Dr Igor MUTTIK, McAfee Labs, edited a document entitled “Securing Virtual Worlds Against Real Attacks”. The document is interesting. It is very IT security oriented in that it works on the traditional problems related to IT in a client server environment. The only specificity to the Virtual Worlds is the fight against cheating applet. Thus, only good advises but nothing revolutionary. In other words, he did not explore the new threats specific to Virtual Worlds (and there are many).
Nevertheless, he gives interesting advises for potential researchers for in-game threats. They will need
- better than average knowledge of the environment
- better access to the environment
- clearance from the employer to run tests for malware in various gaming environments. This need of clearance is applicable to any researcher who handles malware.
- enough demand from customers to justify research and development for such security solutions. For him, customers are the gamers. this is a typical bias coming from an anti-virus company. the customer is the end user. I believe that the customers are the game editors. If their game will be plagued by security flaws, making it not fun to play, then gamers will escape to another world.
Virtual worlds will be under fire of typical malwares but also new threats specific to them. Gamers will request their favorite virtual world to be safe (from the computing environment point of view, not from the game play point of view). There is a need to study these problems with a scope larger than traditional IT security