Me i$Hm@eL (Pacific Standard) At the peak of his career in the late-2000s, a mysterious online figure from Eastern Europe attained the position of administrator of DarkMarket. He had climbed to the highest rung of one of the most significant cybercriminal forums—where stolen credit-card data and other illicit goods and services are traded—in history. But before he could do all that, he had to choose a nickname
Security Patches, Mitigations, and Software Updates
LG says it will push out firmware update for spy TVs, but fails to apologise (Graham Cluley) LGSmart TV manufacturer LG, which is embroiled in a controversy after reports that their devices were spying on what channels viewers were watching, has issued a statement
Serious security hole in Gmail password reset system found by security researcher (Graham Cluley) Google passwordA security researcher has uncovered what Google has described as a "high impact" bug in its account recovery process, which could have potentially allowed hackers to trick users into handing over their passwords
Cyber Trends
Threat Grows for Cyber-Physical Systems (SIGNAL) The rapid adoption of commercial firmware and software for cybersystems serving the critical infrastructure is increasing vulnerabilities that potentially could lead to devastating system failures, according to a report issued by a cybersecurity organization. In some cases, these diverse systems also are threatened by their legacy nature, which is a barrier to implementing necessary cybersecurity measures
Threat Intel To Deliver Some Benefits To Cyberinsurance (Dark Reading) About a third of large companies have a cyberinsurance policy, but the industry still has issues measuring risks and gauging threats
Learn cyber conflict history, or prepare to repeat it (Armed Forces Journal) "There have been at least seven major "wake-up calls" in cyber conflict, attacks or other events that shocked and surprised defenders and decisionmakers, then were promptly forgotten until a similar shock "awakened" a new cohort of cyber leaders. This pattern will repeat itself until policymakers and practitioners pay attention to history"
The Need for a Cyber Attack Warning System (Recorded Future) In the 1960s, one of the largest threats being faced was nuclear warfare. The development of satellites capable of detecting nuclear launches or explosions was a decade away, but the United States and the United Kingdom needed a means of detecting if they were under nuclear attack
Google's Eric Schmidt: 'the solution to government surveillance is to encrypt everything' (The Verge) Since revelations of the NSA's widespread data collection and monitoring earlier this year, Google has staunchly denied working with the government agency and has taken it to task on a number of occasions. After calling the NSA surveillance "outrageous" earlier this month, Google executive chairman Eric Schmidt has come out against the agency again in an interview with Bloomberg News. "The solution to government surveillance is to encrypt everything," Schmidt said in a speed at the Johns Hopkins University School of Advanced International Studies
Why Nigerian Banks Will Keep Losing Money to e–Fraud (This Day Live) The recent loss of money recorded by the Central Bank of Nigeria (CBN) has not only given researchers a case study but has shown that the acclaimed tools and techniques currently used by Nigerian banks are not sufficient
Better education required to counter 'culture of carelessness' and protect mobile data from hackers (Computing) More education is needed to counter a "culture of carelessness" within UK businesses that is leaving them vulnerable to computer hackers and other cyber threats
John Halamka: Looming HIT mandates 'too big in scope' (FierceHealthIT) In the wake of the much maligned HealthCare.gov rollout, John Halamka, CIO at Boston-based Beth Israel Deaconess Medical Center, says that he sees signs that even "well resourced" health institutions will have a hard time with various health IT mandates that are on the horizon
Most senior execs clueless about handling data breaches, survey finds (FierceITSecurity) Senior business leaders are not prepared for a data breach, with fewer than one in four knowing enough to take the lead should a breach occur, according to a survey of 341 senior executives and in-depth interviews with 17 senior executives conducted by the Economist Intelligence Unit on behalf of HP
Rise in targeted attacks pushes firms to managed security services (FierceITSecurity) An increase in targeted attacks against enterprises in Europe, the Middle East and Africa has prompted many to turn to managed security services to secure their organizations, according to a new report from Frost & Sullivan
The enemy within (Help Net Security) Recent high-profile cases in the press have called attention to the threat the trusted insider can pose to the security of an organization. A recent survey highlighted that employees often have access rights that are way beyond the ones they actually require for their roles. Another survey by the University of Glasgow showed the risks posed to corporate data by employees using consumer-based cloud services such as Dropbox
'Encrypt everything:'' Google's answer to government surveillance is catching on (CSO) And the Giants of the Web seems to agree in the wake of recent NSA spying revelations. Lock it all down!
