The best smart home devices are dramatically bringing your dumb household into the future, letting you control everything from the front door lock to the bedroom lights with a phone, tablet or even a smart speaker. Below are the best rated Smart Home devices of 2017! Nebula Consulting was one of the first Smart Home installers in New England. If you would like a free consultation with one of our engineers, contact us today!

Smart Energy Monitoring: Curb Energy

CURB is the most powerful and intelligent integrated hardware/software system for visualizing and managing energy in residential and commercial settings. 18 dedicated sensors give you real-time information about your home’s power consumption, electrical vehicle charging and solar production. Integration with Samsung’s SmartThings platform enables you to directly control appliances on the go.

Smart Light Bulbs: Philips Hue

One thing that you might want to do as soon as you decide to make your home a smart home is switch out the light bulbs – something easier said than done considering how many different options out there. Of them all, however, we think the best smart light bulbs are Philips Hue range of smart bulbs.

Smart Thermostat: Nest Learning Thermostat 3rd Gen

A thinner, sleeker design. A bigger, sharper display. The 3rd generation Nest Learning Thermostat is more beautiful than ever. With Farsight, it lights up when it sees you coming and shows you the time or temperature from across the room. And the Nest Thermostat is proven to save energy. That’s the most beautiful part.

Smart Security Camera: NetGear Arlo Q

Home security is an important thing to consider, and there are a ton of connected security cameras out there. One of the best is the NetGear Arlo Q, because of the fact that it has a nice design and reliable motion-detection that starts recording when it detects an object moving about. If you buy the camera, you’ll also get a free basic 7-day cloud recording service, and you can access that recorded footage through the accompanying app – which is excellently designed.

Smart Power Switch: iHome ISP5 Control Smart Plug

While there are great smart replacements for many devices, a much simpler option is simply using connected plugs in your power outlets. Doing so will give any device that plugs into a power outlet basic smart features like the ability to turn the device on and off, or the ability to monitor the device's power usage. It's Wi-Fi enabled, and works with HomeKit, Nest and Wink – so it should play nice with your other smart home devices.

Smart Lock: August Smart Lock 3rd Gen

Make your front door smarter with the most advanced and complete solution on the market. Go keyless to lock and unlock your door from anywhere with your phone. Give keyless entry to family, friends or even the dog walker. Lock and unlock your door, control keyless access, and keep track of who comes and goes, all from your phone. The 24/7 activity log means you’re always in the know. The lock easily attaches to your existing deadbolt so you can still use your regular keys.

Smart Doorbell: SkyBell HD Silver WiFi Video Doorbell

SkyBell HD is a High-Definition, video doorbell connected to your home Wi-Fi that lets you see, hear, and speak to visitors at your door simply by using your smartphone or tablet - even if you're not at home. With a 1080p camera, full-color night vision, motion sensor and live alerts - SkyBell HD will conveniently give you peace of mind when answering the door without compromising your safety. And even when you don't answer, SkyBell HD will record video to your cloud account as soon as the button is pressed or motion is detected. So, you'll always know who's at your door.

Smart Smoke Detector: Nest Protect

Nest doesn’t just make great smart thermostats: it also offers smoke alarms, which can connect to the rest of your smart home. That said, the Nest Protect looks great, and it offers great connectivity through Wi-Fi and IFTTT. Nest Protect has been redesigned from the inside out. It has an industrial-grade smoke sensor, can be hushed from your phone, tests itself automatically, and lasts up to 10 years. And just like the original Nest Protect, it also tells you what’s wrong and can even alert your phone.

Smart Flood Sensor: D-Link Wi-Fi Water Sensor

This smart wireless water sensor that helps keep your home safe. It will help you detect water damage before serious problems occur. Get alerted when water is detected in basements, sinks, near a water heater, dishwashers, in a bathroom or anywhere there might be moisture.

