Cybersecurity is a key issue when trading online, especially when trading cryptocurrencies. In this article, we’ll look at how to protect your computer or VPS from viruses, DDoS, Malware, and other vulnerabilities that could threaten your data and trading account.
Before we get into cyber risks and possible solutions to protect yourself when trading online, briefly clarifying what a VPS is is essential.
VPS stands for "Virtual Private Server."
As the name suggests, it’s a type of virtual server (or "cloud server") offered by several providers. Generally, multiple VPSs are hosted on a physical server, each with full root access and its operating system, independent of the others.
The VPS offers similar features as a dedicated server (the so-called "DS" or "Dedicated Server") but at a lower cost.
Each user can install the applications they want on their VPS and take advantage of the shared hardware managed by the provider through a hypervisor.
The critical aspect is that in case of a virus or malware attack on the VPS, the other VPSs, relying on the same hardware, won’t be infected, as each VPS operates separately through its operating system.
VPS is suitable primarily for those users who seek greater functionality than traditional hosting services but may not have the resources for a dedicated server.
Using a VPS for online trading offers many advantages, including:
Provides greater stability and cybersecurity
Avoids disruptions due to internet interruptions or power outages
It is less vulnerable to external risks such as viruses and malware.
As we’ll see, a VPS also offers better computing solutions than a home computer.
Therefore, finding the right VPS is the first step to being able to trade online safely. If you want to learn more, you can understand how to choose the right VPS for your needs in this video.
Home computers and, in some cases, VPSs, can be threatened by four main types of risks:
1. Viruses and Malware
2. DoS and DDoS Attacks
3. "Brute Force" attacks
4. Generic system vulnerabilities
Let's take a closer look at the four types of problems and possible solutions for each risk factor.
Viruses and malware are potentially very harmful files that can infect and damage a server causing different outcomes, from simply slowing down the computer to stealing, encrypting, or destroying files and data. Viruses and malware can also allow a hacker to enter and take control of a computer remotely. It’s easy to see how dangerous this can be when the programs and platforms for trading are installed on the computer.
Possible solution: to avoid this risk, one can use Internet Security suites with advanced features that include anti-spamming, anti-phishing, anti-malware, and advanced firewalls in addition to anti-virus. Generally, such suites are already included in most VPSs, while for home computers, it’s always good to supplement the basic firewall and antivirus with more specific software.
Denial of Service (DoS) and Distributed Denial of Service (DDoS) are attacks executed on the server. The difference between the two is that in DoS, the attack comes from a single source, while in DDoS, as the name suggests, the attack is "distributed," namely, it comes simultaneously from multiple sources (the so-called "zombies").
The main risk is that the server becomes unavailable due to the simultaneous attack, which means that trading activities can no longer continue.
Possible solution: in these cases, the simplest solution is to opt for a cloud service provider such as OVH, which offers special protection against such attacks. However, we recommend installing ad-hoc firewalls and antivirus programs for the home computer.
"Brute force" attacks are cyber attacks that aim to steal passwords and sensitive data. Through a Brute Force attack, it’s possible to steal login credentials for your server, making it unreachable. Moreover, there is the risk that the hacker will take over the computer and all programs using them to their advantage.
Possible solution: to avoid this type of attack, the best solution is to use a VPS because VPSs allow you to hide the IP address. However, on a home computer, you can use programs that lock the IP after several failed login attempts. The IP is then only released again after a certain period of time.
This category includes several basic configurations of the remote computer or server, such as passwords, access ports, usernames, etc.
The problem in these cases is that settings that are too vulnerable facilitate hacker attacks and the theft of sensitive data.
Possible solution: first of all, it’s advisable to choose a complex password and change it periodically. It’s also a good idea never to use the same password for different websites. If you do trading with a desktop computer, we also recommend avoiding default names such as "Administrator" or default login ports such as Windows port 3389.
Changing these settings to protect your computer is extremely important but not always easy.
If you don't know where to start, you might find the following video very helpful, in which one of our coaches explains step-by-step how to do it and also shows how he managed to reduce attack attempts on his server by almost 200 times by simply changing his infrastructure. Don't miss it!
The risks involved in trading cryptocurrencies should be pointed out separately.
From this perspective, we can distinguish two categories of threats:
Cybersecurity risks when using crypto
Cryptojacking risk, namely the risk of being unknowingly exploited for mining activities by third parties.
Regarding the first aspect, all the precautions that apply to other online trading activities apply, with one additional caution: when trading cryptocurrencies, the private key of one’s wallet must be created and protected with the utmost care. This is because, in the blockchain, there is no system to reset the password or retrieve the private key.
To reduce the risk, it’s advisable to create multiple wallets by keeping the keys in places protected by encryption systems or two-factor authentication (for example, by Google Authenticator or Microsoft Authenticator) or to equip oneself with a "hardware wallet" (buying it directly from the manufacturer and resetting the firmware from the official website).
The second problem involves the so-called cryptojacking, where computers are infected with malware to use their processing power to generate cryptocurrency.
It isn’t easy to find out if you’ve become a victim of cryptojacking. However, there are alarm signs, for example, a high CPU or GPU load, excessive ventilation of your device, or its unmotivated overheating.
To defend against such attacks, you can use systems like "MyDefender," which can accurately detect and combat mining malware.
In addition to the solutions mentioned above, you should take measures to improve your device's security further when trading online.
Here are the five most important measures:
1. Install and use only software strictly necessary for trading
2. Avoid clicking or downloading banners, emails, files, and cloud-hosting clients such as Dropbox or OneDrive
3. Always use the latest version of the trading platform and broker plug-in
4. Download updates from official sites and do not install or use dubious programs
5. Don’t use public networks
When trading online, it’s essential to trade in the safest, most stable, and most protected IT environment possible. The first step is to choose a VPS instead of a traditional home computer. This way, you can avoid problems related to power failures or unstable connections.
Thus, taking some technical solutions and practical measures is essential to avoid viruses, malware, DoS, DDoS, or Brute Force cyber attacks.
In addition, you should always use settings that better protect your sensitive data, such as choosing complex passwords or changing your computer's username and login port.
Finally, protecting your private key and setting up systems to detect and fight mining malware is essential if you trade crypto.