Why current security efforts are like using bayonets against a modern army (CSO) I recently sat on a panel with people working on these approaches, professionally, before I was born. And they lament that they've been "fighting the same battle" for over 40 years without success. It's time for security to evolve
Marketplace
Critics say U.S. tech companies could suffer in warning against China-based cloud services (CSO) Congressional commission says that security risk could lead to backlash against American tech companies
The hacker hunters (Financial Times) An elite battalion of largely twentysomething experts are on the front line of corporate cyber defence
PasswordBox Acquires Legacy Locker (Dark Reading) Acquisition follows the recent announcement that PasswordBox has raised $6 million
Tony Moraco on The 'New' SAIC, Post–Spinoff Goals & Changing Market Strategy (Executive Biz) Tony Moraco - SAIC, ExecutiveMosaicAfter more than four decades of doing business as Science Applications International Corp., the iconic contractor founded by Dr. Robert Beyster divided into two independent companies in September
SRA Appoints Tom Nixon, Executive Vice President and Chief Growth Officer (4-Traders) SRA International, Inc., a leading provider of IT solutions and professional services to government organizations, today announced the company has appointed Tom Nixon as Executive Vice President and Chief Growth Officer
TeraDact Solutions, Inc. names Gus Hunt Chief Cyber Strategist (Virtual-Strategy Magazine) TeraDact Solutions, Inc. (www.teradact.com), a privately held Missoula, Montana-based software company, announced today at Bloomberg, The Year Ahead: 2014, that Ira A. (Gus) Hunt, the former Chief Technology Officer for the Central Intelligence Agency, has joined the company as Chief Cyber Strategist and will also serve on the TeraDact Advisory Board
Products, Services, and Solutions
Solutionary Formalizes Critical Incident Response Services Offering (Wall Street Journal) The new offerings include Incident Response Planning, Incident Response Plan Testing, Forensics and Malware Analysis. Solutionary CIRS are available at
Security Innovation Releases NTRU Public Key Cryptography to Open–Source Community to help fend off looming "Cryptopocalypse" (Hispanic Business) Security Innovation, an authority in application and crypto security, today announced the availability of NTRU crypto for free use in open-source software. With its small footprint, high speed, future-proof security, and IEEE and X9 standards adoption, NTRU is poised to become the de facto crypto in the post-RSA world
EPA experiments with Thunderclap (FierceGovIT) Late last month the Environmental Protection Agency experimented with a new social media tool designed to amplify a single message across social networks called Thunderclap. The tool is open to all agencies for use based on federal-friendly terms of service recently negotiated by the General Services Administration
Tresys Technology Announces Availability of New Product Tresys MobileFortress™ (Hispanic Business) Tresys Technology, a leading provider of cyber defense technology and engineering services to our nation's defense, intelligence and critical infrastructure organizations, announced today the general availability of Tresys MobileFortress for Android, a secure mobile operating system for Government and Commercial Enterprise mobile platforms
Technologies, Techniques, and Standards
Replacing Security Best Practices with Things that Actually Work (Threatpost) The term "best practices" is high on the list of overused and nearly meaningless phrases that get thrown around in the security field. It forms the basis for regulations such as HIPAA and PCI DSS and yet if you asked a random sample of 10 security people what the phrase meant, you'd likely get 10 different answers. But what if there aren't actually any best practices
NIST focused on outcomes for privacy appendix in cybersecurity framework, says Lefkovitz (FierceGovIT) The privacy appendix contained within the private sector critical infrastructure cybersecurity framework being developed by the National Institute of Standards and Technology is meant to tie into corresponding cybersecurity practices, a NIST official said during a Nov. 8 workshop
Are tablets secure enough for business? (Help Net Security) Amazon is launching its first enterprise-ready tablet. A smart move, as the much-loved mobile device can finally be integrated into business. However it does beg the question, how can SMEs ensure they are prepared for this new mobile device onslaught
Preventing cyber attacks not enough, justifying investments too, CIOs told (CIOL) Despite the increasing security threats, most organizations are only reactive to security issues instead of being proactive. In such a situation, CIOs have to not only justify the security spending by preventing cyber attack on their organizations but also build convincing metrics
5 Ways To Keep Big Data From Going Bad (CRN) While the collection and analysis of troves of data offer potential societal benefits, the public needs to understand the risks it poses on individual privacy and security, said Barton Gellman, a two-time Pulitzer Prize winning author and reporter who is one of three journalists still reviewing National Security Agency documents leaked by Edward Snowden
Financial Services Industry Proposes Security Controls For Third–Party, Open–Source Software (Dark Reading) FS-ISAC addresses potential dangers of insecure software components used by financial firms
Study: Most Application Developers Don't Know Security, But Can Learn (Dark Reading) Solid training of app developers can reduce vulnerabilities, Denim Group study says
IT Security Best Practices For Cyber Monday (Dark Reading) Businesses need to prepare for the prevalence of malware hidden in cheerful holiday greetings
Academia
Is It Fair to Steer Students into STEM Disciplines Facing a Glut of Workers? (IEEE Spectrum) The argument over whether or not there is a shortage of qualified STEM workers was replayed once more in a story this past week in a Chronicle of Higher Education article titled, "The STEM Crisis: Reality or Myth." Unfortunately, you need to be a subscriber to gain full access to the article, but I thought a few quotes from the usual suspects claiming there is a STEM crisis in the United States would be enlightening
