Defending Bitcoin

The alert arrived in the middle of the night. Someone had clicked a link that they shouldn't have, and their work computer was now infected. My job was to stop the infection from spreading.

I worked as a cybersecurity consultant for an oil and gas company, and the systems I protected weren't websites or office email. They were the computers that monitored and controlled pipelines, refineries, and remote extraction facilities. The infected laptop belonged to someone with access to those systems, and if the virus had spread, it could have reached the equipment itself.

I cut the laptop off from the network within minutes. By morning, we'd confirmed that it was ransomware, software that locks up a company's files and demands payment to unlock them. We had caught the attack in time. The company was safe. For now.

Years of working with critical infrastructure have shaped how I think about failure. The systems that keep the physical world running aren't optional. These systems move oil through pipelines, keep electricity flowing, and treat drinking water. They need to work every day, without exception. So, after stopping the ransomware, we had to continue the investigation. Had we caught everything? How did the infection get that far in the first place? And if our outer defenses failed once, what was waiting behind them?

I still work in that industry, but along the way I started studying Bitcoin seriously, and I recognized the same pattern. The layered thinking that defines industrial security turned out to apply here, too. What could go wrong? What happens if the first defense fails? Bitcoin isn't just a speculative asset or a piece of software. It's a system that people use to move value, hold savings, and preserve financial autonomy when other options are weak, expensive, or unavailable. For a family sending money home across a border where traditional services take a painful cut, or for someone carrying savings through political or financial disruption, a failure of that system would be critical.

You encounter cybersecurity every day, regardless of whether you realize it. Many of the little frictions of modern life are really cybersecurity controls. Passwords, multi-factor authentication, and account security notifications are all there to stop something from going wrong. Bitcoin is less visible if you've never used it yourself, and you might not know about all the places where it's already being adopted, from corporate balance sheets to regulated ETFs to cross-border payments. Bitcoin is quietly becoming part of the financial infrastructure that people rely on when other systems are costly, fragile, or closed to them. This book is about defending Bitcoin the way that we defend every other piece of infrastructure that matters.

My Background

This book bridges the two worlds that I've worked in for years, with industrial control systems cybersecurity on one side and Bitcoin on the other. If those terms mean nothing to you yet, don't worry. The next few chapters are here to get you up to speed.

I'm originally from Canada and studied computer science in university, but I never ended up working in software development. I got an internship with the team responsible for the monitoring and control system for a large oil and gas pipeline company. That internship was my introduction to industrial control systems (ICS), sometimes called operational technology (OT).

My employer put a lot of trust in its interns, granting real responsibility and meaningful experience. I enjoyed working with these systems far more than I enjoyed coding, mostly because industrial environments were so different from anything I'd encountered in the computer science world. I returned to that pipeline company after graduating and later transitioned to cybersecurity consulting for industrial systems. I still work in that field today. I started out in incident response, but most of my career has been on the other side of the table, assessing defenses, identifying gaps, and shoring up systems before something goes wrong.

Working in oil and gas in Canada meant living through boom-and-bust cycles tied to commodity prices and a political climate that was increasingly hostile to the industry. Projects got cancelled, companies laid people off, and a good university degree no longer guaranteed stability. Nobody was safe. Savings and careers could be erased by forces completely outside of anyone's control. That experience primed me for Bitcoin years before I understood what it was.

No Such Thing as a Junior

A common saying in my field is that there's no such thing as a junior ICS cybersecurity professional, and the adage is mostly true. Nearly all professionals in this space either have experience working on the industrial systems themselves, or they have experience in cybersecurity. There are rare cases where someone gets hired straight out of school into an ICS cybersecurity position, but for all practical purposes the saying is correct. The difference in backgrounds means that every ICS cybersecurity course has to teach both sides, so that everyone in the room starts from the same baseline.

This book takes the same approach as ICS cybersecurity training. I wrote it both for bitcoiners who want to learn about cybersecurity, and for cybersecurity professionals and other technical readers who want to learn about Bitcoin. As a result, Part I introduces both fields before diving into the meat of the book. Shared vocabulary is important, so you'll probably find value in seeing how I define terms, even if part of the subject matter is familiar.

I've been working in ICS cybersecurity for over six years, and with industrial control systems more broadly for more than 10 years. I hold the CISSP and GICSP certifications, which cover a wide range of security domains from both a general and industrial perspective. In other words, I know a fair bit about a broad array of security topics, but I'm not a protocol developer or a cryptographer. I'm a practitioner who looks at Bitcoin through the lens of the systems I've spent my career defending, and I know where my expertise ends. I draw from my own experience in Bitcoin and cybersecurity, and I cite my sources where I rely on the expertise of others.