In the digital era, every company is considered a technology company. Whether you provide electricity, banking or public transportation, you are increasingly dependent upon the internet and network connectivity. If all companies are technology companies, that means all companies need to prioritize cyber security as a strategic imperative to ensure they are connected, digitized and successful. Every organization should focus on two cyber security fundamentals: Understand what’s going on, and know the simple actions you can take to facilitate better cyber security in your environment. We can leverage the network to enable both of these fundamentals. To do so requires good network hygiene.

We’ve been working to draw attention to the hidden security risks organizations face by not properly maintaining their aging infrastructures and patching vulnerable systems. The trends lead us to believe we should expect to see more of this activity in the future – with widespread attacks that target not only traditional servers and endpoints, but also the network itself. This future activity will bring with it significant consequences affecting not just enterprises but entire industries.

An organization can no longer make the assumption that its network infrastructure is secure. Factors such as TA16-250A, WannaCry, the Presidential Executive Order, the Modernizing Government Technology Act of 2017 and the recent Equifax breach make it clear that attacks are escalating and business leaders must be proactive and demonstrate security diligence. Infrastructure of the past was not built to withstand the threats of today’s landscape. It is crucial that every organization – regardless of industry – verifies the security and cyber resilience of their network infrastructure that drives their business and, collectively, our global economy and national security.

Although it’s expensive to incorporate updates, the costs of ignoring aging infrastructure can be potentially devastating – in the form of lost data, revenue and customers, destruction of service and, ultimately, consumer trust. It is crucial to update and regularly patch all hardware and software within a network to enable proper and safe connectivity, communication, operations and overall management. Waiting to take action and hoping that you will not be breached is no longer an option in today’s world.

Systems that were designed, built and deployed in decades past didn’t anticipate the hostile security environment of today. Until now, very few have thought about securing infrastructure because they didn’t think adversaries would target these systems and devices, or they had “higher priorities” to fix. This must change.

Outdated components and software provide an opportunity for attackers to breach networks ‒ increasing risks for unpatched machines and some legacy operating systems at end of support. Be sure to choose trustworthy vendors and technologies that allow the network administrator to verify devices are genuine, unmodified and operating as intended.

Keeping your network up to date provides a place for visibility, policy and control for the things that are coming online. Visibility helps us understand day-to-day behavior. It’s crucial to leverage the network to segment assets and functions in order to reduce exposure and create observations and control points. This helps execute on the second fundamental I mentioned above – know the simple actions to take to facilitate better cybersecurity in your environment. When things are out of the ordinary, the network can enforce security policies that allow the right users and devices to get the right access and contain the impact of a potential attack.

Every organization must assess the overall strength and cyber resilience of their deployed infrastructure and systems. This process likely will be eye-opening, but it’s a necessary reality check. Organizations that proactively improve their security posture will be better positioned to meet today’s threats and prepare for tomorrow’s challenges and opportunities.

If you would like to speak one of Nebula's security experts, please contact us.

Cyberattacks are a serious threat to businesses and consumers, with large-scale attacks having nationwide effects, thus making national security a serious concern. Contact Nebula's security experts for a free security audit for your business. Kaspersky Lab’s investigation reports that more than 100 banks across the world suffered up to $1 billion losses from a cyber attack back in 2013, including financial institutions from Russia, the United States, China, Germany and Ukraine. Carbanak, the malware used in these attacks, infiltrated and extracted data and exploited weaknesses in Microsoft Office files sent through emails.

The 2017 Ponemon Cost of Data Breach study revealed that the global average cost of a data breach is $3.62 million, making breaches some of the most expensive threats organizations can face.

Cybersecurity Ventures predicts that by 2021, cybercrime damages will cost up to $6 trillion annually.

Forms and Impacts of Malware

Different forms of malware have existed throughout the years, and the most recent variants are much stronger and more aggressive than before. Here are some recent examples:

Ransomware Ransomware is a type of malware that locks the victim’s system, extracts data and encrypts it. The hacker will then threaten to publish the data or keep it in a perpetual lockdown unless the victim pays a ransom.

