How to secure bitcoin: What are the best ways to keep it safe?

As bitcoin's value has steadily increased, so too have cyberattacks on cryptocurrency

exchanges and wallets. Michael Cobb explains how to keep your bitcoin secure.

Michael Cobb;Published: 26 Feb 2018

One of our employees asked me recently what the best way to secure bitcoin is. I had no
idea. Do you have any advice on bitcoin security?

While there's no pressing need to rush into upgrading your payment system to
accept bitcoins, it is worth monitoring its usage, particularly for a business with a big
internet presence or one that sells digital products and services, such as online games
or subscriptions.

Cryptocurrency is probably here to stay, and although some countries, such as China,
have banned its use, many countries -- including the U.S. -- appear more relaxed about
its existence. Some large organizations began accepting payment for products and
services in bitcoins; however, recent fluctuations in the value of bitcoin led some
companies, like Valve and Stripe, to drop support of the cryptocurrency.

Still, many companies continue to accept bitcoin and other forms of cryptocurrency. One
benefit for merchants is that bitcoin transaction fees are typically lower than the 2% to
3% charged by credit card processors. A top benefit for customers paying with bitcoins
is that they leave no data behind that can be used in identity theft.

How to secure bitcoin

In addition to financial benefits, there are several elements that secure bitcoin from theft.
Cryptography controls the creation and transfer of a cryptocurrency, and the protocols
underlying bitcoin have proven to be robust. Bitcoin's use of a distributed ledger known
as blockchain gives owners a record of all their transactions that cannot be tampered
with because there is no single point of failure.

However, this hasn't stopped attackers from exploiting vulnerabilities within bitcoin
exchanges or wallets -- the software used for storing bitcoins on computers or
smartphones. Bitcoin exchanges are not regulated by the government, and they
generally do not provide enough insurance and security to be used to store money in
the same way as a bank.
For example, the Mt. Gox and Flexcoin exchanges both shut down after hackers
allegedly stole hundreds of thousands of bitcoins from them in separate attacks.

Not surprisingly, a study by Dell SecureWorks in 2014 showed that, as the value of a
bitcoin rose, so did the number of viruses designed to steal bitcoins from wallets. That
trend has continued this year; there have been several cyberattacks on exchanges and
wallets as the price of bitcoin and other cryptocurrencies has skyrocketed in recent
months. In addition, new threats like cryptomining malware attacks have also emerged.

Despite the increasing rate of cyberattacks, cryptocurrency wallets are still among the
best ways to secure bitcoin. Ideally, wallet software should be installed on a
bootable USB or a live CD to ensure that the operating system is virus free and
doesn't cache, log or store wallet keys anywhere.

Users have to treat their software wallet the same way they would a real one, and best
practice is to use two wallets, keeping only a small amount of bitcoins on a computer or
mobile phone for everyday use, with the balance kept in a separate offline wallet. This
safeguards the majority of a user's bitcoins from malware trying to intercept
the password used to access a wallet or to find unencrypted wallet data in the device's
RAM.

The offline wallet needs to be kept physically secure -- maybe even in a traditional bank
vault -- as the loss or theft of a wallet means the permanent loss of the bitcoins it
contains. A computer hard drive storing more than $4.6 million worth of bitcoins was
thrown away and lost when the owner forgot it contained 7,500 bitcoins.

Offline or cold storage services are available, but note that they aren't regulated by the
financial services industry. Additionally, if an offline wallet is encrypted, it is important
to not forget the passphrase. Some experts prefer not to encrypt this type of wallet
because, in the event of death, descendants would not be able to access their
inheritance.

Keeping bitcoin secure

Regular backups of a bitcoin wallet are essential to protect against computer failure,
theft and human error, but never store them online, especially if the backup is not
encrypted. Finally, always use the latest version of bitcoin software, and use a password
that is at least 16 characters long.
Although bitcoin is a purely digital currency, it can be kept secure in analog form. Paper
wallets can be used to store bitcoins offline, which significantly decreases the chances
of the cryptocurrency being stolen by hackers or computer viruses. Printing the contents
of a wallet -- basically the private keys and their corresponding public keys -- creates
a physical record which, of course, must be kept secure.

Keeping bitcoins secure is complex and time-consuming, but well worth the trouble for
anyone with a reasonable amount of bitcoins. Bitcoin is more than a passing internet
fad, and when dedicated hardware wallets appear on the market, they should provide a
better balance between security and ease of use, possibly increasing the general
acceptance and use of bitcoins and cryptocurrency for online transactions.