Forget what the metaverse might look like, there are bigger questions

“The metaverse” is a term that has been used with great enthusiasm by some of the world’s biggest tech companies lately, but the concept remains relatively ill-defined.

If you ask Meta (born Facebook), the metaverse will be a series of interconnected virtual spaces where people come together to work, socialize and play. Those cloud– environments based on will be accessible via virtual reality headsets, or otherwise projected onto the physical world.

Microsoft, meanwhile, describes the metaverse as a “persistent digital world that is connected to many aspects of the physical world, including people, places, and things.” The company says it views the metaverse as “both a new medium and a type of application” that is new in the same way the internet was in the 1990s.

If you are still not wiser, you are not alone. The metaverse is still very much under construction; its constituent technologies already exist, but the full picture will not take shape for many years.

However, according to the threat intelligence unit of the networking company Cisco, what exactly the metaverse will look like should be a secondary consideration – the first priority should be to secure it.

“The term ‘metaverse’ implies that there is a coming revolution in the way we use the Internet and interact with each other. However, we need to be aware of the possible downsides, ”warned Martin Lee, EMER manager at Cisco Talos.

“We are dealing here with a new version of the Wild West; it’s very exciting, but just as dangerous of a cybersecurity and data confidentiality perspective.”

Move fast and (try not to) break things

Historically, the most successful tech companies have been those that have not wavered in their commitment to the ‘go fast and break things’ mantra, coined by Mark Zuckerberg himself.

The problem with this approach, says Lee, is that product-focused technologists often leave a minefield of cybersecurity and data privacy issues in their wake, just waiting to be exploited by cybercriminals.

“This has been a problem in software development for years; safety is too often an afterthought, ”he said TechRadar Pro. “And whenever there has been an evolution in the way we communicate, it has also brought out the dark side of human nature.”

“The crooks and fraudsters of this world have repeatedly demonstrated their capacity for innovation. They have always been eager to embrace new platforms, which provide a new forum for criminal business models, and there is no reason to believe the metaverse will be any different.


(Image credit: Shutterstock / is.a.bella)

According to Lee, the first step is to educate regular users about potential threats. An informed public is better equipped to recognize a fraud attempt and make decisions about which facets of the metaverse to participate in.

Second, he says it’s important to demand that security be built into the equation from day one of development. Since most experts believe the Metaverse will not come to fruition for many years to come, there should be plenty of leads for it to happen.

In practice, however, securing the metaverse by design can prove difficult. Since this series of virtual environments is unlikely to be owned or governed by a single entity, and given the likelihood that cryptocurrency plays a role in transactions between constituents of the Metaverse, it will not be straightforward. identify who is responsible for preventing fraud and cyber attacks.

Presented with this conundrum, Lee conceded that it’s not a problem the company has yet to figure out how to fix. The internet was created three decades ago, he noted, and it is still not trivial to determine who is responsible for policing a digital crime, as the internet “in many ways transcends national borders. “.

“In the physical world we have governments, law enforcement and courts where we can settle disputes,” he said. “So when these new metaverse environments are created from scratch, it will be important to clarify who is monitoring them and what recourse users have if something goes wrong. “

Another crucial part of securing the metaverse will be establishing a robust system for identity verification. In a world where everyone is represented by an avatar, identity theft could become all the more intrusive and dangerous.

“In the real world, we have identities and consequences for our actions that affect our personal reputation, but that real world identity is decoupled in a virtual environment,” Lee told us.

“In the Metaverse, you won’t know if people are who they say they are or if they are trustworthy. The question of who is who in these virtual worlds is not yet resolved. “

In addition to spear phishing and financial fraud attacks, it’s easy to imagine how the difficulties in clarifying identity in the Metaverse could be used for cat fishing or stalking purposes.

It is also expected that people will attach cryptocurrency wallets to their metaverse avatars, which Lee describes as a “gift for the bad guys.” And non-fungible tokens (TVN) are also expected to play a major role, perhaps in the form of digital clothing, which will create opportunities for further scams.


Using cryptocurrency in the metaverse is expected to create additional risk. (Image credit: Shutterstock / Aleksey Ivanov)

Public blockchain, the technology behind both cryptocurrency and NFTs, is not maintained and operated by any single entity. This is useful for anyone worried about the dangers of centralized power and single points of failure, but not as useful when it comes to tackling wrongdoing.

“If you engage in the exchange of value in one of these environments, what are you going to do when the other party does not meet their end of the bargain? When you hand over cryptocurrency but get nothing in return? Lee asked.

“We have already seen evidence of digital goods forgeries and major thefts from cryptocurrency wallets, and we are certainly considering these kinds of scams in the metaverse as well.”

As for how these issues might be addressed, Lee reiterated the importance of educating consumers so that they are better equipped to protect themselves. But end users have never been particularly good at advocating for their own interests. For example, despite repeated warnings about the dangers of Passwords, many people are still guilty of poor password hygiene.

Solutions like multi-factor authentication may go some way to protecting against phishing and fraud in the metaverse, Lee says. Another option is to enforce biometric authentication, which would significantly reduce the risk of identity theft attacks. But that would require people to be willing to sacrifice either convenience or their biometrics for security reasons.

Cost-benefit analysis

For someone who spent the duration of our conversation methodically exposing the dangers associated with the Metaverse, Lee is surprisingly optimistic about the value it could bring.

When asked if he thinks companies positioning themselves as the architects of the metaverse (Meta, Microsoft, Google, etc.) can be trusted to build this new medium responsibly, Lee declined to comment. But he expressed a level of excitement about the possibilities the Metaverse represents.

“Generally I’m optimistic about the direction this is going,” he told us. “These virtual worlds will be full of opportunities and have the potential to have a huge positive impact on our everyday lives.”

“Of course, there are also costs. As the metaverse evolves, it will be about minimizing the potential for abuse, raising the level of consumer awareness and putting pressure on the companies tasked with building it. “

The propensity of technologists to prioritize product over safety is almost impossible to quench – at least to some extent, that’s the reason for their success. However, if end users demand that their security be taken seriously, suggests Lee, technologists will have no choice but to heed it.

  • Protect yourself against security threats with the best antivirus services available

Source link

Comments are closed.