Researchers Hijack a Computer Using DNA Malware

Malicious code written with nucleic acids could one day threaten sequencing facilities, the team warns.

By | August 11, 2017

© ISTOCK.COM/LAREMENKODNA could be used to hack into computers, according to researchers at the University of Washington. Published at the 2017 USENIX Security Symposium, the team’s paper describes a method to encode malware in DNA that, when sequenced and read by a computer, grants remote access to an outside user—albeit on a deliberately weakened system.

“We know that if an adversary has control over the data a computer is processing, it can potentially take over that computer,” study coauthor Tadayoshi Kohno tells Wired. “That means when you’re looking at the security of computational biology systems, you’re not only thinking about the network connectivity and the USB drive and the user at the keyboard but also the information stored in the DNA they’re sequencing.”

In the current study, the researchers wrote malware that would give an attacker remote access to an infected computer. They then translated this code into binary, and from there into a sequence of the bases A, C, T, and G, to be synthesized into DNA.

When a computer read the data after the DNA had been sequenced, the malware executed and granted the researchers full control. Using a similar approach, the authors note, an attacker could theoretically gain access to a computer system simply by submitting tissue samples contaminated with “malicious DNA” to a personalized genetic testing company or other sequencing facility.

For now, the authors acknowledge, DNA-based attacks on computers are a long way from being feasible. Yaniv Erlich, a computer scientist and geneticist at Columbia University who was not involved in the work, tells MIT Technology Review that “their exploit is basically unrealistic.” Several security features in the simplified operating system used in the study were disabled to give the malware a fighting chance, and the researchers added vulnerability to the bioinformatics program being targeted.

Even so, the authors warn that computational tools used for DNA analysis are currently poorly protected against this sort of threat, and could soon provide a vulnerable target for attacks. “We thus consider it critical—both as a research contribution and as a contribution to the broader community—to reflect upon a threat model for the nextgen sequencing pipeline,” the authors write in their paper. Though the field of sequencing is yet to be targeted, “we strongly encourage additional research before such adversarial pressure manifests.”

Add a Comment

Avatar of: You

You

Processing...
Processing...

Sign In with your LabX Media Group Passport to leave a comment

Not a member? Register Now!

LabX Media Group Passport Logo

Popular Now

  1. A Potential Remedy for the Aging Brain
    The Scientist A Potential Remedy for the Aging Brain

    In mice, injected fragments of a naturally occurring protein boost memory in young and old animals and improve cognition and mobility in a model of neurodegenerative disease. 

  2. The Sleeping Brain Can Learn
    Daily News The Sleeping Brain Can Learn

    Humans can remember new sensory information presented during REM sleep, but this ability is suppressed during deep, slow-wave slumber.

  3. USDA Emails: Don’t Use “Climate Change”
  4. Nature Index Identifies Top Contributors to Innovation
AAAS