What will happen when on the internet we are no longer simple accounts that access social platforms or IP addresses that surf the web? How should we behave when – and if – an even greater part of our daily lives moves into the digital world? We still do not know what form the metaverse will take, a term with vague boundaries and within which we find a bit of everything: from the projects of Meta (the company that owns Facebook) that aim to bring all our social life into a single environment in virtual reality, to playful worlds like Fornite, up to blockchain-based platforms like Decentraland.
Devices, software and email: cybercrime becomes distributed
by Vito de Ceglia
However, one thing is certain: whether it is in virtual reality or if it is experienced through avatars in the third person, the goal of the various projects related to the metaverse is to make us live in a digital world in which we play, socialize, work. , shop and attend events via our avatar. In this all-encompassing environment we will move accordingly using a single digital double, which will hold an immense amount of personal data that today are scattered across multiple online services (and sometimes still kept in the physical world)
“Your metaverse profile will contain much more personal information than your current Google or Facebook account,” reads for example on VentureBeat. “Here will be your entire digital life, your personality. Protecting it from theft will be an extremely important factor for this venture to be successful. Equally important will be to ensure that one’s identity cannot be falsified in the metaverse ”.
Home Wi-Fi and work PCs: the black hole of digital promiscuity
by Andrea Frollà
We do not yet know what form the metaverse will take, but we can already get an idea of what are the possible risks in terms of cybersecurity that we will run if this environment develops according to expectations and, therefore, all the data and assets that we keep today in a tide of different online services (social networks, e-commerce, banks, video games, streaming platforms, etc.) will be combined in a single account linked to our avatar.
Let’s start with the economic risks. If cryptocurrencies play a major role in the metaverse economy – as Mark Zuckerberg also stated – it could mean that a growing portion of our savings will shift from banks (with all their security systems) to wallets: electronic wallets in which to store your cryptocurrencies. “The metaverse is connected to the world of cryptocurrencies and NFTs, this makes it a greedy prey for hackers, ready to take possession of the wallets and access keys of the citizens of the metaverse”, reports the Italian cybersecurity company Ermes, which has identified some of the major security risks in the metaverse.
Digital warfare
From Anonymus to the military, which are the hacker groups active in the Russia-Ukraine conflict
by Andrea Daniele Signorelli
In the metaverse to come, we will therefore be much more exposed than today to hacker attacks aimed at (digitally) emptying our wallet. The same goes for digital goods. According to expectations, in the metaverse we will buy virtual accessories to customize our avatars, digital tickets to access the events, collectibles to exchange between fans. All this could be certified through Nft, the electronic signature saved on the blockchain that certifies the ownership of a digital asset. However, the world of NFT is still today a deregulated far west and plagued by a huge number of scams and thefts. In the metaverse we will therefore have to pay close attention to what we are going to buy; a bit as if we were buying branded accessories at a street market or a second-hand car from an unreliable dealer.
The biggest risk, however, is another. If online identity theft already allows us to impersonate ourselves on Facebook or elsewhere, in the metaverse “users could incur the theft of their avatar and the cybercriminal could be recognized as its true owner; as such, free to carry out any kind of harmful action ”, Ermes always explains. In short, if the avatar represents our master key for the metaverse, having the access keys stolen is a risk with enormous economic consequences and more.
Doubts about Kaspersky
Alarm from the Cybersecurity Agency: “Beware of Russian software”
by Arturo Di Corinto
Some possible hacker attacks, on the other hand, seem to have come out of a science fiction novel. The “human joystick” attack, for example, allows you to “control the position of users and move them in physical space without them realizing. The objectives are multiple: deception, violence or extortion ”. It’s as if someone in the real world has the ability to manipulate us at will, as a form of harassment or blackmail.
A final risk linked to the metaverse concerns the physical world and is connected to a whole series of threats identified in the Internet of Things sector: from hackers who sneak into the smart thermostats of others to take control of the home temperature, up to tampering with surveillance cameras to spy on us in privacy (always for the purpose of blackmail). In the case of the metaverse, it is possible for a hacker to take control of our virtual reality devices to change the boundaries of the environment in which we can move safely. The risk is obviously that of crashing or falling down the stairs, with very dangerous consequences.
If some of the possible threats have already been identified, the remedies do not yet exist: “I think it is premature to talk about applicable technical solutions, as there is still no real unified metaverse”, explained Lorenzo Asuni, Chief Marketing Officer of Ermes. “What we can do today is to identify the typical trends of a new technology that could exploit the ingenuity and lack of attention of users. At the moment there are no defenses, if not education and personal good practices ”.
If we are truly moving a large portion of our lives into a single metaverse in the future, then it will be critically important not to repeat the cybersecurity mistakes we have made in the past.