Bitcoin is under threat from hackers as its price surges but they can be stopped

Cyber security experts say the best way to store cryptocurrencies is on a ‘cold’ wallet

Aatif Sulleyman
Saturday 13 January 2018 14:26
Comments
What is Bitcoin and why is its price so high?

More and more people are looking to invest in cryptocurrencies as a result of bitcoin’s recent price surge, but by doing so they could become prime targets for cyber criminals.

Multiple cryptocurrency exchanges have been hacked in the past, resulting in the theft of thousands of bitcoin – which would be worth millions of dollars today.

What’s more, since bitcoin transactions are irreversible, if any of your holdings were to leave your wallet, you won’t simply be able to get a refund.

Fortunately, there are steps users can take to protect their bitcoin.

:: The Independent’s bitcoin group is the place for the best headlines and discussion of all cryptocurrencies. Like it here for the latest on how people are making money – and losing it

Security experts recommend storing them offline.

If you purchase bitcoin through an online exchange and choose to store them there too, your security lies in the hands of whichever service you use. If the exchange is hacked – something that isn’t uncommon – the currency you own could be stolen.

That’s because the exchange will hold users’ private keys, long strings of characters that grant access to people’s cryptocurrency holdings. If a hacker managed to get their hands on a private key, they’d be able to steal the bitcoin associated with it too.

“The ever increasing value of cryptocurrencies, especially bitcoin, makes them a very attractive target to cybercriminals, who use various methods to get their hands on them,” malware expert Alexey Malanov, of Kaspersky Lab, told The Independent.

“There have been several huge hacks of cryptocurrency exchanges in the past and the trend will only continue.”

He adds that bitcoin owners “are advised not to store their money on services”.

Users should instead store it offline, on a so-called “cold” wallet, and take care of their private keys themselves.

Something as simple as a USB or an external hard drive can be used as a “cold” wallet.

“The safest way for users to store their bitcoin is to use offline wallets which are not connected to a computer,” Symantec threat researcher Candid Wüest told The Independent.

Strangely enough, one of the best defences available is paper.

Experts recommend keeping their private keys off a computer or online service. Writing it out on a piece of paper could actually offer better protection, as long as it is stored in a safe place.

If a user was to lose it, however, they won’t be able to access their bitcoin either.

Cameron and Tyler Winklevoss, who own hundreds of millions of dollars worth of bitcoin, store their fortune on a “cold” wallet. They also keep their private key offline, and say they’ve cut the piece of paper it’s printed on into several pieces, which are stored in banks around the US.

Kapersky Lab’s Mr Malanov believes cryptocurrency services should divide deposits into “hot” and “cold” wallets, to protect investors.

“The ‘hot’ wallet should store a minimal amount for daily withdrawals in automatic way, while the ‘cold’ wallet should store the rest of the money and should be operated manually and accessed only when the ‘hot’ wallet has not enough funds left,” he says.

“We also recommend protecting the ‘cold’ wallet with multiple signatures so that only several owners jointly can move the money. Each user holding only one key out of several will keep the money safe.”

Bitcoin can also be stored on a hardware wallet, the likes of which are sold by the likes of Trezor or Ledger. They’re designed to be straightforward to use, and offer additional layers of protection in the form of PINs and seeds.

“As long as the wallet is not connected to a computer, it is safe from attacks as well,” says Mr Wüest.

“But users should pay attention and only buy these devices from trusted sellers, as there have been cases where the device itself has been compromised before it was sold.”

While this method is secure, it comes at the cost of convenience.

“The downside of this method is that it often takes a while to be able to re-activate the bitcoin so if its value drops, users might not be able to react quickly,” says Mr Wüest.

As suggested by Mr Malanov, a sensible move for investors could be to transfer the main bulk of their holdings to a cold wallet, but keep a small amount that they’d be prepared to lose on an exchange service.

“You should use strong passwords to access these wallets, and if you do plan to use a hardware wallet be sure to actively monitor security research to determine if it is as secure you think it is when you purchased the item,” says Raj Samani, McAfee fellow and chief scientist.

We’ve teamed up with cryptocurrency trading platform eToro. Click here to get the latest Bitcoin rates and start trading. Cryptocurrencies are a highly volatile unregulated investment product. No EU investor protection. 75% of retail investor accounts lose money when trading CFDs.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Please enter a valid email
Please enter a valid email
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Please enter your first name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
Please enter your last name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
You must be over 18 years old to register
You must be over 18 years old to register
Opt-out-policy
You can opt-out at any time by signing in to your account to manage your preferences. Each email has a link to unsubscribe.

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged in