Cryptocurrency remains exposed to digital threat


When bitcoin was first traded eight years ago, one of the risks for the decentralised blockchain technology was security digital threat, namely malware attack and hacking activities.

In 2014 alone, 850,000 bitcoins worth US$450 million (RM1.8 billion), belonged to the then largest cryptocurrency exchange Mt Gox, were hacked and gone missing.

Last week, another exchange, Slovenia-based NiceHash, was attacked with 4,736 bitcoins worth US$64 million were stolen.

These events revealed how security risks still remain a major concern in the new investment and trading platform.

National ICT Association of Malaysia research committee chairman Woon Tai Hai said the cryptocurrency-mining malware can impair computer system performance and risk the end users to information theft, hijacking and other malware attacks.

“As such, exchanges and mining companies must put in place robust and appropriate IT (information technology) security control measures,” he told The Malaysian Reserve.

Woon said one of the measures is enhancing the security control level which includes adding more layers of protocols in the system.

“Miners and exchanges need to have strong security similar to banks’ online to regain the confidence and trust of the investors.

“In essence, just like the banks, they must secure their networks, servers and even physical securities, if applicable,” he added.

With the current growing threats, Woon did not dismiss the possibility of eroding trust among investors due to these security breaches.

“It will almost certainly dampen the enthusiasm of the cryptocurrency industry and take the steam out of the market, including an erosion of trusts among potential investors.

“However, due to the continuing hype, there will still be interests among investors despite the fact that the inherent risks are still very real,” Woon added.

He suggested cryptocurrencies miners and exchanges to regularly update their devices with the latest security patch.

“It could help to prevent attackers from using vulnerabilities as doorways into the system.

“Besides enabling firewall, another measure that can be taken is deploying the intrusion detection and prevention system to mitigate incursion attempts,” Woon said further.

As for cryptocurrencies traders or investors, Woon advised them to store their cryptocurrencies in personal computer (PC).

“The currency can be stored offline, often called ‘cold wallet’. This can prevent the hackers from accessing and retrieving them,” Woon said.

Cold wallet is an offline storage where users can safely keep their tokens in PCs or any hard drive, making it more secure than the Internet.

On the other hand, hot wallet is an online cryptocurrency storage managed by a third party such as exchanges where people usually keep their digital assets for purchasing purposes.

In some exchanges like Luno, hot wallet is secured by maintaining a multi-signature protocol to facilitate instant bitcoin withdrawal.

Luno said in its website that the exchange will hold one of the keys and the other is held by the multi-signature custodian leader, BitGo for an added security measure.

“If they wish to keep their assets in cold wallet, they must ensure that the system is well encrypted,” Woon said.

The national central bank is expecting to regulate bitcoins and other the digital currencies by January 2018, by putting obligation in all exchanges to report on converting the token to fiat money.

As at yesterday, bitcoin market capitalisation stood at US$271 billion; followed by ethereum, US$70 billion and BitcoinCash at US$27 billion.