How to Protect Your Crypto From Cyber Attacks During COVID-19

At-home working opens up security issues for crypto. Oxford University researcher (and Consensus speaker) David Shrier outlines ways to mitigate the risk.

By David ShrierCoinDesk Insights
May 9, 2020 at 6:44 p.m. UTCUpdated Sep 14, 2021 at 8:39 a.m. UTC
By David ShrierCoinDesk Insights
May 9, 2020 at 6:44 p.m. UTCUpdated Sep 14, 2021 at 8:39 a.m. UTC

The 1997 indie horror movie "Cube" posited a dystopic future where unwilling prisoners are systematically dismembered by a high-tech prison. The SARS-CoV-2 pandemic has created an environment for a similar virtualized dismemberment of our digital assets and our personal data security.

Unscrupulous hackers are socially engineering their way into financial systems and financial accounts. Well intentioned efforts to promote public safety are fostering prospective abrogation of personal data privacy.  At the same time, there are new areas of business opportunity for distributed ledger companies emerging from the crisis.  

The EventBot trojan is the latest malware to target financial accounts and wallets. Posing as an innocent-seeming app download, such as Microsoft Word, it will take over your phone’s data streams, keylogging passwords and even grabbing SMS messages used in two-factor authentication. 

Malware and phishing are on the rise in the pandemic, as hackers take advantage of heightened anxiety and unprecedented numbers of people working from home outside normal corporate security protocols. For example, one attack vector is to send a phishing email that simulates a health alert from an individual’s organization. Another is to engage in synthetic identity theft on LinkedIn with fake profiles of real people that then send internal LinkedIn messages containing links asking people to look at a file or app. The next-level LinkedIn hack is account takeover of a legitimate profile, and I have personally seen this happen with at least two colleagues in the last six weeks.

David Shrier is a speaker at Consensus: Distributed, CoinDesk's free virtual convention running May 11-15. Register here.

Meanwhile, new data security risks are emerging as unintended consequences of the massive effort to track, trace and remediate the virus. Large-scale health data pools are being assembled, with multiple copies of sensitive health, financial, and telecom data being created at disparate locations. The audit trail of who has accessed this data is poor.  Distributed ledger solutions around data governance, data security, and personal data management could help. For example, BurstIQ has announced the Research Foundry to facilitate secure collaboration around health data.  

From the 1997 movie "Cube"

Synthetic identity theft is another cyber security issue that’s accelerating in recent months. Hackers will take elements of data about real people, such as their name and social security number, and combine it with fake information such as a fingerprint image, a new email address, and street address, to create a convincing simulacrum of a real person that can be used to open credit lines, divert funds from financial accounts, and other forms of fraud or theft. Distributed ledgers offer possible solutions on synthetic identity theft, with the potential for distributed digital identity creating a trusted substrate for identity verification, validation, and authentication. Essential data attributes can be linked immutably to each other, and the blockchain trust authority can offer assertions around authentication and transactions tied to this immutable identity without revealing underlying personal data.  

Cyber unicorns will be founded in the next few years as we see ever-increasing demand for better security solutions.

To secure your crypto wallets and other accounts, here are a few steps you can take:

1. Enable multi-factor authentication. According to Microsoft, 99.9% of compromised accounts did not have multi-factor authentication activated.

2. Use a different password for every single account you have. Many people re-use the same five passwords (notwithstanding the fact that the average business user has over 190 logins to track). 

3. Use good password hygiene: the world’s most common passwords last year included “12345” and “password,” with 83% of Americans using weak passwords.

4. Make sure your virus software is up to date, including installing protection on your phone. Android represents 98% of mobile phone attacks, mostly in the form of malware downloaded to the device.

5. Practice good cyber hygiene. Only download apps from credible repositories, like the Android Marketplace, and verify sources before clicking on any link you receive in an email, text, or LinkedIN message.

Escape the “Cube,” and explore the cyber opportunity that has also arisen as a result of the pandemic. Cyber unicorns will be founded in the next few years as we see ever-increasing demand for better security solutions.

The Festival for the Decentralized World
Thursday - Sunday, June 9-12, 2022
Austin, Texas
Save a Seat Now

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Trending

1
First Mover Asia: USDC Hasn’t ‘Flippened’ USDT, but Trader Preferences Are Changing; Cryptos Rise Despite Bearishness

A Glassnode analyst suggests the collapse of the UST token has triggered a change in investors' stablecoin preferences; bitcoin holds above $30,000.

A Glassnode analyst suggests the collapse of the UST token has triggered a change in investors' stablecoin preferences; bitcoin holds above $30,000.

2
Musk Sets New Condition for Twitter, Citi Says Terra’s Fallout Unlikely to Hit Wider Financial System

The most valuable crypto stories for Tuesday, May 17, 2022.

The most valuable crypto stories for Tuesday, May 17, 2022.

3
Market Wrap: Cryptos and Stocks Mixed Amid Bearish Sentiment

BTC is stabilizing around $30K while stock market volatility begins to fade.

BTC is stabilizing around $30K while stock market volatility begins to fade.

4
New Data Shows Underground Bitcoin Mining Thriving in China

The U.S. has also expanded its lead in the global hashrate competition.

The U.S. has also expanded its lead in the global hashrate competition.