Recent examples are WannaCry and Petya. WannaCry shocked the world when it infected more than 200,000 computers in more than 150 countries. Within the initial hours of the attack, 48 National Health Service organizations in the UK had to turn patients away or delay medical procedures. In the U.S., FedEx delivery services were delayed. Spain’s major telecoms and gas companies also suffered, as well as France’s Renault. Even the Russian Interior Ministry and Megafon, a telecom company, were impacted. The hackers reportedly ransomed more than $1 billion, not including damages.

Petya was first discovered in 2016 and resurfaced in 2017, using designs from WannaCry to effectively target systems. While giant businesses such as Merck, Maersk and Rosnoft were affected the attack specifically targeted Ukraine. An infrastructure breach in the country resulted in disruption of power, airports, public transit and even its central bank; the breach caused unprecedented effects in both economy, civic welfare and national security.

Banking Trojans Banking trojans are highly specific forms of trojans written for the purpose of stealing confidential banking information; they wait in a victim’s system and steal login credentials.

Zeus is one of the most pervasive and damaging banking trojans to date. A 2010 white paper by Unisys reported that Zeus is responsible for 44 percent of banking attacks and infected 3.6 million computers in the United States alone. A total of 960 banks and almost 90% of Fortune 500 companies fell victim. The financial damages were estimated to be about $100 million. However, its real impact is still undetermined due to its scope.

Since the “retirement” of its creator in 2011 and the successive leak of its source code, Zeus has spawned many imitators and variants.

Point Of Sale (POS) Trojan A POS trojan targets both businesses and consumers; it steals customer data from electronic payment systems such as debit and credit cards. POS machines in stores are also vulnerable.

Kaptoxa is a famous trojan that exposed the payment data of more than 70 million Target customers. The trojan escaped most security detection at the time and managed to remain in POS machines for days.

Tips to Protect Your Business

Be Aware As a business owner, you should be the first one to know the types of cybersecurity threats your company might face. A false sense of security is often the source of weak systems. Knowing what is out there and how to protect your business is a necessity.

Secure Your Network Firewalls are your first line of defense against cyberattacks. Your business connects to the internet via different applications such as email, VoIP and media streaming. Your firewall should monitor threats coming from different connections. Also, consider setting up a private network to have more control over your security.

Invest in Security A simple installation of antivirus is not enough. Your business’ assets should be protected by multiple layers of security. Antivirus, anti-malware, and anti-ransomware suites are some of the tools your business should have. These applications can also evaluate the weakness of your security system.

Keep Everything Up to Date Once the security system is in place, make sure that you have regularly scheduled updates. Malware rapidly evolves and your security applications need patches and updates to detect any attacks from new forms of threats. Similarly, run a regular update of your system drivers, operating systems and applications.

Encrypt Your Data In case hackers breach your security, your next level of protection is encryption. Encryption encodes your data, making it useless to third-party attacks. Most software companies offer encryption applications suitable for your needs.

Protect Your Hardware While the internet poses immense threats, your hardware is not safe either. Stolen hard drives, laptops and even thumb drives with company information may just be the vulnerability the bad guys are waiting for. Strong security in your business premises is a necessity, protecting not only physical assets but your data as well.

Develop a Security Policy More often than not, it’s people who are the greatest security threats. An employee who accidentally clicks the wrong link may cost you your business. Integrate security policies in your company operations. Educate your employees about the threats and how to prevent them. Workshops are available to help you strengthen the knowledge of your colleagues and employees against cybersecurity attacks.

Enforce Strong Passwords Password security should be a strictly enforced. Anything accessed in the company, from emails to bank accounts, should be protected by a strong password. Typically, a strong password should be a sentence that is at least 12 characters long. Focus on sentences that are easy to remember and/or pleasant to think about – on many sites, you can even use spaces!

