Recently, the largest cryptocurrency, Bitcoin, rose to more than $12,000 in trading value, which is its highest level since August 2019. The price swings of cryptocurrencies are erratic, attracting both investors and cybercriminals. Since its inception in 2009, there have been numerous hacks and heists reported on cryptocurrency exchanges and crypto wallets. According to the “2019 Cryptocurrency Anti-Money Laundering (AML)” report from blockchain security firm CipherTrace, cryptocurrency crimes across the world hit over $4.3 billion in 2019. Cybercriminals robbed over $125 million in Ethereum, Bitcoin, and other digital currencies from different cryptocurrency exchanges in 2019.
By Rudra Srinivas, Feature Writer, CISO MAG
The threat to your digital currencies is mainly through cryptocurrency wallets (digital wallets) or exchange providers. A crypto wallet does not store your digital coins, but it holds a private key, which allows you to trade cryptocurrency online. This private key is your digital identity to the cryptocurrency market and anyone who gets hold of this can perform fraudulent transactions or steal your crypto coins. Cybercriminals use sophisticated techniques to compromise digital wallets and steal/transfer crypto assets without the user’s knowledge. Securing your wallet is essential when it comes to protecting your digital currency against cyberattacks.
Here are some of the ways to secure your cryptocurrency:
1. Use a Cold Wallet
Unlike hot wallets, cold wallets do not connect to the internet therefore, they are not prone to cyberattacks. Storing your private keys in a cold wallet, also known as a hardware wallet, is the most viable option as these come encrypted, keeping your keys secure.
In 2019, the Japanese exchange BITpoint discovered an unauthorized withdrawal of $32 million from its hot wallet in different cryptocurrencies targeting more than 50,000 users. The exchange held five cryptocurrencies in its hot wallet: Bitcoin, Bitcoin Cash, Ethereum, Litecoin, and Ripple. However, BITpoint clarified that its cold wallet and cash holdings were not affected in the incident.
2. Use Secure Internet
While trading or making crypto transactions, use only a secure internet connection and avoid public Wi-Fi networks. Even when accessing your home network, use a VPN for additional security. A VPN changes your IP address and location, keeping your browsing activity safe and private from threat actors.
3. Maintain Multiple Wallets
Since there is no limitation for wallet creation, you can diversify your cryptocurrency investments in multiple wallets. Use one wallet for your daily transactions and keep the rest in a separate wallet. This will protect your portfolio and mitigate the loss of any breach to your crypto account.
4. Secure Your Personal Device
Make sure your personal device is up to date with the latest virus definitions to defend against newly discovered vulnerabilities. Use a strong anti-virus and firewall to improve your device’s security to avoid hackers from taking advantage of the weakness by writing code to target the vulnerability.
5. Change Your Password Regularly
We cannot underrate the importance of a strong password while talking about security. According to a study, three-quarters of millennials in the U.S. use the same password on more than 10 devices, apps, and other social media accounts. It also stated that most of them were using the same password in over 50 different places. Make sure you have a strong and complex password, which is difficult to guess, and change it on a regular basis. Use separate passwords if you have multiple wallets. Opt for two-factor authentication (2FA) or multi-factor authentication (MFA) for additional security.
6. Don’t Get Phished
Phishing scams via malicious ads and emails are rampant in the cryptocurrency world. Be careful while making crypto transactions and avoid any suspicious and unknown links.
In a recent cryptocurrency heist, a hacking group “CryptoCore” targeted cryptocurrency exchanges via spear-phishing campaigns. Attackers stole cryptocurrency worth $200 million in two years, targeting companies in the U.S. and Japan since 2018. ClearSky stated that CryptoCore initiated a reconnaissance phase to identify the email accounts of the cryptocurrency exchange’s employees and security executives before conducting a spear-phishing attack. These attacks were performed using fake domains impersonating affiliated organizations and employees, and by embedding malicious links in documents via emails.
The cryptocurrency industry is constantly evolving, and it is your sole responsibility to protect your digital funds by securing your wallet with essential safety precautions. Update yourself with the latest security news, attack techniques, and prevention strategies.
About the Author