/ Cybersecurity in the metaverse: real challenges in a virtual world

The metaverse operates in a sphere parallel to reality and is exposed to cyberattacks. Both service providers and consumers must be aware to avoid suffering privacy violations.

Jaime Urzúa W.
Associate Attorney
Alessandri Abogados

In 2022 the Cybercrime Investigation Brigade of the Chilean Investigative Police (PDI) released alarming figures: the three most investigated cybercrimes suffered, between 2020 and 2021, an increase of 30% (scams), 45% (computer sabotage) and 55% (acquisition or storage of child pornographic material). The common denominator of these crimes is that they are perpetrated using information technologies or computer tools, mostly through social networks.

The metaverse is a post-reality universe that already works. It will be a matter of time to wait and see who will be the relevant actors in this digital space that combines virtual reality and interaction between people. However, are we clear about the cybersecurity implications of the rise of this new technology?

The metaverse reflects, through internet-connected devices and augmented reality, a sphere parallel to life in the physical world. And just as, for example, one takes care of one’s belongings when visiting a shopping mall or requires access credentials to enter an office, the same will happen in the metaverse. Therefore, it is essential to be cautious from the very first minute.

Given the above figures, we can expect to see an explosive increase in the number of victims of harassment, fraud, identity theft and other common situations in the digital environment. The greater the volume of people gathered, the greater the number of cyber-attacks.

This issue must be addressed from two sides. On the one hand, service providers (who will make each metaverse available to users) must ensure that their platforms are kept up to date with the state of the art and industry best practices, especially from a technical point of view. They must also carefully regulate the terms and conditions of use of their services, according to the experience they acquire and the scenarios they have to deal with.

On the other hand, there are the consumers, users of the metaverse, who must be very alert and pay attention to the privacy and security conditions of the information they provide on the platforms. When entering completely unknown environments, they will have to act as if they were doing so in the real world. Strong passwords, control of what information is shared and with whom, and a default willingness to be aware of the value of their digital identity and assets will go a long way toward preventing them from being breached.

Young people, many of them minors, will surely be the first to embark on the metaverse. For this reason, it is essential to take due care of their integrity as individuals and safeguard the information that identifies them on the platforms they use.

Finally, since laws always advance slower than the technology they are intended to regulate, there will be a shared role between the public and private sectors: the education of users and the permanent monitoring and investigation of criminal activities.