The metaverse wants its zombies — and yes, they can get you IRL

The metaverse wants its zombies — and yes, they can get you IRL

Check out all the on-demand sessions from the Intelligent Security Summit here.


Many of us have seen this scene in so many zombie movies: A howling horde advances on the outpost in the form of one roaring, crawling pile of tortured flesh. “There are too many of them! Fall back!..” Shots, now stuttering and distant. A mad staccato of the last survivor’s frantic run for it… Then, finally, silence.

Mēris (Latvian for “plague”), a modified version of the infamous Mirai botnet, brought around 250,000 “zombies”, or compromised devices, to the party last summer, and the attack they carried out would have put the stage above to shame. According to researchers, the botnet was capable of sending as many as 21.8 million requests per second to its victims, crashing their overloaded servers in a massive Decentralized Denial-of-Service (DDoS) attack.

DDoS attacks rose by 37% in 2021, according to a recent report. Botnets consisting of hacked Internet of Things (IoT) devices are an important attack vector. And the truth is, this is just the beginning. Some of the processes uncovered on today’s technology scene can play into the hackers’ hands and set the stage for attacks of a whole new volume.

Ever since Facebook’s parent company changed its name to Meta, entire sections of the tech scene have been abuzz with talk of the metaverse, a VR/AR fused amalgamation of the real and virtual worlds. In practical terms, at least for now, that means wearing a funny helmet while in a business meeting with animated 3D cartoons of your investors.

Event

GamesBeat Summit: Into the Metaverse 3

Join the GamesBeat community online, 1.-2. February, to examine the findings and new trends within the metaverse.

Register here

In even more practical terms, this means more connected devices everywhere, both on the corporate premises and at home. The bare minimum to run your business through the metaverse—that is, Zoom—requires just two smartphones, but there’s a reason the conference camera market recently exploded. You want a sharp picture and good sound on your calls, so you get the smart equipment that can deliver. Security is also a must, so a few body heat sensors would also be useful, and motion sensors as well to prevent overcrowding. Connect all of this to a data platform to gather the sensor feed and build a comprehensive management solution, and you’re in the green.

Transforming an office, manufacturing site, power plant, or other business or industrial facility into a metaverse hub is currently a very distant prospect. However, it’s likely to mean bringing in a whole lot of connected devices. Headsets, which are not yet ubiquitous; sensor-equipped wearables for better VR/AR controls; and wall-mounted sensors must all be part of the picture if we are no longer content to experience the digital world on an ordinary screen. Even before the metaverse dream took hold, the market for IoT devices was soaring, and the emergence of the metaverse would only kick the process into a higher gear.

Now, the bad news. We might want to cool our heads a bit and take a deep breath before going on a metaverse-induced IoT shopping spree, because all too often we can’t even properly protect the devices that are already in place.

See also  ASICS Taps STEPN to Launch Running Shoes, Solana NFT Collections

Ghosts in the machine

The IoT market has a major security problem. Poor management of connected devices ranked first on the list of IT professionals’ security concerns in a recent survey. Rightfully so, it seems that in the six months from January to June 2021 alone, hackers managed to compromise around 1.5 billion IoT devices, a massive increase from 2020. Some of these hacks may amount to nothing more than a harmless joke, but others result in actual data loss and associated expenses. And the latter are the ones that companies often prefer to keep quiet about, so there is a certain fog of war at play here.

However, even from what we know, a successful attack routed through or directed at a connected device could cause serious damage. It can bring down the power grid, shut down assembly lines or offer attackers a cozy view of the target’s inner workings through the eyes of hijacked cameras.

By the same token, the proliferation of potentially vulnerable devices likely means we’ll see even more massive botnets in the future. Their ability to destroy websites and online services is already troubling enough in a world where the SaaS model is emerging as the dominant software market. If your customers need to connect to your server, either on-premises or in the cloud, to use your services, an attack that strikes it is targeting the very core of your business.

Furthermore, botnets can do more than spam connection requests on whatever target their overlords happen to dislike. A botnet can work to spread malware, making it a force multiplier in a larger attack. It can harvest sensitive data from its army of zombified devices for espionage or blackmail, or as an intelligence-gathering tool for a targeted phishing attempt. There are even more exotic options for smart hackers to try, such as interfering with the power supply of a specific network, which is potentially fatal in harsh winter conditions.

See also  Russian hackers launched attacks on three US nuclear research laboratories, Reuters investigation says

The push for the metaverse, should it ever come to fruition, will not in itself create fertile ground for the rise of the largest botnet ever, as this trend has already been a long time in the making. However, without the necessary precautions and safety protocols in mind, it could be the final push that sets off a roaring avalanche – so we should start preparing to fight these zombie hordes now.

Brad Yasar is the founder and CEO of EQIFI.

Data Decision Makers

Welcome to the VentureBeat community!

DataDecisionMakers is where experts, including the technical people involved in data work, can share data-related insights and innovation.

If you want to read about cutting-edge ideas and up-to-date information, best practices and the future of data and data technology, join us at DataDecisionMakers.

You may even consider contributing an article of your own!

Read more from DataDecisionMakers

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *