Security is – or at least should be – the essence of cryptocurrency. Born in the midst of a global financial crisis, Bitcoin was conceived as a decentralized currency that would be safe from the manipulations of central banks and dysfunctional governments.
However, while cryptocurrencies are theoretically more secure at the macroeconomic level than fiat currencies (at least according to some Bitcoin champions), their emergence over the past few years has been fraught with cybersecurity mishaps and calamities. 2014 brought the infamous Mt. Gox hack (worth some USD 473 million), while recent years have seen ransomware, phishing and mining malware become significant threats to crypto traders and holders.
And while 2019 will see many crypto-exchanges and platforms become more security conscious, it will bring new cybersecurity threats and challenges to the industry, such as the accelerated growth in mining malware. But as cybersecurity experts explain to Cryptonews.com, there are a number of things people and businesses can do to protect themselves.
Crypto-mining and IoT devices
"All the evidence suggests that cyberattackers are increasingly interested in cryptocurrencies," explains Raj Samani, chief scientist at cybersecurity firm McAfee. "In fact, McAfee researchers found that the spike in Bitcoin value in Q4 2017 prompted many actors to extend their activities into the hijacking of Bitcoin and Monero wallets – and this appetite for cryptocurrency shows no signs of slowing down now."
Not only are cybercriminals becoming more interested in crypto, but Raj Samani also tells Cryptonews.com that mining malware is likely to remain the number-one threat in 2019, with hackers increasingly targeting unsecured smart devices linked to the internet of things (IoT).
"In 2019, we predict a growing trend of cryptomining linked to IoT devices," he says. "For now, cameras or video recorders have not typically been used for cryptomining because they lack the CPU power of desktop and laptop computers. However, cybercriminals have taken notice of the growing volume – and often lax security – of IoT devices and have begun to focus on them, harnessing thousands of devices to create a mining super-computer."
Indeed, hackers had already begun focusing more on vulnerable IoT devices in the second half of this year.
"New malware targeting IoT devices grew by 72% in Q3 2018, with total malware growing 203% in the last four quarters," adds Samani. "New coin-mining malware grew nearly 55%, with total malware growing an incredible 4,467% in the last four quarters."
Given such an incredible rise and the prospect of even more growth in 2019, crypto holders and crypto-related platforms may feel a sense of helplessness as they enter another year. However, Samani affirms that they can reduce their risk by adopting a joined-up approach to cybersecurity.
"No matter the size of the business, all must do their due diligence. This means making sure that tools and systems can work together, and removing siloed security teams. Businesses handling cryptocurrency need to find the right combination of people, process and technology to effectively protect their assets, detect threats and, when targeted, rapidly correct systems to keep cyber thieves at bay. By implementing proactive, integrated cybersecurity systems, organisations can minimise damage and disruption caused by cyberattacks."
When it comes to hardware wallets, 2019 won’t be massively different from its predecessor in terms of the devices being offered. However, manufacturers affirm that they will do everything to ensure that their products will be regularly updated in order to keep up with new emerging threats.
"As the cryptocurrency industry is evolving rapidly, we are sure that there are going to be […] developments in the upcoming years," Marek Palatinus, the CEO of SatoshiLabs (and maker of the Trezor hardware wallet), explains to Cryptonews.com.
"We have designed Trezor with this in mind. It is a single-purpose computer with no weak points where cybercriminals could attack – no matter what technology they could think of. The keys to the funds are secured in an isolated environment. The device is protected by the strongest possible cryptography that you cannot break even with the most powerful computers on Earth."
In other words, the assumption from manufacturers is that the physically isolated and cryptographically secure makeup of hardware wallets means that they are ‘future proof’, and that there isn’t much need to radically overhaul them at the current period in time. Nonetheless, Palatinus warns that cold storage wallets will still have one potential point of failure, which hackers could increasingly target in the coming year.
"The only spot the attackers can focus on is the human element – that is, the users," he says. "And I do not think that this is going to change anytime soon."
But while Trezor (and other wallet manufacturers, such as Ledger and KeepKey) aren’t necessarily planning any major changes in 2019, they will at least be expanding the compatibility and functionality of their existing line of devices. Not only will this mean that crypto holders will be able to use them with a wider range of platforms, but it will also have the knock-on effect of making the wider crypto environment more secure in general.
"We are working on Lightning Network and Liquid support in Trezor," says Palatinus. "Furthermore, we are working on allowing the usage of SD cards with Trezor Model T to protect the encrypted passwords and files of our users. Additionally, security innovations are coming for those who want more – recovery seed splitting for additional safety of funds."