Down the Bitcoin Rabbit Hole

I found Bitcoin during the COVID lockdowns, around the same time that I was moving from Canada to Finland. Once I started studying Bitcoin seriously, I never stopped, and I came to see it as something fundamentally different from what came before it. Over time, I put more and more of my energy into advocating for Bitcoin adoption. People who reach the same conclusion are often called Bitcoin maximalists, meaning that they see Bitcoin as the only cryptocurrency worth taking seriously as money, and I consider myself one. I'm not asking you to adopt the same view, but I do want to be clear about the standpoint that I'm writing from.

After moving to Finland, I got involved in the local and international Bitcoin community. I connected with Knut Svanholm, author of Everything Divided by 21 Million, and we started what became The Bitcoin Infinity Show podcast. Since then, we've co-authored Bitcoin: The Inverse of Clown World together and worked on a range of other projects.

One of the highlights of my time in the Bitcoin space was helping organize the inaugural BTCHEL conference in Helsinki in August 2025, which drew more than 1,000 attendees. Jeff Booth, author of The Price of Tomorrow, and Mikko Hyppönen, the Finnish cybersecurity expert, delivered keynote speeches, and two members of the Finnish parliament participated in the conference. The feedback from speakers and attendees was overwhelmingly positive, and I'm proud of what the team pulled together.

Central Themes

As of early 2026, I still work full time in ICS cybersecurity while contributing to Bitcoin in every spare moment. Over the years, I've come to see my work on Bitcoin in much the same way that I see my work in cybersecurity. Bitcoin is a monetary network, and I believe that it's becoming important enough that we should think about defending it the way we defend other critical systems. I know that the comparison sounds absurd to anyone who works in traditional infrastructure security. Digital coins, as important as power grids? A monetary network, as critical as the electrical grid that powers it?

And if you're familiar with cybersecurity, your first association with Bitcoin might be ransomware. It's a fair point, but we have to consider the scale. Bitcoin-related transactions account for a small fraction of overall financial crime, and the vast majority of money laundering still runs through the traditional banking system. The properties that make Bitcoin useful for extortion are the same ones that make it useful for ordinary people. Final settlement, movement across borders without an intermediary, and no gatekeeper deciding who can participate. Those features can be misused, but they also serve the family sending money home and the saver protecting wealth through financial disruption.

Bitcoin is different from other forms of critical infrastructure because no one is in charge of it. Its rules are enforced through cryptographic proof, digital signatures, and proof-of-work rather than through a single operator or institution. That decentralization doesn't mean Bitcoin is free of concentration risks. Mining pools, exchanges, development governance, and the surrounding ecosystem can all become points of pressure, and Part II will cover these topics in detail. But the system's basic architecture pushes verification and responsibility outward to individuals. Node operators verify the rules for themselves, miners secure the chain, developers maintain the software, and users who hold their own keys take direct responsibility for their own money. That distribution of responsibility is one of Bitcoin's essential security properties.

To structure my analysis of Bitcoin's cybersecurity landscape, I'll use the IEC 62443 framework, an international standard for industrial control systems security. I chose that framework over corporate IT standards like NIST or ISO 27001, which are strong for the data-centric environments that they were designed for, but weren't built for systems where uptime, resilience, and real-world consequences are the top priority. Bitcoin has more in common with the industrial world than with typical office networks or business databases, which makes IEC 62443 a better fit for exploring Bitcoin's security landscape.

An essential cybersecurity concept is that the tradeoff for security is convenience. Every security measure adds friction. Entering a password slows you down, but it's pretty effective at preventing others from getting into your phone or computer. Using a hardware wallet instead of keeping Bitcoin on an exchange takes more effort, but it means you control your coins yourself instead of relying on a third party. That pattern is the Convenience/Security Trade-off, and it will come up throughout this book. Another central concept is defense-in-depth, where no single control is expected to stop everything. Instead, defenses are layered so that if one fails, the next one is already in place. We'll dig into both of these concepts in more detail in Part I before applying them in Part II.

Bitcoin's defenses aren't purely technical, either. The economic incentives built into the protocol are themselves a security mechanism. Miners spend real energy to earn rewards, which makes cheating the system extraordinarily expensive. Bitcoin has no CEO to fire, no headquarters to raid, no customer service line to call. If the network is attacked, there's no central authority responsible for defending it. That responsibility falls to everyone who participates in the network, and sometimes the most important thing one person can do is be honest about where things are weak.

