No matter what precautions we take, it seems even the best of us aren’t immune to hackers and malware. Both large and small companies are at constant risk for data breaches and while cybercriminals are becoming more sophisticated in penetrating firewalls, it’s becoming more challenging for traditional systems to keep up the protection.
Unfortunately, in the big data space there can be vulnerabilities that allow security threats to fly under the radar, sometimes even for many months before they are noticed. Most recently, the Japanese cryptocurrency exchange Coincheck saw 500 million NEM coins vanish off the exchange, reminding us of the colossal Mt Gox hack of 2014 where almost a million bitcoins were stolen. This cyber heist would ultimately lead Mt Gox to its demise.
Hacks aren’t exclusive to the crypto world; Equifax (a consumer credit reporting agency), reported that hackers had accessed the data of almost half of the entire US population, rendering millions of Americans vulnerable to identity theft and credit card fraud. Needless to say, it can take years, if any, to recover from such loss.
Here at CoinPayments we’ve experienced first hand what serious financial and technical implications a cyber attack can have on a business, and while we’ve honored our cyber-victims with a full refund, it took our team many months of relentless strategizing and support from our community to recover and even grow from this unfortunate event.
Like all crime, cyber-attacks are inevitable but there are some basic security measures everyone can take to dramatically reduce the risk. Hacks can happen to anyone surfing the web and it is our responsibility as a cyber community to be knowledgeable in the ways of prevention.
CoinPayments has put together some tips to help reduce the chances of a cyber attack:
- Implementing Two-Factor Authentication
2FA is an added layer of security that requires not only password and username (something all accounts require), but also a code unique to the user from a different source that can be immediately accessed (typically codes are sent to email, text or phone app). All CoinPayments account are required to use a 2FA for login.
- Storing Crypto in Cold Wallets vs Hot Wallets
We recommend storing your large coin values offline in a cold wallet. A cold wallet is a physical device such as a paper wallet, Trezor or Ledger Nano that are safely programmed and can be plugged into a computer and funds immediately retrieved through a series of confirmations, rendering this storage method hack-proof.
A Hot Wallet is a “software wallet” and like most software it operates on the web. While for trading and purchasing a Hot Wallet is much more convenient, we believe it’s safe practice to move your crypto to a cold storage wallet after the trades. It is imperative to choose a safe and reliable software. At CoinPayments, our wallet is kept secure with multi-signature technology through BitGo.
- Different Passwords for Different Accounts
Despite this practice being largely underestimated, with over 50% of the world’s web users using the same pass phrase across all their personal accounts, using different passwords for different platforms is a great cyber-attack preventative method. CoinPayments recommends using mixed symbol passwords of at least 15 characters.
- Use a Virtual Private Network (VPN)
A VPN is a service that you sign up for and download on your web browsing device to maintain anonymity while online, further protecting you from potential attacks. A VPN lends you a temporary IP that will hide your true IP address from every website and email you connect with. Our CEO Alex Alexandrov personally uses and recommends Protonmail’s VPN which can be purchased with bitcoin.
- Avoid Connecting to Open Wi-Fi Networks
Connecting your computer to an open Wi-Fi network such as wireless hotspots commonly found in libraries and coffee shops, can pose a great security risk. Without a WPA or WPA2 security code the information sent through this network is essentially up for grabs by anyone using that same network.