Have an Emergency Response Plan Even with all your protection, the worst can still happen. Set up company guidelines on how to detect possible attacks, what to do during attacks and how to proceed afterward. The sooner you stop the attack and contact the authorities, the less damage an attack will cause.

Back Up Your Files Backups, which should have their own security system, can save you the pain of starting from scratch. In case an attack happens, your next priority is to get your business back to normal operations as soon as possible. Regularly updated backups can help you get things running again with minor losses.

Conclusion

Small and medium-sized businesses are common targets of attacks, as they can be used as gateways to gain access to bigger companies. With today’s heavily connected world, an attack on another business can put yours at risk. Stay updated on the current cybersecurity threats and how to prevent them. Make sure your company is always ready for a cybersecurity attack.

Each month, Nebula Consulting posts vulnerability notes from CERT’s vulnerability database. Check back often for updates! 02 Oct 2017 - VU#973527 - Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities

Dnsmasq is a widely used piece of open-source software. These vulnerabilities can be triggered remotely via DNS and DHCP protocols and can lead to remote code execution, information exposure, and denial of service. In some cases an attacker would need to induce one or more DNS requests.

Please see the Google Security blog post for additional information.

Solution: Apply an update. Dnsmasq version 2.78 has been released to address these vulnerabilities.

12 Oct 2017 - VU#590639 - NXP Semiconductors MQX RTOS contains multiple vulnerabilities

The NXP Semiconductors MQX RTOS prior to version 5.1 contains a buffer overflow in the DHCP client, which may lead to memory corruption allowing an attacker to execute arbitrary code, as well as an out of bounds read in the DNS client which may lead to a denial of service.

A remote, unauthenticated attacker may be able to send crafted DHCP or DNS packets to cause a buffer overflow and/or corrupt memory, leading to denial of service or code execution on the device.

The NXP Semiconductors MQX real-time operating system (RTOS) prior to version 5.1 is vulnerable to the following: CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') - CVE-2017-12718 CWE-125: Out-of-bounds Read - CVE-2017-12722

Solution: Apply an update. CVE-2017-12722 only affects MQX version 4.1 or prior. Affected users are encouraged to update to version 4.2 or later as soon as possible.

16 Oct 2017 - VU#228519 - Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse

Wi-Fi Protected Access II (WPA2) handshake traffic can be manipulated to induce nonce and session key reuse, resulting in key reinstallation by a victim wireless access point (AP) or client. After establishing a man-in-the-middle position between an AP and client, an attacker can selectively manipulate the timing and transmission of messages in the WPA2 Four-way, Group Key, Fast Basic Service Set (BSS) Transition, PeerKey, Tunneled Direct-Link Setup (TDLS) PeerKey (TPK), or Wireless Network Management (WNM) Sleep Mode handshakes, resulting in out-of-sequence reception or retransmission of messages. Depending on the data confidentiality protocols in use (e.g. TKIP, CCMP, and GCMP) and situational factors, the effect of these manipulations is to reset nonces and replay counters and ultimately to reinstall session keys. Key reuse facilitates arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast, broadcast, and multicast frames.

An attacker within the wireless communications range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocol being used. Impacts may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast, broadcast, and multicast frames.

Solution: Install updates. The WPA2 protocol is ubiquitous in wireless networking. The vulnerabilities described here are in the standard itself as opposed to individual implementations thereof; as such, any correct implementation is likely affected. Users are encouraged to install updates to affected products and hosts as they are available. For information about a specific vendor or product, check the Vendor Information section of this document or contact the vendor directly. Note that the vendor list below is not exhaustive.

16 Oct 2017 - VU#307015 - Infineon RSA library does not properly generate RSA key pairs

The Infineon RSA library version 1.02.013 does not properly generate RSA key pairs. As a result, the keyspace required for a brute force search is lessened such that it is feasible to factorize keys under at least 2048 bits and obtain the RSA private key. The attacker needs only access to the victim's RSA public key generated by this library in order to calculate the private key.

CWE-310: Cryptographic Issues - CVE-2017-15361

Note that only RSA key generation is impacted. ECC is unaffected. RSA keys generated by other devices/libraries may also be used safely with this library.

Trusted Platform Modules (TPM) or smartcards may use this RSA library in their products. Infineon has provided a partial list of impacted vendors in a security advisory. Please see our list of impacted vendors below.

The researcher has released a summary of the work. Full details are expected at the ACM CCS conference in November 2017.

A remote attacker may be able recover the RSA private key from a victim's public key, if it was generated by the Infineon RSA library.

Solution: Apply an update. Check with your device manufacturer for information on firmware updates.

A security flaw in the WPA2 protocol was found and published by Belgian researchers on the morning of October 16th 2017. The protocol – normally used for securing modern Wi-Fi networks – has been broken to expose wireless internet traffic to potential eavesdropping and attacks. This vulnerability puts million of devices connected to Wi-Fi at risk for attacks. What has happened

In short, a combination of vulnerabilities in the WPA2 specification and its implementation was published. This combination allows an attacker to listen in on the data transmitted through Wi-Fi connections and potentially even inject data packets into them. This affects everything from Linux, Windows, iOS, Android, BSD and most likely some other platforms. Some sources claim that iOS and Windows are not affected, but according to the report written by the researcher behind these vulnerabilities, this is not true. It is possible to attack the access point directly which indirectly affects any device connected to it.

The vulnerability opens up for three attacks. The first attacks broadcast messages. While this is bad in itself, it’s not as devastating as the other two that have the potential to attack any message. The second attack targets an issue in the client. This affects Linux and Android according to the research paper, but could affect other systems as well. The third attack targets the access points. This means that any client connected could be attacked indirectly. Both of the latter attacks mean that an attacker can listen in on the traffic and could potentially even inject malicious content.

How do I know if I am affected?

If you are using Wi-Fi and have not received a security patch for this vulnerability, then you are most likely vulnerable. Unfortunately, the attack can be performed by just simulating background noise so there is not any reliable way to know if you are affected.

What to do?

• Look for updates for your OS. Most vendors should already be releasing security patches for these vulnerabilities (when reading the patch notes, keep an eye out for “KRACK attack” or “WPA2 nonce reuse”).
• If possible, use a cabled connection instead of Wi-Fi for your computer until a patch is out.
• Turn off Wi-Fi on your phone until you’ve patched your device.
• If possible, turn off the 802.11r feature in your router or device. Contact your access point vendor for information on how to disable this for your particular access point. In Linux you can remove this support in wpa_supplicant by removing FT-PSK and FT-EAP from your accepted protocols in wpa_supplicant.conf. (Note that Linux, Android and possibly other systems can be attacked through other means than the 802.11r feature.)
• Use application-level security like HTTPS, SSL, VPN etc.
• Be extra vigilant for anything that implies a broken trust chain, for example broken certificate warnings on websites or a missing lock in the address bar of your browser.

How do you patch your software?

• Your first priority should be to patch your clients (your phone and computer).
• Check with your router/access point vendor for patches to your router/APs firmware. Make sure to download them over a secure connection if you’re still on Wi-Fi.

Worth knowing for companies out there

• The attack requires the attacker to be in proximity to the Wi-Fi they are attacking. This means some locations will be reasonably safe.
• Mobile devices will be most vulnerable since they move from Wi-Fi to Wi-Fi automatically. Make sure these are patched or have their Wi-Fi turned off until that is possible.

How can this vulnerability be used by a hacker?

This vulnerability can let an attacker listen in on your network traffic and in some cases send fake network traffic. This opens up a very wide attack surface. An attacker could steal sensitive information or inject malicious data to infect the device it is attacking.