I once conducted a ransomware assessment at a certain company and found significant vulnerabilities. The CISO got angry when I told him so, and he demanded that I lower the report's findings so he wouldn't get in trouble with upper management. I didn't back down then, and I won't back down now. I bring the same approach to this book. I'll be honest about where Bitcoin's defenses are weak, where the threat models are genuinely concerning, and where the community might be in denial. Pretending a problem doesn't exist doesn't make it go away. Denial just leaves you unprepared when the problem rears its ugly head.

How This Book is Structured

This book is aimed at two audiences: bitcoiners of any background on the one hand, and technically minded readers who are new to Bitcoin on the other. Part I brings both groups onto the same page. If you already know Bitcoin well, you can skim Chapters 1 and 2. If you already have a background in tech or cybersecurity, you can skim Chapters 3 and 4. Chapter 5 is where everything connects, and everyone should pay attention there. If you're already a reasonably technical bitcoiner, much of Part I might sound familiar, but I'm confident that my industrial framework will be fresh reading for almost everyone. Regardless, Part II is where the threat analysis begins in earnest. Let's take a quick walk through the book's structure.

Part I, Introduction to Bitcoin and Cybersecurity

Part I introduces both Bitcoin and cybersecurity for those unfamiliar with either. I'm starting with Bitcoin because that's what we're going to be applying cybersecurity principles to, and having the baseline of Bitcoin knowledge in your head will help when we get to the cybersecurity material.

Chapters 1 and 2 cover Bitcoin from two angles. Chapter 1 covers the technology, starting with the precursor technologies that made Bitcoin possible, then getting into how the protocol works on a technical level. Chapter 2 is about Bitcoin as money, and why Bitcoin's monetary properties matter more than its technical innovations. Without sound monetary properties, Bitcoin is just a distributed database. The money is the point.

Chapters 3 and 4 perform the same introduction for cybersecurity and industrial control systems. I'll introduce risk, threats, vulnerabilities, and spend extra time on cryptography because it's directly relevant to how Bitcoin works. Chapter 4 introduces the industrial world, what makes these systems different from IT environments, and why they need their own approach to security.

Chapter 5 is where everything connects. I'll make the case for Bitcoin as critical infrastructure and map it to the same frameworks we use for power grids and pipelines. Chapter 5 is the chapter that justifies the rest of the book.

Part II, The Bitcoin Threat Landscape

Part II explores the threats facing Bitcoin, organized into three escalating layers: threats to you as an individual, threats to the Bitcoin network itself, and external threats from politics, infrastructure, and technology.

First, we'll cover individual or personal-level threats. These are analogous to personal cybersecurity, such as setting passwords, using a password manager, and enabling multi-factor authentication. We'll talk about the risks associated with Bitcoin exchanges, how to secure your Bitcoin private keys, how to avoid hacks, and how to protect your physical security. We'll pay special attention to maintaining your privacy throughout your security journey. Privacy in this book is a security control, not a political debate. How much you reveal about your holdings affects every other risk you face. The threats at this layer are almost all within your personal control, and most of the concrete actions are quick and inexpensive to implement while improving your security posture significantly.

Next, we'll dive into threats against the Bitcoin network. These include attacks on the mining process, techniques for isolating or deceiving individual nodes, transaction censorship, and the abuse of block space with non-financial data. We'll close this section with an examination of the centralization of development governance. If those categories sound unfamiliar, don't worry. I'll explain each one thoroughly. These are complex topics, but they're the ones that matter most to anyone holding or using Bitcoin. These chapters will show how hard it is to secure Bitcoin, while also highlighting that it's equally hard and expensive to attack in a meaningful way. Each chapter ends with actions you can take today to contribute to the security of the network as a whole. There is always something you can do.

Finally, we'll explore external threats that affect Bitcoin indirectly or otherwise hamper adoption. We'll cover political and regulatory threats first, including self-custody restrictions, expanded KYC requirements, and transaction blacklists. Bitcoin also depends on internet connectivity and electrical power, and we'll examine what happens when those fail. We'll close Part II with quantum computing, a decades-out threat we can prepare for today, and AI, a current threat that's already reshaping how attackers work. And, as before, there is always something you can do.

Conclusion and Appendices

The conclusion pulls everything together, laying out practical steps for individuals and the community alike. The appendices at the back include glossaries for both Bitcoin and cybersecurity terms, a section of recommended reading for those who want to go deeper, and links to additional resources on the book's website.

