Bitcoin is under threat from hackers as its price surges but they can be stopped

Cyber security experts say the best way to store cryptocurrencies is on a ‘cold’ wallet

Aatif Sulleyman
Saturday 13 January 2018 09:26 EST
Comments
What is Bitcoin and why is its price so high?

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

More and more people are looking to invest in cryptocurrencies as a result of bitcoin’s recent price surge, but by doing so they could become prime targets for cyber criminals.

Multiple cryptocurrency exchanges have been hacked in the past, resulting in the theft of thousands of bitcoin – which would be worth millions of dollars today.

What’s more, since bitcoin transactions are irreversible, if any of your holdings were to leave your wallet, you won’t simply be able to get a refund.

Fortunately, there are steps users can take to protect their bitcoin.

:: The Independent’s bitcoin group is the place for the best headlines and discussion of all cryptocurrencies. Like it here for the latest on how people are making money – and losing it

Security experts recommend storing them offline.

If you purchase bitcoin through an online exchange and choose to store them there too, your security lies in the hands of whichever service you use. If the exchange is hacked – something that isn’t uncommon – the currency you own could be stolen.

That’s because the exchange will hold users’ private keys, long strings of characters that grant access to people’s cryptocurrency holdings. If a hacker managed to get their hands on a private key, they’d be able to steal the bitcoin associated with it too.

“The ever increasing value of cryptocurrencies, especially bitcoin, makes them a very attractive target to cybercriminals, who use various methods to get their hands on them,” malware expert Alexey Malanov, of Kaspersky Lab, told The Independent.

“There have been several huge hacks of cryptocurrency exchanges in the past and the trend will only continue.”

He adds that bitcoin owners “are advised not to store their money on services”.

Users should instead store it offline, on a so-called “cold” wallet, and take care of their private keys themselves.

Something as simple as a USB or an external hard drive can be used as a “cold” wallet.

“The safest way for users to store their bitcoin is to use offline wallets which are not connected to a computer,” Symantec threat researcher Candid Wüest told The Independent.

Strangely enough, one of the best defences available is paper.

Experts recommend keeping their private keys off a computer or online service. Writing it out on a piece of paper could actually offer better protection, as long as it is stored in a safe place.

If a user was to lose it, however, they won’t be able to access their bitcoin either.

Cameron and Tyler Winklevoss, who own hundreds of millions of dollars worth of bitcoin, store their fortune on a “cold” wallet. They also keep their private key offline, and say they’ve cut the piece of paper it’s printed on into several pieces, which are stored in banks around the US.

Kapersky Lab’s Mr Malanov believes cryptocurrency services should divide deposits into “hot” and “cold” wallets, to protect investors.

“The ‘hot’ wallet should store a minimal amount for daily withdrawals in automatic way, while the ‘cold’ wallet should store the rest of the money and should be operated manually and accessed only when the ‘hot’ wallet has not enough funds left,” he says.

“We also recommend protecting the ‘cold’ wallet with multiple signatures so that only several owners jointly can move the money. Each user holding only one key out of several will keep the money safe.”

Bitcoin can also be stored on a hardware wallet, the likes of which are sold by the likes of Trezor or Ledger. They’re designed to be straightforward to use, and offer additional layers of protection in the form of PINs and seeds.

“As long as the wallet is not connected to a computer, it is safe from attacks as well,” says Mr Wüest.

“But users should pay attention and only buy these devices from trusted sellers, as there have been cases where the device itself has been compromised before it was sold.”

While this method is secure, it comes at the cost of convenience.

“The downside of this method is that it often takes a while to be able to re-activate the bitcoin so if its value drops, users might not be able to react quickly,” says Mr Wüest.

As suggested by Mr Malanov, a sensible move for investors could be to transfer the main bulk of their holdings to a cold wallet, but keep a small amount that they’d be prepared to lose on an exchange service.

“You should use strong passwords to access these wallets, and if you do plan to use a hardware wallet be sure to actively monitor security research to determine if it is as secure you think it is when you purchased the item,” says Raj Samani, McAfee fellow and chief scientist.

We’ve teamed up with cryptocurrency trading platform eToro. Click here to get the latest Bitcoin rates and start trading. Cryptocurrencies are a highly volatile unregulated investment product. No EU investor protection. 75% of retail investor accounts lose money when trading CFDs.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in