Digital currencies have plenty of advantages over fiat currencies. They're international, designed for the Web, and they can't be devalued at the whim of a banker. They also can't be pickpocketed. No one is going to whip your wallet out of your back pocket while you're in the mall and make off with your Bitcoins.
But that doesn't mean they can't be stolen, and cryptocurrency thefts didn't stop with the collapse of Mt. Gox. Over a billion dollars' worth of Bitcoin may have been stolen in the first half of 2018 alone. Malware powerful enough to steal someone else's Bitcoin typically costs just $224 and can be bought for little more than a buck, says CNBC.
The problem isn't the blockchain. That's still the most secure form of keeping records that anyone has ever created. It's the places where people keep their private keys. As long as those are attached to the Internet, they're available to hackers who can break into a computer or a server and swipe them.
The most attractive targets will always be the exchanges. Just as bank robber Willie Sutton robbed banks because "that's where the money is," so hackers break into cryptocurrency exchanges because that's where the computer cash is. If you keep a private key on an exchange, it's vulnerable.
But exchanges aren't the only places where private keys that can unlock Bitcoin hoards are kept. They're also stored on personal computers and mobile devices. For malware makers your computer might look like a pretty good target too.
The best solution is always to keep as much of your cryptocurrency associated with private keys that are kept offline--in "cold storage." Only keys for funds that you might use every day--for speculating or for making transactions--should be stored on a device or a server attached to the Web. Anything you can't afford to lose should be held offline. Unlike banks, there are no guarantees if an exchange collapses or a thief cleans out the vaults. Everything you're hodling should be kept where it can't be hacked.
One simple option is to use an old laptop to hold a copy of your private keys. As long as the laptop still works and can be disconnected from the Web and from Bluetooth devices, it should be safe. Some experts even recommend buying a cheap chromebook or a simple PC to hold your keys but you don't need to go that far. Hardware wallets like Trezor can do the same job for less money.
But you should go further. Private keys are like data--and companies don't store back-ups of their data on site. You can keep your private keys on a piece of hardware disconnected from the Web in your home for easy access but make sure that you also keep a second copy off site. You can do that with something as simple as a paper wallet kept in a safety deposit box or a vault. If your house goes up in flames, it won't take your savings with it.
It's unlikely that anything will happen to your cryptocurrency holdings, just as it's unlikely that you're going to be mugged next time you head into town. But it's still smart to take precautions, and using a combination of cold storage and offsite vaults to hold anything you can't afford to lose will help to keep you safe.