“We know that if an adversary has control over the data a computer is processing, it can potentially take over that computer,” study coauthor Tadayoshi Kohno tells Wired. “That means when you’re looking at the security of computational biology systems, you’re not only thinking about the network connectivity and the USB drive and the user at the keyboard but also the information stored in the DNA they’re sequencing.”
In the current study, the researchers wrote malware that would give an attacker remote access to an infected computer. They then translated this code into binary, and from there into a sequence of the bases A, C, T, and G, to be synthesized into DNA.
When a computer read the data after the DNA had been sequenced, the malware executed and granted the researchers full control. Using a similar approach, the authors note, an attacker could theoretically gain access to a computer system simply by submitting tissue samples contaminated with “malicious DNA” to a personalized genetic testing company or other sequencing facility.
For now, the authors acknowledge, DNA-based attacks on computers are a long way from being feasible. Yaniv Erlich, a computer scientist and geneticist at Columbia University who was not involved in the work, tells MIT Technology Review that “their exploit is basically unrealistic.” Several security features in the simplified operating system used in the study were disabled to give the malware a fighting chance, and the researchers added vulnerability to the bioinformatics program being targeted.
Even so, the authors warn that computational tools used for DNA analysis are currently poorly protected against this sort of threat, and could soon provide a vulnerable target for attacks. “We thus consider it critical—both as a research contribution and as a contribution to the broader community—to reflect upon a threat model for the nextgen sequencing pipeline,” the authors write in their paper. Though the field of sequencing is yet to be targeted, “we strongly encourage additional research before such adversarial pressure manifests.”