How to protect your cryptocurrencies
Blockchain technology is seeing increasingly wide use internationally, but security issues are becoming a major problem. In the wake of targeted attacks at cryptocurrency holders and wallets, and cryptocurrency exchanges, there’s a growing need for security measures designed to help keep your wallets and coins safe.
Blockchain is a public ledger of transactions, or “blocks,” which can only be updated by consensus between users in the system. Because blockchains are decentralized and distributed across peer-to-peer networks that aren’t contained in a central location, they cannot be changed from a single computer.
Blockchain technology has the possibility to solve data breach problems by removing many of the risks involved in the storage and access of digital content. As a decentralization technology in which users can remain anonymous, blockchain makes regulation difficult and allows for potential security threats. Despite the benefits of blockchain, even the best-designed blockchain systems are not immune to attack.
In fact, blockchain technology proved to be hackable long ago. The first widely publicized hack involved bitcoin — the original and most prevalent application of blockchain. Back in 2010, a hacker manipulated a bug in bitcoin’s software to generate a block that contained 92 billion bitcoin, which is 91,979,000,000 more bitcoin than the intended cap on bitcoin supply. The unknown attacker simply exploited bitcoin by flooding the code to create an extremely large amount of bitcoin.
More recently, one of the biggest attacks on blockchain technology occurred in Tokyo in January 2018. The Japanese exchange Coincheck confirmed that more than $500 million worth of digital coins were stolen.
The stolen coins were stored in a “hot” wallet that was connected to the internet, and the hackers were able to steal the private key for the wallet. It is significantly more secure to keep funds offline, in “cold” storage — hardware wallets that are dedicated devices that offer an additional layer of security. As described below, the use of multiple keys is much more secure and should be used with all cryptocurrencies.
No matter how secure a blockchain protocol is, it does not exist in a vacuum. The cryptocurrency hacks recently driving data security headlines are usually failures where blockchain systems connect with the real world.
What can you do to keep crypto assets safe?
Use a multisignature address
One solution, known as a multisignature address, requires more than one cryptographic key in order execute a transaction. It is similar to a multifactor authentication process sometimes used to access e-mail accounts. Every public cryptocurrency address is associated with a private key, which is needed to move money from that address. So, if someone manages to acquire your private key, that person can access and distribute your money. Using multiple keys will make it substantially more difficult for unauthorized users to access funds.
Use hardware wallets
Wallets are used to store cryptocurrency. The wallet does not actually hold your coins; rather, it holds the private key that allows you to access your coin address. There are different types of wallets, each with varying levels of security. The safest option is a hardware wallet kept offline in a secure place. Hardware wallets can be stolen or lost, however, along with the coins that belong to the stored keys in the wallet. The least secure option is an online wallet, since the keys are held by a third party and you can generally access your coin from any device if you know the password(s). Whatever option you choose, back up everything if possible.
Reduce human error
While the security of most cryptocurrencies themselves remains intact, the security of the wallets, exchanges, and third-party services around these cryptocurrencies introduce additional risk. Billions of dollars’ worth of bitcoin and other cryptocurrencies have already been stolen from the compromised accounts of individuals and exchanges.
The attacks to cryptocurrency have shown that humans are often the weakest link in cybersecurity. As is true with all data security, avoid reusing passwords, beware of phishing scams, and be careful whom you entrust with access to your keys, wallets, and passwords.
Taking these measures will give your blockchain network the added security it needs to prevent attacks.
Natalia Kruse is an attorney with Husch Blackwell. Based in the firm’s Madison office, she focuses her practice on commercial litigation and technology.
Click here to sign up for the free IB ezine — your twice-weekly resource for local business news, analysis, voices, and the names you need to know. If you are not already a subscriber to In Business magazine, be sure to sign up for our monthly print edition here.