It’s the buzzword that’s leading the discourse in every tech boardroom from Shenzhen to Silicon Valley; the metaverse. The race is on for web 3.0 dominance. Will we live in a digitopia driven by social media, or will our experience of this new frontier be gamified to the hilt?
One thing that needs to be high on the agenda when it comes to developing this totally immersive digital realm is the fact that the governors of the metaverse need to build in security from the outset. To do this, it’s vital to identify what the potential vulnerabilities or pain points will be.
Let’s take a look at some of the ways the metaverse will change the way we look at cybersecurity in the years to come.
NFT and Crypto Crime
Nonfungible tokens (NFTs) already appear set to become one of the greatest tradable commodities within the metaverse. When you buy an NFT, you’re getting a unique item. The transaction and proof of ownership are logged within the blockchain.
As we know blockchains are secure and are designed to be impenetrable. That said, hackers are smart, and it’s not unheard of for blockchains to fall prey to tech-savvy criminals. One hack sees a fork to a fake blockchain being created during verification. This can be brought on by a hacker gaining access to the mining process.
Other crypto scams dupe people into unwittingly granting a hacker access to their wallets.
With NFT artworks already netting millions of dollars, how long will it take for scammers to create fake NFTs or to work out how to swipe them from their rightful owner? And, will the idea of an online art heist become commonplace?
While VR technology is going to create almost infinite experiential possibilities, it doesn’t come without its vulnerabilities.
Voice command on VR headsets could allow criminals to eavesdrop. Equipment that uses motion sensors for speech-related facial movements could lead to the theft of sensitive data, including users’ passwords and credit card details.
Recent research carried out by Rutgers University-New Brunswick used an eavesdropping attack known as “Face-Mic”. Using this technique, the researchers found the same vulnerabilities in a range of VR tech, including high-end equipment.
While vendors typically address the utilisation of microphones in their policies, there are no permissions in place to prevent access to motion sensors including gyroscopes and accelerometers, meaning these are left open to malware invasion.
Data Protection and Privacy
The days when the internet resembeled the wild west are behind us. With the growth of social media over the past decade and a half, the internet has come of age and there are now much better guidelines that govern privacy and the use of personal information. But how will the metaverse be different from what’s gone before?
In comparison to traditional social media platforms, a metaverse platform requires more intimate tracking of individuals. Facial expressions, biometric information, vocal variations, and physiological interactions are just some of the examples of data that tech companies will be able to gather using metaverse technology.
All of this data gives companies a more thorough understanding of an individual’s behaviour, allowing for more refined target marketing. Of course, with even more personal data on file, the companies that hold this information will become greater targets for cybercrime.
One major concern though is the fact that the metaverse will be built using blockchain technology. Decentralised blockchains have no moderators or administrators. Without a governing body, there’s nobody to take control of retrieving illegally obtained digital assets.
Into the Great Unknown
While at this stage, the metaverse is an evolving concept that we’re starting to experience the waking hours of, it does remain to be seen whether we’re more likely to live in a Meta-powered realm, or a much broader metaverse that sees multiple companies sharing the space.
What is certain is that no tech company will be entering the ring without implementing cybersecurity strategies that incorporate the learnings garnered from decades of hard lessons. Although this may not be the internet we’ve come to know, there are many transferable concerns.