Intended Takeaways

I hope that you finish this book and take action. Use a hardware wallet. Run a node. Think about your threat model and your financial exposure. Understand why your actions matter and then decide for yourself what Bitcoin is worth to you.

If you're coming from the Bitcoin space, I hope that the introduction to cybersecurity principles gives you a better understanding of the threats that Bitcoin faces and a clearer sense of your own threat model. If you're coming from the tech or cybersecurity world, I hope that you come away with a clearer picture of what Bitcoin is, why its threat landscape is more nuanced than you might have assumed, and why its defenses are stronger than critics might suggest. If you've been on the fence about Bitcoin for technical or security reasons, I hope that this book helps you see both its resilience and its risks more clearly. No matter what, I hope that you come away thinking that Bitcoin is worth a serious look.

Vigilance is always needed. Bitcoin needs to be able to respond to credible threats, both at the network level and as individuals protecting our own coins. There's always a dragon lurking beyond the horizon, but there's also always something one person can do. If I've done my job, you'll understand why Bitcoin is worth defending and how you can play your part.

Here comes the dark one,
the dragon flying,
the gleaming serpent
from the Dark-Moon Mountains.
He bears on his wings
the bodies of the dead.
Níðhöggr flies over the field.
Now she sinks down.

Völuspá, Stanza 66

Bitcoin is critical infrastructure. That claim is the thesis of this book, and this chapter is where I make the case.

We've already covered Bitcoin's technological and monetary properties, and we've already built the cybersecurity and infrastructure vocabulary needed to analyze it properly. So now comes the harder question. Can a decentralized network with no central operator really count as critical infrastructure, and if so, what does defense look like in that kind of system? Let's walk through it.

Why Bitcoin Is Critical Infrastructure

Bitcoin's definition as critical infrastructure hinges on two points: its societal function and its system design.

Recall the definition that we covered in the previous chapter. Critical infrastructure means systems so vital that their incapacity or destruction would have a debilitating impact on economic security or public safety. No national government currently classifies Bitcoin as critical infrastructure in the formal sense. As of early 2026, though, some have begun treating it as a strategic asset, even if that treatment is still politically contingent. So the question isn't whether Bitcoin has already been formally recognized. The question is whether it already functions like critical infrastructure, and whether that function is growing.

For those who have already adopted Bitcoin, the answer is absolutely yes, and that community is larger than you might think. As of early 2026, estimates suggest that between 560 and 740 million people own cryptocurrency worldwide, with Bitcoin as the dominant asset. On-chain estimates suggest that roughly 100 to 150 million of them hold Bitcoin specifically. Those estimates vary widely, because cryptocurrency ownership is difficult to measure precisely, but they still indicate a user base in the hundreds of millions. Relatively few people live entirely on Bitcoin separate from legacy banking systems, a practice often called living on a Bitcoin standard. But for those who hold meaningful value in it, the system's availability and integrity already matter.

On the operational side, Bitcoin already looks like infrastructure. It functions as a payment and settlement system. Its mining operations are industrial in scale, embedded in the electrical grid, and increasingly integrated into demand response programs. Its network of nodes provides distributed verification without a central controller. All of this infrastructure exists today.

If Bitcoin does what it promises, individuals around the world will be able to control their own money, save for the future without inescapable dilution, and transact freely without third-party restrictions. I think that trajectory is already underway, and that defending the infrastructure that makes it possible is worth taking seriously even before formal recognition catches up.

The point of this book is not to relitigate Bitcoin's philosophical case. Whether you're fully convinced or still evaluating it, the question here is what follows if Bitcoin deserves to be treated with infrastructure-level seriousness. The answer is that serious systems attract serious attackers. Nation-states, ransomware crews, and insiders all go after high-value targets. That's why the same defensive logic used for the power grid becomes relevant here, too. So before moving into Part II, I want to spend a little more time on the similarities between Bitcoin and the industrial systems that we already know how to reason about.

Taking your Bitcoin off an exchange is the single best thing you can do for your security, but the moment you withdraw to your own wallet, something changes. The exchange is no longer responsible for your Bitcoin. You are. There's no customer support, no fraud department, no password reset. If something goes wrong, it's on you.

If that sounds intimidating, good. It means that you understand what's at stake. Most bitcoiners feel a jolt of anxiety the first time that they hold their own keys, and that's a good thing. The reaction tells you that you take self-custody seriously, and the anxiety fades as you build confidence in your setup.

