Columbia-based MasterPeace Solutions is working on an open source project to address security vulnerabilities in Internet of Things devices.
osMUD is aimed at protecting internet-connected devices used at homes and small businesses. The project was shared with the National Institute of Standards and Technology’s National Cybersecurity Center of Excellence, which is based in Rockville, according to MasterPeace.
Now, the cybersecurity firm will participate in a consortium that was formed around the effort that looks to bring together bring together device manufacturers, network security companies, and network administrators. Participating organizations include Cable Labs, Cisco, CTIA, Digicert, ForeScout, Global Cyber Alliance, Patton, and Symantec. Each organization will provide code and expertise to the effort. MasterPeace is providing network security engineering and defense operations expertise. The longtime government contractor has previously shown willingness to gather the community in recent years with efforts like an in-house accelerator.
“We believe IoT represents a significant cyber threat. This technology has the potential to expand an organization’s attack surface, merge unmitigated vulnerabilities into an ecosystem, and, in the worst case, facilitate the transformation of digital attacks to physical attacks with severe consequences,” MasterPeace CEO Drew Cohen said via email. “Even with these threats, the IoT market is growing faster than other IT segments. We anticipate that organizations and consumers will start investing in technology that offers protection, and believe that developing cutting edge IoT security technology makes great business sense.”
MUD, short for Manufacturer Usage Description, will provide manufacturers with steps to keep devices from communicating inappropriately. These steps are designed to then help automate security processes.
“MUD will make it possible for manufacturers to define ‘safe’ operating conditions of their devices so that network security capabilities can automatically limit device functionality to appropriate usage, thereby blocking malicious activity,” Cohen said.
Given that the effort is open source, the information will then be freely available.
Knowledge is power!
Subscribe for free today and stay up to date with news and tips you need to grow your career and connect with our vibrant tech community.