The Futurian
Published in

The Futurian

What kind of cyberthreats can we anticipate from the metaverse?


Photo by XR Expo on Unsplash

The year 2021 may be recorded by future historians as the year of the metaverse. While the metaverse began the year in obscurity and as an unknown technology, it ended the year as a term familiar to the general public, accompanied by a mixture of scepticism, confusion, attention, and hype. Tech giants from all over the world, ranging from Alibaba, to Microsoft, and of course, to the newly-renamed Meta (formerly Facebook), announced their interest in the concept, investing capital toward the infrastructure and the development of the emerging technology. Much like other digital technologies, the metaverse will come with its own set of cyberthreats. This article analyzes the metaverse as an expansion of surveillance capitalist logics. Using this as a foundation, it anticipates the potential cyberthreats.

Mark Zuckerberg, the Founder and CEO of Meta, describes the metaverse as an “even more immersive and embodied internet” in which “you’re gonna be able to do almost anything you can imagine — get together with friends and family, work, learn, play, shop, create — as well as entirely new categories that don’t really fit how we think about computers or phones today.”[1] The immersive metaverse environment will make use of AR and VR technologies to provide 3D telepresence to users, who will represent themselves as avatars in the metaverse environment.

However, one important question arises: why the metaverse? Why are tech companies investing billions of dollars and why is Mark Zuckerberg staking the future of his company on the concept? The metaverse can be analyzed as an expansion of surveillance capitalism. As Shoshana Zuboff writes in her ground-breaking The Age of Surveillance Capitalism, the business model of surveillance capitalist tech giants, of which Meta (formerly Facebook) is one of the primary examples, is selling user data.[2] Users are the raw materials that generate data to sell to the real customers, who are advertisers and other companies. And according to Nick Srnicek in Platform Capitalism, the popular platform business model (e.g., Uber, Meta, Airbnb, etc.) has emerged to capitalize on the value of data. On platforms, users interact and produce user-generated content through their interactions, while the platform businesses record and extract user data.[3] Viewed through this lens, the metaverse emerges as a platform on which users interact and generate rich behavioural data, which is then recorded, analyzed, and sold by surveillance capitalist tech giants to other companies.

Given our analysis thus far, we can make some reasonable speculations about the potential cyberthreats of the metaverse and its risks to users, companies, and society. By extrapolating the risks of current social media platforms to the future, we find two such vulnerabilities: the theft of user data, and fake news.

One does not have to look far for examples of the first vulnerability, the theft of user data. Just last year (2021) in April, an internal email from then-Facebook (now Meta) was accidentally sent to the press, which revealed that the user data of 533 million users was leaked. Leaked data included phone numbers, full names, and locations. The metaverse could be vulnerable to a similar leak of user data. While large-scale breaches capture the public imagination, they do not represent the common experience of cyber-crime. Most attacks are not large grandiose feats of hacking ingenuity, but petty crimes and psychological manipulations of trust. Just as it is currently the case on social media platforms, phishing scams, which trick users to voluntarily provide hackers personal information and account information, may be the primary means of cybercrime. Additionally, given Zuckerberg’s ambitions for the metaverse as a immerse virtual location for work, for play, for commerce, and for life, a lot more may be at stake — data could include a hodgepodge bag of credit card numbers, personal account data, and confidential organizational secrets.

The logics of surveillance capitalism also contain the seeds of another cyberthreat: fake news and misinformation. This is a novel affliction among social media platforms and their unending thirst for user data. Social media platforms are agnostic toward the source of the data. User data is a good that is quantitatively justified, and misinformation and fake news is a gold mine for user interactions and user data. For example, recent research by researchers at New York University and France’s Universite Grenoble Alpes have found that, compared with legitimate news articles, misinformation and fake news received six times as much engagement.[4] If the metaverse is beholden to a similar set of incentives, and there is no fundamental change to the business model, then we could anticipate a similar translation of misinformation and fake news. Similar to the devolution of Facebook into its current form, information that is flashy, fake, and without substance might thrive in the new metaverse environment.

With all this said, it is important to restate that the metaverse is still a concept in development, and a technology with several unknowns. This article framed the metaverse by analyzing it through surveillance capitalist logics, where user data is the raw material that is sold for profit to other companies and organizations. By doing so, the article identified two potential cyberthreats in the metaverse: one, the theft of user data and two, fake news and misinformation. Both are related to the current cyberthreats that plague the social media platforms of today. However, we end with a reminder that this is speculation and not a prediction. The metaverse may come with new, unimaginable cyberthreats, given its unprecedented and novel form. Alternatively, the metaverse may be motivated by alternative logics (not surveillance capitalist logics) with a distinct set of cyberthreat challenges. The task before us is to continue to observe and to stay alert to these developments.

© Kevin Jae 2022


[2] Zuboff, S. (2018). The Age of Surveillance Capitalism. Profile Books.

[3] Srnicek, N. (2017). Platform Capitalism. Wiley.




Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store