The team of scientists at the University of Washington, concerned that the security infrastructure around the decryption and analysis of DNA is simply not there, found an elementary vulnerability in the open source software used in laboratories around the world. Given the nature of the data that is usually processed in such laboratories, this can be a serious problem in the future.
The human file system
According to research, DNA can be called a “file system” of any living organism. Various analysis programs used by scientists around the world disassemble DNA strands into components (cytosine, thymine, etc., A, T, G and C) and convert them into binary data.
Existing decryption applications read raw data arriving after analysis, and sort them, look for patterns and convert the basic sequences that are found in binary code. Decrypted data opens the way for an attack, for example, related to “buffer overflow” – when programs execute arbitrary code that goes beyond the expected parameters.
Laboratories under threat
The point is that the computer that conducts the analysis can get some biological code that will lead to its hangup and corruption. Ironically, it is not entirely true to call this code a virus, although it is closer to the “real” virus than, perhaps, any malicious code ever written.
Is it possible to deliver such a virus with a blood sample or even directly from a human body? The scientists did it. The modified biological sample really managed to be used as a malicious sample for laboratory equipment. But many of these computers are connected to public cloud services.
The scientists of the group study methods and unusual directions for deliberate virus attacks: for example, on implanted electronics, in particular, pacemakers. As the biological and electronic worlds converge, threats emerge that people have never encountered before. The darkest predictions are due to the fact that people with any implanted electronics will become extremely vulnerable to biohackers. Even lethal outcome is possible.
Especially for Hi-Tech Mail.Ru research commented Evgeny Chereshnev, president of Sons of Digital Anarchy and owner of biochip.
“All research in the field of DNA is conducted on high-precision computer equipment, that is, a person manually does nothing and does not work with the DNA code. Where there is a programmable process, there is software that answers for it. Here it just can be modified. What really can happen – if hackers are interested in biological laboratories, especially with combinatorial DNA research, they can (in theory) influence the program code of the systems that control this process to obtain the desired result. It may be damage to the research or modification of DNA. They can “harm” or create a new DNA remotely. “