Education | Article

Operational Security: What it is and Why You Need it In Crypto

By Dan Mulligan | SEP 01, 2022

Operational Security: What it is and Why You Need it In Crypto 3:58 Min Read

Operational Security: What it is and Why You Need it In Crypto

The greatest security threat that cryptocurrency holders currently face is not the encryption threat from quantum computers or unforeseen vulnerabilities in the code. It’s that those founders weren’t willing to do the work required to take care of their users’ security. With cryptocurrency hacks & phishing attempts at an all-time high, users need to implement operational security as a personal responsibility to safeguard their holdings.

What is Operational Security? 

The term operational security was first coined during the Vietnam War. In 1967, at the height of the war, US operations were being anticipated by the enemy despite using secure communications. When a team was asked to find out how the enemy was obtaining information, it was discovered that the United States Army had been unintentionally sharing information—information that wasn’t thought to be sensitive—yet it was enough to reveal their plans. Operations Security (OPSEC) was developed in response to the need to identify and protect sensitive information that could be valuable to an attacker. The phrase has since evolved from military application to everyday security. Operational security is essential to identify and eliminate potential phishing targets by minimizing access to sensitive information. A good security system consists of hardware and software and an understanding of how these things are combined and where the gaps exist between the two.

The Need for Operational Security in Crypto

Operational security is a vital tool in the digital age; where sensitive user data is routinely exposed through predatory attacks such as hacking, data breaches, and phishing attempts. This is also true for cryptocurrencies, which have been at the center of attacks like these over the last year. The key reason that hackers target cryptocurrency stems from its instantaneous nature, low transaction fees, frictionless movement, and pseudonymity. With cyberattacks on the rise, it is important to understand the best practices for users to maintain operational security in cryptocurrencies.

Best Practices for Operational Security 

Keeping Assets in Cold Storage

Instead of keeping your crypto assets on an exchange, storing them in cold storage wallets is recommended. This keeps you in full control over your assets and even in a situation where a hacker gets your account info, there won’t be any assets there for them to steal. Hardware Wallets such as ColdCardLedger & Trezor can keep your private key secure in portable hardware devices that never connect directly to the internet. This prevents hackers from reaching your holdings. Keep your recovery seed phrase on a paper card with your hardware wallet. Don’t type it up, store it online, or take a photo of the card.

Account Security

Be sure to use a different password for each of your accounts, especially those with sensitive information. Choose a difficult password to guess—at least 20 characters long and randomly generated. Password managers such as 1Password and LastPass are good options for generating and storing secure passwords. If you suspect your account may have been compromised, change your passwords. Start with your primary email, bank, and crypto accounts.

Stay Anonymous

First, signing up for a secure email provider is necessary. Encrypted services such as Protonmail or Tutanota are recommended. Pick a username that isn’t your real name for secure email accounts, and avoid using your primary email address as a username. Using VPN services in conjunction with an anonymous email address and username can help bolster your security.

Don’t Link Your Phone Number

Using text messages as two-factor authentication makes you vulnerable to SIM porting attacks. In this type of attack, an attacker calls up your mobile phone provider pretending to be you and convinces them to transfer your SIM into a new device, giving them control of any accounts that use 2FA via text message. Thus, it’s best to avoid linking your SIM card to anything related to your account credentials.

Two-Factor Authentication

Using two-factor authentication (2FA) is a great way to improve your digital security. However, if you’re using SMS text messages for your 2FA, you’re far less safe than you could be. For a more secure 2FA experience, it’s best to use Google Authenticator or Authy on iOS or Android.

Stay Vigilant

 Do not perform any action unless you understand it thoroughly. Double-check everything. Make it a habit to check the URLs of sites before you visit and be wary of requests for sensitive information. One of the most common ways hackers target financial assets is by tricking you into signing a transaction that you do not intend to sign.

Bottom Line 

Cryptocurrency holders face increased threats from hackers and phishing scams due to their portable and pseudonymous nature. Implementing operational security measures can help them stay protected against the most common security vulnerabilities that holders currently face.

Author: Dan Mulligan

SaaS marketer, trader of internet coins, tech enthusiast, and home chef. Buildooor of Tidus Wallet and current Marketing Director at AscendEX. Dan enjoys crypto twitter, market volatility, anime, and paid ads. Key accomplishments: - 5th Grade Readers are Leaders Winner - 2-0 Amateur Boxing Record - Former Overwatch Grandmaster

Education: B.A & MBA - Marketing Communications

Crypto Class of: 2016/17

Fun Fact: Served Method man and Red man ice cream from 2004-2009



Discover More

Sorry, we can't come up with anything for your search. Please try another term.

Popular Topics:

This site is registered on as a development site.