Home > Security & Privacy
In the future, hackers could use malware stored in DNA to infect computers
August 13th, 2017 | 14:33 PM | 1592 views
Researchers from the University of Washington have figured out a way to take over a computer by encoding malicious software into physical strands of DNA.
In its most basic form, the DNA is a way of storing information, and its strands are made from four building blocks — A, C, G, and T.
But these letters can also be used to store information that can be analyzed by a computer — and that's exactly what the Washington team did.
SEE ALSO: Researchers edited the DNA of viable human embryos in U.S. for the first time, but don't freak out yet
In a paper that will be presented at a security symposium in Vancouver, Canada, on August 17, researchers explained how they stored malware in synthetic DNA, then gained control of the computer by targeting security loopholes in the DNA analysis software.
By encoding the DNA to translate into malicious code, the team found that the sequencing program could be hacked to allow remote access to the computer. When the program analyzes DNA, it reads it like code — allowing the biohacker to take advantage of the security loopholes and take over the computer.
While it sounds worrying, researchers stressed there is no cause for alarm about present-day threats.
"We have no evidence to believe that the security of DNA sequencing or DNA data in general is currently under attack. Instead, we view these results as a first step toward thinking about computer security in the DNA sequencing ecosystem," they said in a statement.
A growing threat
Threats from DNA strands being sequenced and used as a vector for computer attacks have not been under consideration up until now, researchers argue.
But as sequencing becomes cheaper, simper and more popular, these attacks could pose a growing problem in the future, if unaddressed.
DNA sequencing costs have dropped significantly since 2008, thanks to advances in next-generation sequencing (NGS) technologies. For example, in 2009 you had to pay around $100,000 to sequence your human genome. In 2014, it was just $1,000.
Hacking gene sequencers could prove devastating for forensics, for example, changing the course of an investigation by modifying genetic data. Other fields where attackers could strike are medicine and agriculture, intellectual property, and even personal genetic data.
However, researchers point out hackers still have a long way to go before they'd be able to create the code to be turned into DNA strands — which wasn't easy at all.
The team made things easier by introducing a vulnerability into the softwares, written in C and C++ languages, that are commonly used to sequence DNA data.
Then, the malware targeted the vulnerability itself.
But researchers stress that vulnerability is pretty common in those softwares, which did not follow computer security best practices.
Additional reporting by Tony Lee.
courtesy of MASHABLE
by GIANLUCA MEZZOFIORE
If you have any stories or news that you would like to share with the global online community, please feel free to share it with us by contacting us directly at [email protected]