Are Crypto Hardware Wallets As Safe As They Seem?

8 MIN READ
Crypto hardware wallets

What is a Hardware Wallet?


Similar in appearance to a USB stick, a hardware wallet is a device where you can store cryptocurrencies and tokens in one place. One of the biggest benefits of hardware wallets is that they offer a form of cold storage that keeps your assets out of a hacker’s reach. We will explain why a hardware wallet doesn’t necessarily guarantee that your assets are 100% safe. A major risk associated with these devices is that — unless backed up — you could lose access to your crypto forever if it is lost or damaged. An even more pressing matter concerns ensuring that hardware wallets are regularly updated with the latest firmware, providing an additional layer of security. But here’s the rub: Acquiring these updates usually involves connecting directly or indirectly to the internet.

What Risks Hardware Wallet Owners Face?

Instead of admiring an LCD screen that a device boasts, or the seemingly endless array of digital assets it supports, it’s smart to look at the security measures in place to protect your crypto — and how a hardware wallet is updated. Crypto enthusiasts need to take responsibility for their funds — and this means guaranteeing that you have sole and absolute control. Relying on a third party isn’t necessarily cut it in times of crisis.
Some banks offer physical devices that provide a six-digit PIN that users must enter when logging into their accounts or sending large transactions. Although these devices are air-gapped, experts say six digits aren’t enough to deliver absolute security — and integrity can be compromised if the digital signatures it provides aren’t generated in an offline environment. Air-gapped security, or 2FA security, is crucial — and some hardware wallet providers have started to embrace QR codes for
transactions. However, the benefits of this are eroded when firmware updates are executed via USB ports or any other form of connectivity.

Hardware Wallet

What Happens If A Hardware Wallet Is Compromised?

It all hinges on whether the USB stick or memory card used for a firmware wallet has been infected. Viruses easily infect laptops — and if one of these computers is used to load a USB stick or memory card with a firmware update, it’s possible that the information transferred could include malware or a virus. This can then make its way over to a hardware wallet, putting a user’s funds at risk. There have been several incidents where devices from popular brands were compromised in this way. Even when the manufacturer patches up such vulnerabilities, it can only be a matter of time before the next attack vector is exploited.

What’s The Answer?

Here are some general safety principles -

Having a hardware wallet set up with a verified backup in a secure place may protect you from a digital attack. However, you are still vulnerable to potential physical threats such as burglary or hostage situations. This is why you must follow these basic rules:

* Never tell anyone that you own cryptocurrencies. If you do, make sure to keep the real value of your assets to yourself.

* If you are active in the online cryptocurrency community, protect your real identity and always be mindful of the information you share.

* Do not keep your recovery sheet in a safe at home. A bank vault is much more secure. Not having immediate access to your backup increases your resilience to physical threats.

* If you have large amounts of cryptocurrencies that you do not need frequent access to, keep your hardware wallet in the bank safe. You can use another hardware wallet with lower amounts for frequent use.

Are There Use Cases Beyond Crypto?

The issues facing hardware wallets are not exclusive to the crypto sector. Across multiple sectors around the world, several industries have critical systems. They face the same challenge: Remaining up to date and fortified against attacks from the people trying to infiltrate. Every government runs critical systems — alongside the military, hospitals, space agencies, nuclear plants, airports, chemical plants, unmanned train networks, banks, and stock brokers. The ramifications of these critical systems being compromised can be severe. Lives can be put at risk if key systems within a hospital or hackers successfully manage to target air traffic control at a major transport hub. In an increasingly digital world, millions of people can be affected by a single malicious actor pressing Enter. The number of high-profile incidents is continually rising. Earlier this year, thousands of businesses were affected when the systems of Kaseya were compromised. Supermarkets in Sweden were forced to close because their tills stopped working, while trains ground to a halt.