While Bitcoin has been making the headlines for hitting record highs and lows that give new meaning to the term ‘volatility’, it’s also increasingly gaining attention with regard to cybersecurity. Illicit uses for Bitcoin include its being used as a means of shuffling money around the Dark Web, and as a method of payment on the infamous dark market of the Silk Road.
Another problem is that once the Bitcoin is mined, it remains difficult to hold onto the digital currency, which is an encrypted address on the Blockchain with nothing physical to back it, and out of the mainstream of established financial institutions that so far are staying on the sidelines.
A lucrative target
With the equivalent of billions of dollars potentially out there in the form of Bitcoin and other cryptocurrencies, it’s a prime target for hackers – and indeed has already proved extremely profitable for them. In some cases, computers get hijacked via apparently benign software, such as BrowseAloud, a browser plugin for text-to-speech designed to help the blind and those with reading problems, but which contained the Coinhive cryptojacking script, which turned the victim’s computers into crypto-mining rigs.
In other cases the coins are stolen more directly, such as in 2014 when Bitcoin bank Flexcoin was taken for 896 BTC, resulting in it shutting down, and the larger exchange MtGox also was hacked, which sent it into bankruptcy. While those early setbacks could perhaps be seen as part of the growing pains of cryptocurrency, the problems continue, with NiceHash getting hacked, and losing $63 million, at the end of 2017.
Finally, some users lose their Bitcoin the old-fashioned way – they lose their password or their computer hardware, as in the (admittedly extreme) example of James Howells, whose hard drive ended up in a landfill with 7500 BTC on it, valued at over $100 million.
You want a wallet
Against this backdrop such headlines, before you start mining or purchasing any cryptocurrency you need to give some thought to how you’re going to store it. While Bitcoin is purchased on a coin exchange, these aren’t suitable for storage, as the January 2018 example of the Japanese Coincheck exchange losing the equivalent of $530 million across 260,000 accounts painfully demonstrated.
A cryptocurrency needs to be stored in a digital wallet, and there are several types and variations. You’ll hear terms such as ‘cold wallet’ and ‘hot wallet’, which refers to whether the wallet is connected to the internet (hot), or not (cold).
The ultimate in convenience is a mobile wallet, with your funds easily available via an app on a mobile device, for spending and transfer. However, this should be thought of as the Bitcoin equivalent of ‘walking around with cash’ – and most folks have more common sense than to walk around with their life savings in their pocket. As these wallets are internet-based, on a mobile platform they’re hardly secure, and it’s been demonstrated that they can be hacked via SMS interception.
Another type of wallet is the web wallet, also called the online wallet. These are browser-based, and also considered less secure. While they offer conveniences such as multi-currency support, and instant access for spending, they also represent an attractive target for thieves. This is equivalent to storing cash in a desk drawer, which is no real improvement on just keeping it in your pocket, as it can be just as easily stolen.
Up your security
There are more secure methods of keeping your Bitcoin stored. The first is a desktop wallet, which takes the form of software located on the storage drive of your computer. How secure this wallet is depends on how secure the computer is, whether or not it gets taken out and about, and whether it contains malware. Ideally, it should be on a computer that isn’t left connected to the internet at all times. An older computer that can be dedicated to this task is a good solution, although only if the OS is up to date and secure. As the wallet contains all the data of the full blockchain, including your cryptocurrency holdings, it also requires a serious amount of storage. For example, Bitcoin Core currently requires 145GB of storage, and that number is increasing by the day.
An even more secure storage option is the hardware wallet. These are designed to offer cold storage, with a high level of security, for as little as under $100. They’re generally kept offline, and can be plugged into a computer via the USB port when needed for a transaction. A hardware wallet is the fiat currency equivalent of keeping cash in a safety deposit box at a Swiss bank, and they’re available from multiple manufacturers, including KeepKey, Ledger and Trezor.
KeepKey includes a whole suite of security features: a PIN code is required for access, so that the device is rendered useless without it; each transaction requires manual approval; and you can recover bitcoins that were on a device that’s been lost or stolen. These devices also work on a full variety of PCs, including Windows, Mac and Linux. While they claim to be virus- and malware-proof, they should be purchased directly from the manufacturer; one individual lost his $34,000 life savings when he used a compromised Nano Ledger – it turns out the hardware wallet had been bought from a reseller, which added additional software to the device, and made the user susceptible to a man-in-the-middle attack.
Another secure solution is a paper wallet, which predates the hardware wallet. As a paper wallet doesn’t store the data on a computer they’re very secure and hacker-proof; the downside is that they require more technical knowledge to use, and are more cumbersome to use compared to other options. Popular options include Bitcoin Armory, Bitcoinpaperwallet and Bitaddress.org, which are used to print out public and private keys in convenient QR format.
Perhaps the most secure option of all is a brain wallet. This involves being able to remember the passphrase (typically eight words, plus additional characters known as the ‘salt’) to create the public and private logins for the Bitcoin account. The website Brainwallet.info can facilitate this method of storage, although the problem is that if the passphrase is forgotten, the Bitcoin is lost forever, making this option less convenient, and potentially risky for those with a less-than-photographic memory.
Securing your digital lifestyle doesn’t have to be a tedious or expensive process. You can achieve that in the next 60 seconds by downloading a trial of CyberGhost VPN here, risk-free.
