by Alex Broudy, Technical & Financial Writer
Oct 6, 2022
Blockchain cybersecurity - It often seems not a week goes by without news of another hack, data breach, or theft of cryptocurrency. The latest of note? A nearly $600 million attack that halted Binance Smart Chain and a $160 million theft from digital asset market maker, Wintermute. While the details of these particular hacks are still unfolding, the fact that they happened begs the question, what should investors using blockchain-based services know about cybersecurity and what can they do to protect themselves?
First, blockchain investors should know that blockchain technology is more secure than using paper-based records and multiple third parties to manage investments. While this is a big step forward in advancing record-keeping’s speed and security, criminals will always try to find vulnerabilities in even the latest technologies – and often those vulnerabilities are actually within the control of its users. So, now is a good time to talk about best practices to follow when using blockchain-based services, including Securitize.
Second, blockchain investors should know that blockchains are designed assuming that bad actors will try to compromise them. So, security is built in by design. This security is achieved through an act of coordination called consensus.
Furthermore, the blockchains that we use to tokenize assets have had nearly 100% uptime. And the smart contracts that we develop on top of these blockchains all get audited. We run audits semi-annually to ensure that all systems are error-free. Knowing that the technology underlying their investments is secure, investors can now focus on how to best protect themselves.
One of the most common cybersecurity attacks is called spear-phishing, a targeted attack that uses personalized details in an attempt to get people to click on URLs which download malware to their device. To avoid this type of attack, investors should not click on links from unknown emails.
This is what a verified email from Securitize looks like.
Investors should verify the “from" address if they receive an unexpected email. Verifying the “from” address can be done by hovering over the contact and clicking the “Open detailed view” button in Gmail (as seen in the image above).
Investors should know that using two-step authentication is another way to protect their investments. This method uses an additional form of verification to ensure you are who you say you are when logging on from a new device. Common two-step authentication methods include using a strong username and password combination plus generating a time-limited code from an authenticator app or signing up to receive one-time codes via SMS as a second layer of protection.
Finally, investors should follow best practices when creating a wallet and any time they use it. This includes creating a strong, unique master password that nobody else knows and only using it to log on to your digital wallet as needed. Investors should never lose or misplace their seed phrase because seed phrases control your investments and cannot be replaced. So, back it up in a secure location and access your seed phrase only when needed. Following these cybersecurity best practices can enhance investors’ everyday protection.
To learn more about cybersecurity and blockchain technology, subscribe for updates below.
Subscribe for Updates