What is the metaverse?
Right now, there is no definitive answer. There are plenty of differing opinions about what the metaverse is and how it fits into the bigger picture of the internet. But the metaverse is still in the early days of development, and many companies are creating new technologies to carve out their nook in this immersive virtual landscape.
For now, we can define the metaverse as a cloud distributed, multi-vendor, immersive-interactive operating environment that users can access through different categories of connected devices (both static and mobile). It uses Web 2.0 and Web 3.0 technologies to provide an interactive layer on top of the existing Internet. As proposed, it is an open platform for working and playing inside an extended reality environment, and it will also be a communications layer for smart city devices.
However, given the changing circumstances, we fully expect our definition to evolve as the metaverse concept evolves. Of course, this uncertainty makes securing the environment much more complicated.
It is difficult to identify cyberthreats for a space that doesn’t fully exist yet — and may not even be realized in the form that we envision. But, analyzing the nature of the technology and taking into account the current cybercriminal landscape, we were able to conceptualize several critical threats against and inside the metaverse. Our research paper fully outlines these threats, but we present a few use cases in the following sections.