Emerging metaverse security and privacy threats

The metaverse has captured everyone's imagination – including mine – particularly as we start think through the economic and social possibilities that it can unlock.  As with most things though, there are also risks and threats; and, as companies and governments think through the great potential, they should also consider potential risks.  

The below are a summary of some of the emerging threats that may appear as we move more and more of our interactions to the metaverse:

1. Identity theft.  As one's digital persona starts to accumulate more and more digital assets, reputation, or as more and more interactions move to the metaverse, there will be increasing thefts of people's digital identities.   This is, in some sense, the most obvious threat and is an extension of a phenomena that we see in the contemporary web environment.  
2. Digital asset theft.  "Not your keys, not your coins", goes the popular adage.  As more and more value is created and represented in the metaverse, much of it on blockchains, the theft of private keys will give thieves access to digital property.  This could range from the theft of cryptocurrencies to tokens representing ownership of some real world asset to even assets, such as non-fungible assets, that give someone access to some physical infrastructure, such as a token that is used to open a building or facility.
3. Impersonation.  If our interactions in the metaverse are through avatars then impersonation becomes easier – regardless of whether it is a photo-realistic avatar or a cartoon.  If someone can assume the physical appearance of someone else and interact in the same metaverse, they may be able to manipulate others, spread disinformation, or create other forms of social and economic disruption.
4. Identity leakage.  As we interact via different avatars, such as one for work, one for social media, and one for family, the risk of leakage of both real identity increases; as does the risk of linkages being established between each avatar through disclosures or behavioural similarities.  One of the great benefits of the metaverse is the ability to engage in what some have called the pseudononymous economy and mitigate the well-known risks of "mob attacks", doxing, and "cancellation" for expressing unpopular opinions online; but, if there are not technologies to protect leakage, it is possible that people might be lulled into a false sense of confidence.  For example, they could inadvertantly turn up to their virtual work environemnt in the persona – i.e. avatar – that they use for political or social interactions.  
5. Surveillance.  Surveillance may occur via other avatars in the metaverse watching, eavesdropping, or tracking an individual or it may occur via the platforms themselves.  Given the nature of the interface, people may not necessarily be aware of how their interactions are being processed; believing, for example, that just becuase two people are "alone" in a virtual room, that nobody is able to listen or see.  This eavesdropping could, of course, happen via the platform operators, via a compromise of the platform, or, for example, new exploits that might emerge in this medium.
6. Manipulation.  If people think "bots" on social media amplifying views or spreading disinformation is a problem, wait till we start seeing computer-generated/controlled avatars in the metaverse that start interacting with us or with children to promote certain views, influence our opinions, or spread disinformation.
7. Digital vandalism.  For a long time, there has been the concept of digital vandalism in the various multiplayer gaming platforms that allow user-created content, such as Minecraft.  This could be other participants entering a space and destroying it or otherwise disrupting an event or gathering ("griefing").  
8. Harvesting of biometric data. Given the nature of the interface to the metaverse (e.g. virtual reality headsets and haptic gloves), there is a possibility for platforms and/or others to harvest biometric data such as retinal images or finger prints.  This could happen at a platform-level or through the compromise of the end-user device itself.  The harvested data could be used to gain access, for example, to bank accounts or similar.
9. Compromise of physical end user devices.  As above, if a device is compromised, many things will become possible, from deanonymisation of a person's physical location, capturing video data of their surrounding environment, "sniffing" of conversational, behavioural, and other data,  to manipulating the content presented to the user.  In an extreme case, a person could be presented a virtual world that is entirely created for nefarious purposes such as to lur the person to disclose confidential information.
10. Attacks on digital twins.  One of the more interesting use cases of the metaverse is to create digital twins that someone can interact with virtually whilst it is connected to the physical object.  If someone can manipulate the digital twin, a human operator could make changes to its configuration or operations that have real-world consequences.  For example, shutting down electricity in a plant because the digital twin falsely presents a set of failure conditions that lead the operator to take this action.
11. "Human joystick" attack.  IEEE recently published a paper about what is called the "human joystick attack".  The basic idea is that when someone is fully immersed in a virtual world wearing, for example, a headset that prevents them from necessarily knowing where they are are physically, the virtual environment presented to them could lead them to move physically in a way that either damages property or puts the individual in danger.  For example, leading a person to walk off the balcony of a building or fall down stairs.