Legislation, Policy, and Regulation
All military installations including GHQ now fool-proof for cyber attacks (The News Tribe) Pak Army now has taken big step and created a new software to make fool proof all military installations including General Head Quarter
Iran Blocks Encrypted Chat Service Despite Claims of Internet Freedom (Mashable) Iranian officials have promised more Internet freedom since Hassan Rouhani was elected in June. However, many websites and social networks, like Facebook an Twitter, remain blocked
Father of Web says China will dismantle 'great firewall' (Reuters via The West Australian) China's rulers will ultimately take it upon themselves to dismantle the "great firewall" that limits its people's access to the Internet because doing so will boost China's economy, the inventor of the World Wide Web said
Sir Tim Berners–Lee Blasts "Insidious, Chilling Effects" Of Online Surveillance, Says We Should Be Protecting Whistleblowers Like Snowden (TechCrunch) The rising tides of online surveillance, and the lack of safeguards from governments to protect individuals against them, are having a disastrous effect on how the internet will grow and have an impact in the future -- possibly even more than censorship, the inventor of the World Wide Web said today. Speaking at the launch of the Web Index, an annual piece of research from the World Wide Web
U.N. anti–spying resolution weakened in bid to gain U.S., British support (Reuters via Chicago Tribune) A draft U.N. resolution that some diplomats said suggested spying in foreign countries could be a human rights violation has been weakened to appease the United States, Britain and others ahead of a vote by a U.N. committee next week
Revelations about Britain's intelligence agencies 'chipping away' at public support for their work, says Nick Clegg (The Independent) Deputy PM responds to recent disclosure that Blair government gave US permission to store and analyse email, mobile phone and internet records of potentially millions of Britons
Congress Draws Battle Lines Over NSA Phone Snooping Program (PC Magazine) In the wake of revelations about the National Security Agency's domestic surveillance programs over American phone records and Internet activities, Congressional leaders are demanding reform to rein in the agency's broad powers
Most of NSA's data collection authorized by order Ronald Reagan issued (Miami Herald) The National Security Agency's collection of information on Americans' cellphone and Internet usage reaches far beyond the two programs that have received public attention in recent months, to a presidential order that is older than the Internet itself
Spy Agency Excuse Absurd, Revolting (Wheeling News Register) Sit down for this one. You're not going to like it…"Blame the computer" just won't do
Poll: Many View NSA Intrusions as Unjustified (WTMA) Public belief that the National Security Agency unnecessarily intrudes on privacy rights has grown, but so has the sense that Edward Snowden damaged U.S. security by disclosing the spy agency's activities — with the latter a more powerful factor in views on charging him with a crime
Majority: Snowden leaks hurt national security (The Hill) A majority of people in the United States says Edward Snowden's leaks damaged U.S. national security
OMB: Agencies must implement continuous monitoring by 2017 (Federal Times) Agencies have until fiscal 2017 to implement continuous monitoring of information systems, according to guidance released Monday by the Office of Management and Budget
Obama administration looks to scrub security clearance list (Politico) The Obama administration has ordered a government-wide reassessment of how almost 5 million Americans have been granted classified information security clearances and whether each person currently approved to see sensitive national security secrets truly has a need for such access
Proposed security clearance regulation inadequate in current form, says GAO official (FierceGovernment) A regulation jointly proposed by the Office of the Director of National Intelligence and the Office of Personnel Management to update the position designation process is inadequate, said a Government Accountability Office official
Litigation, Investigation, and Law Enforcement
Indonesia's telcos to investigate their role in the phone tapping of president (The Guardian) Communications minister gives phone companies a week to investigate whether they helped Australian spies
New forensics lab will help police take the fight to cyber criminals (Canberra Times) Cyber criminals will be in the cross-hairs as part of operations at the Australian Federal Police's new multimillion-dollar forensics centre
Feds say Silk Road suspect's computer shows he (thought he) plotted 6 murders (Ars Technica) New court filings against Ross Ulbricht, the young Texan accused of being the mastermind behind the notorious Silk Road website, show new and compelling evidence that he was the man at the helm
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
New Resources to Grow Cyber Security Companies in Maryland (Rockville, Maryland, USA, Nov 25, 2013) Learn about new resources available locally to grow your cybersecurity company, including the Maryland Cybersecurity Investment Incentive Tax Credit and the Montgomery County Supplemental Incentive Program for qualified Maryland cybersecurity companies (QMCC). The Maryland Department of Business & Economic Development (DBED) will begin accepting applications from QMCC on December 9 - so now is the time to apply to be eligible for a portion of the $3 million program that offers a refundable tax credit to QMCC that seek and secure investment from in-state or out-of-state investors. Information will also be available regarding the Maryland Employer Security Clearance Cost (ESCC) Tax Credit for security clearance administrative expenses, SCIF costs and first year leasing and get the latest update on the new National Cybersecurity Center of Excellence at NIST.
