Cryptocurrency Security! How to Keep Your Digital Wallet Private

Cryptoasset Report

1.9 million of adults in the UK own some form of cryptoasset (e.g. Bitcoin, Ethereum) according to a survey in the cryptoasset consumer research 2020 report by the Financial Conduct Authority (fca.org.uk). The report raises some interesting statistics including that, close to half of respondents admitted to buying cryptocurrency as an investment gamble, likely after seeing an ad and in the knowledge that Bitcoin is trading at $10,550 up a tad from a mere $13.50 in 2013.

Investment Risk

On the investment risk side, most investors likely know that regulatory protections are non existent, they are not covered for events like hacking from the Financial Services Compensation Scheme which guarantees up to £85,000 on UK bank accounts for example. Some are less aware until something bad happens that transactions cannot be reversed and providers will not event attempt to claw-back money for you or reimburse you for losses.

An interesting story from a BBC correspondent entitled ‘How I lost £25,000 when my cryptocurrency was stolen’ “Read the story here” gives us a first hand look of the struggles he endured even after reporting the emptying of his digital wallet to the action fraud national agency actionfraud.police.uk This brings us to more into the security side of cryptocurrency.

Blockchain

“Wherever there is Gold, There is a Chain” (Alice Walker). On the security side, cryptocurrency uses blockchain, consent algorithms and the distributed ledger technology (DLT) as a robust and so far un-crackable method of securing the path of crypto coins. Security is enhanced by using a decentralized database approach which leaves records distributed across multiple parties in a transaction making it harder to compromise. The technology also leverages a new hash being generated in every hope of the transaction chain which is where the term blockchain is derived.

Digital Wallet Privacy

Cryptocurrency has seen some high profile hacks over the last number of years. Kapersky shares an article on 4 different attack types crypto hacks and apriorit.com blockchain attack vectors where they talk about 51% attacks, network attacks, double spending, phishing and malware and others which are mostly aimed at the cryptoexchange, (institutional level) or network level. Naturally enough hackers are after the big money hacks, but there are lots of instances at the personal wallet level which are less documented but still all too common.

Phishing, malware, dictionary attacks and social engineering just like in most other cybersecurity attacks feature strongly as Modus Operandi for attackers at the personal level. Hence, protecting the digital wallet which holds private keys for crypto transactions is the be all and end all when it comes to digital wallet privacy and security. Whoever has these keys controls the cryptoasset and can sell or move it to their own device.

In the realm of risk mitigation, staying away from public wifi, mindfulness when handling email (could this be dodgy as their asking for something), backing up your wallet to offline storage are key. Best practice when protecting you data privacy and security includes key encryption, multi factor authentication (pass phrase and text message) , use of H/W wallets, updating your anti-virus and bitcoin wallet software itself.

Multi-Signature

A more advanced method is gaining traction called multi-signature is gaining transaction; “it involves an approval from a number of people (say 3 to 5) for a transaction to take place. Thus this limits the threat of theft as a single controller or server cannot carry out the transactions (i.e., sending bitcoins to an address or withdrawing bitcoins). The people who can transact are decided in the beginning and when one of them wants to spend or send bitcoins, they require others in the group to approve the transaction.” (e.g. bitcoin safe storage cold wallet)

Conclusion

Protecting your cryptoasset is more about a mindset and taking time to review possible risks, not just the investment risks. Data privacy and security like your online identity and reputation need to be protected. A good place to start is to read and enact the platform recommendation (e.g. Bitcoin security recommendations) and to be mindful when and where your transact bitcoin. Public Wifi is not great nor is using a shared PC for example, so keep your guard up as always.

Article by – Paul Rogers CISSP, CIPP/E | Data-Privacy.ie | All Rights Reserved 2020

Further Reading:

Bitcoin Advice on securing your wallet:
https://bitcoin.org/en/secure-your-wallet#everyday

‘What is blockchain’ – Talks about DLT “Distributed Ledger Technology”
https://www.r3.com/blockchain-101/

Stay Tuned for Future Posts by following Paul Rogers on Linkedin

While your here, why not visit our consulting services page to see how we can help transform your data privacy program by clicking the link below!