Building that confidence is what this chapter is about. We'll revisit the tools that make self-custody work, from private keys to seed phrases to hardware wallets, then examine the specific threats that target them and the layered controls that you can put in place to defend against each one.

The Private Key

Before we explore how to defend the private key, let's revisit and dig a little deeper into what a private key actually is.

In practical terms, the private key is the cryptographic information that lets you sign Bitcoin transactions. If you hold that key, you can move the Bitcoin tied to it, and in Bitcoin, that's what ownership means. There's no separate deed, no title, and no account statement waiting somewhere else. The ability to sign is the ownership. If you can move the Bitcoin, it's yours. If you can't, it isn't. That ownership model is fundamentally different from anything that came before it, because there's no institution standing between you and your money, and no institution to fall back on if something goes wrong.

The cryptography that makes this ownership model possible is worth understanding, at least at a high level. Bitcoin uses elliptic curve cryptography, or ECC, specifically the secp256k1 curve. Compared with older systems like RSA, ECC offers similar security with much smaller keys, which matters when space is scarce. Secp256k1's parameters were generated openly, which makes the curve easier to inspect and easier to trust than standards whose parameter choices were less transparent, such as NIST P-256. For the purposes of this chapter, Bitcoin relies on well-studied cryptography with transparent origins that has held up under intense scrutiny.

The private key is a random number within the valid range defined by the secp256k1 curve. The random number must be random. Truly random. If it isn't, any Bitcoin secured with that private key is as good as gone. That risk isn't theoretical. In 2013, a flaw in Android's SecureRandom implementation caused multiple Bitcoin wallets to generate weak private keys, and users lost real funds before the issue was patched. From that random number, the public key and Bitcoin addresses are generated mathematically, and from there, you can receive Bitcoin.

You can even generate more private keys from that first private key, which is known as the master private key. Using Hierarchical Deterministic (HD) rules, you can generate as many so-called child keys as you want from the master key, and since the derivation method is deterministic, you'll always get the same keys every time. To use an analogy, the master key is like your keyring, and each address is a single key on that ring. Good wallets generate a fresh address for every transaction so that no single address appears twice on the blockchain, which makes it much harder to link your transactions together. We'll cover the privacy implications of address reuse in the next chapter, but for now, HD wallets make this rotation automatic. The result is that you need to protect the master private key more than anything else.

The chapter continues with seed phrases, hardware wallets, hot vs. cold storage, and multisig before turning to the threats. We pick the excerpt back up at the start of the threat section, with a full anatomy of how the first threat is written.

The Threat Landscape

Now, we're moving on to threats to your personal Bitcoin, specifically attacks against your private keys. Attackers want your private keys because they want your Bitcoin. Still, the methods vary more than you might expect, from compromised hardware and malicious software to social engineering, physical theft, and even your own mistakes. Let's explore how these threats work, and what stops them.

Threat: Supply-Chain Tampering

You've done the right thing. You bought a hardware wallet, and it'll arrive tomorrow, with next-day shipping. You even got a great deal, $30 less than the price on the manufacturer's website.

You load up your new hardware wallet. The setup was surprisingly quick and easy. It says it's ready to accept your funds. You send the Bitcoin you had been storing in a wallet on your phone. Your stack had been growing, and you were getting nervous about using a hot wallet instead of cold storage.

Nothing seems to happen. Your transaction was broadcast to the network and confirmed in a block, but it didn't arrive in your new wallet. What's going on? Did you just lose your funds?

Description	Likelihood	Impact
Compromised hardware wallet sends your seed phrase and private keys to an attacker	Low	Critical

In the scenario described above, you did, in fact, lose all your funds. A harsh, expensive lesson.

Scammers will try many ways to get access to your Bitcoin. Tampering with hardware wallets is a long shot but can have a big payoff. The scammer buys genuine hardware wallets and tampers with them, or sells convincing fakes pre-loaded with known keys. The tampered or cloned device is designed to either generate keys that the scammer already knows, or to exfiltrate keys through the host computer when the device is connected. The attacker then puts the wallet back in the original package and lists it as a third-party sale on Amazon, eBay, or similar. I rate the likelihood as Low because most people buy from the manufacturer or a verified reseller where the risk is near zero, though it climbs sharply for purchases from a random third-party listing on Amazon or eBay. The impact is Critical because the attacker controls the keys, so any Bitcoin that you send to the wallet is gone with no way to recover it.

This attack is another supply-chain attack, the same basic pattern that we saw in Chapter 4 and again in Chapter 6. The attacker doesn't hack you directly. They compromise something that you trust in your security stack, and you do the rest.