A look at what makes up Web 3.0 and how it may be used includes insight into what kinds of cyberattacks may plague it, as cybercriminals look for new profitable opportunities.
If you’re not familiar with the term “Web 3.0”, it’s the broad-stroke way to refer to emerging technologies that include cryptocurrency, blockchain technology, decentralized applications and decentralized file storage. Researchers at Cisco recently hypothesized what it may take to secure Web 3.0 applications, infrastructure, and technologies.
Among the predictions was one I whole-heartedly believe will come true – far more quickly than any other – that includes cybercriminals finding “new ways of phishing, or social engineering designed to separate users from the contents of their cryptocurrency wallets.” We’ve already seen examples of cybercriminal activity focusing efforts on scamming victims out of their precious crypto, including token presales, crypto mining, purchases of fake mining equipment, and more.
As cryptocurrency wallets become more mainstream, I fully expect cybercriminals to focus their energies on dissecting how crypto wallets, transfers, etc. all work, looking for ways to “hack” the system – much in the same way we see a push for identifying more zero-day attacks.
It’s only a matter of time. And while most businesses don’t see any use case where they need to participate in Web 3.0, the “metaverse”, etc., it will simply be a matter of time until opportunities to make money via Web 3.0 become commonplace.
Until then, social engineering and phishing will continue to occur here in the “real world”, making it necessary for organization to have security controls in place that include continual Security Awareness Training for their users to elevate each user’s state of vigilance when interacting with potentially malicious content in email and the web.