Oil and Gas Cyber Security 2013 (London, England, UK, Nov 25 - 26, 2013) It has been stated that by 2018 the oil and gas industry will be spending up to $1.87 billion on cyber security. The hugely increased demand to protect a multi-billion dollar global industry is being spurred on by the ever growing cyber threat across the globe. It is against this backdrop that SMi are launching their 3rd annual Oil and Gas Cyber Security 2013 conference.
IT Forum Expo/Black Hat Regional Summit (, Jan 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions will provide candid insight and education for IT security professionals.
DefCamp 2013 (Bucharest, Romania, Nov 29 - 30, 2013) DefCamp is one of the most important conferences on hacking & information security in South-East Europe, bringing hands-on talks about latest research and practices from the INFOSEC field, gathering under the same roof security specialists, entrepreneurs, academic, private and public representatives in the high energy atmosphere of Bucharest, Romania.
2nd Annual East Africa IT and Cyber Security Convention 2013 (Nairobi, Kenya, Nov 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber networks, mobile, and IT infrastructures. Enhancing the security, resiliency, and reliability of the nation's cyber and communications infrastructure is a challenge that must be met, attend the East Africa Cyber Security and IT Security Convention 2013 that will equip you with a comprehensive range of clarifications and solutions.
Operationalize Threat Intelligence (Webinar, Dec 4, 2013) Security teams are overloaded with threat feeds. It doesn't end with third party providers. It includes alerts, logs, and tips from their own security and IT solutions. We need help transforming this data into knowledge so we can act. Attendees will learn concepts and best practices that enable organizations to reduce, prioritize and operationalize threat intelligence.
Cloud Security Alliance Congress 2013 (Orlando, Florida, USA, Dec 4 - 5, 2013) The CSA Congress is the industry's premier gathering for IT security professionals and executives who must further educate themselves on the rapidly evolving subject of cloud security. In addition to offering best practices and practical solutions for remaining secure in the cloud, CSA Congress will focus on emerging areas of growth and concern in cloud security, including standardization, transparency of controls, mobile computing, Big Data in the cloud and innovation.
SINET Showcase: THE SINET 16 (Washington, DC, USA, Dec 4 - 5, 2013) The SINET Showcase is supported by the Department of Homeland Security, Science & Technology Directorate and provides a significant opportunity for industry's most innovative global entrepreneurs to present in front of 350 sophisticated investors, buyers and researchers from the commercial and government markets. If a company is selected as one of the SINET 16, it will not only be recognized at the event, but receive access to prospective investors and customers as well. Please note that the deadline to apply for the SINET 16 is August 15th.
The 8th International Conference for Internet Technology and Secured Transactions (London, England, UK, Dec 9 - 12, 2013) The 8th International Conference for Internet Technology and Secured Transactions (ICITST-2013) is an international refereed conference dedicated to the advancement of the theory and practical implementation of secured Internet transactions and to fostering discussions on information technology evolution.
World Congress on Internet Security (London, England, UK, Dec 9 - 12, 2013) The WorldCIS-2013 is an international forum dedicated to the advancement of the theory and practical implementation of security on the Internet and Computer Networks. The inability to properly secure the Internet, computer networks, protecting the Internet against emerging threats and vulnerabilities, and sustaining privacy and trust has been a key focus of research. The WorldCIS aims to provide a highly professional and comparative academic research forum that promotes collaborative excellence between academia and industry.
ACSAC 2013 (New Orleans, Louisiana, USA, Dec 9 - 13, 2013) The Annual Computer Security Applications Conference (ACSAC) is an internationally recognized forum where practitioners, researchers, and developers in information and system security meet to learn and to exchange practical ideas and experiences.
2013 ASE International Conference on Cyber Security (Orlando, Florida, USA, Dec 10 - 15, 2013) The annual ASE Cyber Security Conference is a leading international forum for cyber security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange techniques, tools, and experiences. The conference seeks submissions from academia, government, and industry presenting novel research on all practical and theoretical aspects of cyber security. The First ASE International Conference on Cyber Security provides a key forum for researchers and industry practitioners to exchange information regarding advancements in the state of art and practice of cyber security.
Cyber Defense Initiative 2013 (Washington, DC, USA, Dec 12 - 19, 2013) NetWars Tournament runs over an intense two- to three-day period, at a conference or hosted onsite. Many enterprises, government agencies, and military bases are using NetWars OnSites to help identify skilled personnel and as part of extensive hands-on training.