The Metaverse may have new cyber threats. This is what you need to know

More On: Metaverse

Imagine talking about a secret multimillion-dollar deal with your boss. There is no more talk.

A while later, you and your boss meet up again, and you bring up your conversation from a while ago. Your boss has no recollection of the deal at all.

Then, what did happen?

As a person in the metaverse, this might mean you were the victim of an avatar hack or deepfake. Prabhu Ram, the head of CyberMedia Research's industry intelligence group, said this. Deepfakes are digital figures that have been changed to make them look or sound like someone else.

There has been a lot of buzz about the metaverse in the last few months. Companies like Meta, which was once called Facebook, and Ralph Lauren have been trying to get their hands on it. This means that if cybersecurity issues in the metaverse aren't fixed, these companies may not have the success that they want to.

There has already been a lot of cybercrime in the real world, and it is getting worse.

Check Point, a cybersecurity company, said that in 2021, there will be 50 more attacks on corporate networks every week than there were a year earlier. In the new world of the metaverse, not everyone will be aware of how dangerous it is, said Ram.

If you're worried about privacy and security in the metaverse because you don't know how it works yet, only a few "tech-aware" companies are worried.

"As new attack methods emerge, they will require a major shift in how we think about security in the metaverse," he said.

Identity safety

JPMorgan released a white paper in February that talked about how important user identification and privacy protections are for people to be able to interact and make transactions in the metaverse.

According to the white paper, "verifiable credentials" should be easy to set up to make it easier to identify other members of a community or team, or to give different people access to different virtual world locations and experiences.

In fact, Gary Gardiner, who is the head of security engineering for Asia-Pacific and Japan at Check Point Software Technologies, said the same thing.

In the same way that people think about internet security, they should think about how to keep the metaverse safe, he said. Security protocols should be as user-friendly as possible.

Users can be identified by "using tokens that could be assigned by an organization," or "biometrics in a headset you're wearing so there is that level of trust," he said. People are also looking at blockchain to do this.

Gardiner also said that avatars should have "little exclamation marks" above their heads to show that someone isn't trustworthy.

Data thefts

Metaverse users leave behind a trail of data, which could lead to a big problem in the real world, like tech companies getting into people's private lives.

People's data was taken without their permission in the case of Facebook and Cambridge Analytica in 2018. Users in the metaverse may have even more data for these companies to get their hands on if strict rules aren't put in place to keep them safe from these companies.

When users are wearing devices like virtual reality headsets, organizations can collect data such as their head and eye movement or their voice, said Philip Rosedale, founder of Second Life, an online world that allows people to hang out, eat and shop virtually.

“Meaning within a few seconds, we can identify it is you exactly wearing the device. This is a very serious potential privacy problem for the virtual world,” he said.

What can be done

He said in a blog post in December that most virtual meetings will move to the metaverse in two to three years.

Gardiner said that for businesses to be safe in the metaverse, it's important to make sure that staff are well-trained.

“The weakest point in any organization from a cybersecurity perspective is the user,” he explained.

The foundation [of the metaverse] has to be done well because if the foundation is weak and it’s not done well, people will lose confidence in the platform and we’ll stop using it.

Gary Gardiner

Check Point Software Technologies

If there is an attack on the metaverse, users will be in a better position if they have that level of training and know what to look for, he said.

Both Rosedale and Gardiner said that the type of security platforms and safety models that the metaverse puts in place for organizations is the most important way to keep people's privacy.

Rosedale said people will need to be able to use a "web of trust" to exchange information with other people in order to build trust more quickly. He used LinkedIn, a professional networking site, as an example.

It will help you figure out if you have friends in common with a new person if you know who they are and share that information with other people you trust, he said.

Gardiner said that companies that are working on the metaverse will need to work together to come up with a standard that will make security protocols work well.

Because if the foundation isn't strong or isn't done well, people will lose faith in the platform and we won't use it, Gardiner said.

-------

Related Video:

** Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of USA GAG nor its advertisers. The author will not be held responsible for information that is found at the end of links posted on this page.