As the world went into metaverse and crypto presenting a whole new realm of digital innovation and technology that were transforming human engagement and interactions, and set to shift the boundaries of connection and commercialisation, it was also becoming a minefield of a brand-new world of security risks, vulnerabilities and valid user concerns, according to computer security service company KnowBe4 Africa.
The company’s SVP Content Strategy & Evangelist Anna Collard said that in as much as these innovations could break the boundaries of human interaction, they were also new opportunities for fraud, cybercrime and scams. “We are not sure where the metaverse, Web3 and NFTs are going to lead, or if blockchain will remain a viable solution to support these technologies, or even what the future of these digital worlds may hold; but we do know that they are all going to need better approaches to security,” Collard said.
“There is a lot of money being invested into this field and a lot of money being stolen too. Even if it all appears over-hyped right now, we have to find ways to better protect the consumers, users and investors of these ecosystems.”
KnowBe4 Africa said that smart contracts, NFTs, dApps and cryptocurrencies were building blocks of the future metaverse and would need to be assessed more closely. It said the metaverse and its surrounding technologies could potentially evolve to provide organisations with additional places to operate and individuals with new worlds to explore, meaning that security had to play a lead role in making sure that the billions being invested were not about to be the billions being stolen.
Collard said that there were multiple definitions of the metaverse and what it meant, but even though it was primarily conceptual right now, some elements already existed. “Currently, it is an umbrella term for extended reality– virtual and augmented – and the rapid adoption and development of tools like Oculus, which made these more mainstream. Spearheaded by the gaming community, AR and VR as well as the virtual worlds or “lands” in which we can play, engage, learn or meet one another are now being readily explored by children and adults alike.”
The company said that the question here was how to ensure that these virtual realms were properly secured and protected. It said that the access granted cannot be unrestricted and current security platforms were not geared to providing the layers required to ensure that this became adequately managed. According to KnowB4 Africa, another challenge lay in the management of assets within these realms as the future of ownership is changing. It said that metaverse design principles were making things composable, which meant they could be reused across different worlds in theory. And this was said to mean that these assets had to be reliant on smart contract technologies that were secure and trusted enough to be shared and traded without compromise.
Collard said that decentralisation formed a large part of this as well, but that design principle brought with them a host of challenges. “Blockchain evolved out of the wish to remove control of finance from an unscrupulous financial services industry as a result of the financial crisis of 2008. However, decentralised finance, or “DeFi” brings with it the risk of repeating the same sins of the original unregulated banking system, and then makes it worse, such as enabling criminals and financial fraud or scams. Also consider that the main investors in this space are venture capitalists and financial services groups and the biggest mining pools are controlled by a handful of companies. So the ecosystem is not even as decentralised as it is being made out to be.”
Collard said that still, there existed many opportunities for creators, particularly in the gaming and art space, where new innovations and ideas could thrive. She said that people could pay exorbitant amounts of money to attend exclusive virtual experiences that were as elite and enticing as those that were hosted in the real world. According to her, for avatars to be bought and customised, and for worlds to be curated and designed for specific people and interests. The process of getting to their full potential was said to be still a long one that needed constant attention to ethics, security and control.
Collard said there would always be fraud and crime, especially if systems were decentralised or if people relied too much on pieces of code such as smart contracts. “At the end of the day, smart contracts are pieces of code written by people and people make mistakes. There is opportunity for vulnerabilities to be exploited on every layer. Let’s also not forget that criminals often target the users because they are the easiest to attack. This does not mean that the world should not move forward and explore these opportunities, only that we have to educate developers and users and ensure that they are aware of the risks and that security is involved from the very first step,” Collard said.
BUSINESS REPORT