The concept of a future Web3 powered Metaverse may be exciting and full of potential, but it is also fraught with risk and should be approached with caution.
This is according to Anna Collard, SVP of Content Strategy and Evangelist at KnowBe4 Africa, who was speaking during a webinar hosted by KnowBe4 on Securing the Metaverse and Web 3.0.
Collard said the a future Metaverse concept, foresees an immersive world bringing the physical world into the digital space, powered by extended reality, virtual worlds, blockchain and Web 3.0 with dApps, and assets such as NFTs and DeFi. Because the environment is new and developing at rapid pace, most of the potential risks and pitfalls are not wildly understood yet, she said.
A poll of webinar participants revealed that only 27% were fully aware and understood the Metaverse and Web 3.0, while 60% were aware of the terms but did not fully understand the concepts, and 11% did not know what they were.
Collard explained: “Blockchain proponents claim that Web 3.0 is will be a new and more egalitarian version of the internet that will power the Metaverse and its virtual worlds. This next generation of the internet will supposedly be more autonomous and decentralised than Web 2.0.”
She said: “Esports and eGaming are already huge, with over 3.24 billion people playing online games across the globe in 2021, according to Statista. People are spending real money buying digital goods in these virtual worlds, and spending time with their online gaming friends in VR. In contrast, there are other virtual worlds, such as the alo world, where people can participate in yoga and mindfulness exercises. The Metaverse and Web 3 ecosystem populated by a broad range of people and entities – individual and institutional investors, decentralised finance solutions (DeFi providers), venture capitalists, artists and content creators, gamers and influencers, even governments and big corporates, and unfortunately also by large numbers of scammers, criminals, trolls and opportunists.”
These worlds were expanding and becoming increasingly important, she said.
“Gartner predicts that by 2026, 25% of people will spend an hour a day in the Metaverse, and it is expected that billions will be spent in this environment. In South Africa, a World Wide Worx report found that 16.1% of South Africans participated in a virtual world in the past year,” Collard said.
A recent KnowBe4 – ITWeb Metaverse, NFTs, Blockchain and Web 3.0 Survey found that 36% of those polled plan to participate in the Metaverse in future, mainly for collaboration (29%), education (25%), investment (22%) and advertising (19%). Only 18% are currently making use of Blockchain, mainly for payments (33%), secure information exchange (27%), supply chain management (17%) and investments (13%).
Risks in the Metaverse and Web 3.0
“The survey participants were enthusiastic about the potential for the Metaverse and Web 3.0, and were being proactive about securing the environment,” Collard said. 57% of those polled said they were excited about the opportunities of Web 3.0 and 53% were personally interested in connecting with others via a virtual world. Up to 50% were optimistic about cryptocurrency or had already invested in crypto. 30% said they planned to update their security plans and 27% said they were considering the Metaverse, Blockchain and Web 3.0 in their security plans.
“Security vulnerabilities exist at every layer, and what makes me nervous about it is that a lot of developments are happening without people thinking about the potential security issues,” she said. “The environment is full of opportunists and there is a lot of potential for scammers to take advantage of it.”
Collard said some of the biggest risks are social engineering, including phishing attacks and investment scams. Smart contract vulnerabilities, software bugs and business logic errors.
“It is a bit like the Wild West at the moment: every day there are reports of millions being stolen. For example, more than $1.6 billion has been exploited through DeFi protocols alone this year, and OpenSea says over 80% of NFTs created for free on its platform are plagiarised, fake or spam,” she said.
Regulators and security professionals need to move to secure this environment and help our companies and communities to navigate this space safely, she said.
Criminals have entered the space first, and it will take a while for regulators, organisations and individuals to catch up, Collard said. “It’s a complicated environment, so it can be harder for individuals to avoid the risks,” she said.
Collard said regulators needed to apply existing rules to central organisations and DAOs in the new environments, regulate influencers, protect vulnerable groups and collaborate on new international rules. Organisations should carry out thorough risk analyses before participating in the Metaverse and Web 3.0. They should also do security audits before releasing smart contract code, run frequent penetration testing and train users about immersive world risks. For users, she advised that they be aware of the risks of social engineering attacks, the latest cryptocurrency and NFT based scams, and protect their wallets.
Share