River Intelligence

Sign up for our curated weekly newsletter delivering exclusive market insights to your inbox.

Invest in Bitcoin.

green checkmark

Human Support

green checkmark

Track Performance

green checkmark

Recurring Buys

How Secure Is My Bitcoin?

  • Bitcoin’s database, the blockchain, is practically impervious to attack or corruption.
  • Individuals can lose their bitcoin if their computer or wallet is hacked. Users can take a variety of steps to reduce this risk.
  • Exchanges and brokerages offer to custody funds for users. This may offer increased security, but at the cost of privacy and censorship resistance.

Bitcoin Security

As a new phenomenon, Bitcoin faces much skepticism. As an entirely digital method of storing wealth that is not backed by FDIC insurance or traditional institutions, users may also worry about the weaknesses of blockchain technology. There are three main sources of concern: the failure of the Bitcoin network, the failure of the user, and malicious action by others, ie. hacking.

The Bitcoin network is robust against both failures and attacks. The blockchain itself is economically and technically impervious to corruption.

"The Bitcoin blockchain database has never been hacked."

How Secure Is the Bitcoin Network?

Bitcoin is both a blockchain database and a network of computers which communicate to build and update the database. With this in mind, the blockchain database has never been hacked.

This article will focus on the security of individuals and their bitcoin, rather than the broader security of the network. If you are interested in the security of Bitcoin as a system, you can read our article on the topic using the link below.

Learn more about the security of the Bitcoin network.

Individual Threats

Individual users are prone to mistakes that can cost them their bitcoin due to negligence or forgetfulness. Malicious actors can also take advantage of users in order to steal their bitcoin. They do so not through any vulnerability of Bitcoin itself, but through traditional hacking and other fraudulent methods. In the case of Bitcoin, this can result in total and irreversible loss of user funds.

Human Error and Forgetfulness

The most common way for Bitcoin users to lose their bitcoin is not through a hack, but through simple human error and forgetfulness.

When you use a Bitcoin wallet, your bitcoin are not stored directly in the wallet. Instead, your wallet holds the private keys that control your bitcoin. Anyone who can access your private keys can spend your bitcoin. At the same time, if you lose access to your private keys, you will be unable to spend your bitcoin. For this reason, keeping backups of your private keys is vital.

Thanks to industry standards such as mnemonic recovery phrases, also called seed phrases, Bitcoin users can keep track of an infinite number of keys with a single set of 12-24 words.

Social Attacks on Bitcoin Users

Another way users can lose bitcoin is through social engineering attacks. A social engineering attack focuses on convincing a victim to willingly divulge information to the hacker, which can then be used to steal their bitcoin. For example, an attacker might call, email, or direct message a victim pretending to be an employee of their wallet provider and convince the victim to divulge their password or seed phrase.

No legitimate service in the Bitcoin industry will ask for your password or seed phrase at any time. Anyone who does request such information should be considered malicious.
No legitimate service in the Bitcoin industry will ask for your password or seed phrase at any time. Anyone who does request such information should be considered malicious.

Theft

For users or investors, the risk of losing one’s bitcoin to a personal hack is far lower than forgetting or losing one’s own password or recovery phrase. However, guarding against hackers and other attacks is important.

Most individuals use a computer or mobile device to store their bitcoin. Any device that is connected to the internet can possibly be hacked. If a computer containing a Bitcoin wallet is hacked, a user could be at risk of losing their bitcoin. Wallets have various security features, such as encryption, meant to protect against a computer hack, but nothing is impenetrable.

Activities such as pirating movies, browsing unsafe websites, and downloading unknown files can all serve as vectors for a hacker to access a computer, and ultimately the bitcoin stored on that computer. Some users keep their bitcoin on an offline computer to minimize these risks. This is called cold storage, and is a strong security practice.

Selecting a high quality wallet is an important step in protecting privacy and wealth. Most Bitcoin wallets are open-sourced, meaning anyone can download and edit them, so obtaining the wallet from a trusted source is imperative.

Learn more about protecting against individual threats with cold storage.

Bitcoin Brokerage and Exchange Security

Exchanges and brokerages such as River Financial are institutions designed to facilitate trades and organize order books. However, Bitcoin enables peer-to-peer transactions, meaning anyone can facilitate or operate an exchange or directly exchange bitcoin with anyone else. This means quality and security can vary greatly between exchanges. Therefore, it is imperative that individuals be critical and highly selective when choosing an exchange.

Behind an exchange’s website are wallets holding any bitcoin users have deposited. Unlike users, who can disconnect their wallet from the internet, exchanges are forced to keep some bitcoin in hot wallets in order to service user withdrawal requests. Having a bitcoin wallet directly exposed to the internet is a security concern, so exchanges must diligently protect their security. Exchange wallets have been hacked on many occasions, exposing users to enormous loss.

Some exchanges have partial insurance on their bitcoin holdings, but few, if any, ensure 100% of user deposits. Most exchanges keep a vast majority of their funds in cold storage, affording them greater security.

A secondary security risk for exchanges is government regulation. Governments may shutdown exchanges for a variety of reasons, including stated attempts to stop money laundering or even attempts to ban Bitcoin. Several exchanges have been forced to freeze or surrender user funds to local governments in the past, either permanently or until additional identifying information is provided. This risk is a direct consequence of exchanges controlling user funds. When a user controls their own funds, the risk of having funds frozen or lost is avoided, but at the cost of self-responsibility.

Conclusion

Economically and logistically, the Bitcoin blockchain is nearly impossible to hack and maliciously alter. Doing so would cost billions of dollars and months of preparation. However, hacking an individual’s wallet is far easier and more lucrative. Hackers can steal bitcoin by controlling a user’s computer or phone through malware or by posing as someone else and convincing a user to send funds to them.

Like users, exchanges can also be hacked or shut down by governments. As the Bitcoin industry has matured however, brokerages and exchanges have bolstered their security.