Published: Fri, August 11, 2017
Science | By Hubert Green

Scientists code malware into DNA that takes over computers that scan it

Scientists code malware into DNA that takes over computers that scan it

But one group of bio-hackers has demonstrated how DNA can carry a less expected threat-one created to infect not humans or animals but computers.

The malware was encoded into a gene and used to take over a computer that analyses DNA code.

Nonetheless, University of Washington researchers believe the mere prospect needs to be indulged if future DNA analysis software is to be requisitely equipped to guard against biotech hazards. "Instead, we view these results as a first step toward thinking about computer security in the DNA sequencing ecosystem", they said in a statement. Through trial and error, the team found a way to include executable code - similar to computer worms that occasionally wreak havoc on the internet - in synthetic DNA strands.

Copies of the DNA were ordered online.

To speed up the processing, the images are divided into thousands of chunks, and analyzed in parallel - all data comprising their attack had to fit into just a few hundred such bases, to increase the likelihood it would remain intact throughout the sequencer's parallel processing.

Accordingly, they made a quantum leap, devising a test straight out of the pages of science fiction films and novels, based on the notion DNA is essentially life's file system - a concept already being explored via tools such as CRISPR, which reads DNA strands and turns them into binary data. Synthetic biology is an important field - advancements will help us fight diseases and disorders - but as a research team from the University of Washington demonstrated in a study publicized Thursday, these advancements will also give hackers the chance to write destructive codes into synthetic DNA.

'We don't want to alarm people or make patients worry about genetic testing, which can yield incredibly valuable information, ' said study co-author Dr Luis Ceze.

In their experiments, the researchers stored malware in synthetic DNA and demonstrated how that code can compromise a computer analyzing the DNA after it has been run through a gene-sequencing machine. According to the researchers, numerous programs used to sequence and analyze DNA are incredible insecure, leaving them open to attacks. That shows, the researchers say, that a future hacker might be able to pull off the attack in a more realistic setting, particularly as more powerful gene sequencers start analyzing larger chunks of data that could better preserve an exploit's code.

"We have no evidence to believe that the security of DNA sequencing or DNA data in general is now under attack", researchers wrote.

"To be clear, there are lots of challenges involved", said co-author Lee Organick, a research scientist in the Molecular Information Systems Lab. In July, scientists successfully encoded a GIF of Eadweard Muybridge's pioneering galloping horse clip into the DNA of living cells.

In their paper that will be presented at the USENIX Security Symposium in Vancouver next week, the researchers explained how they were able to encode malware in a DNA sequence through a DNA processing program.

Output from a sequencing machine that includes the team's exploit, which is being sequenced with unrelated strands. They also warn there are many "easy" avenues to attack DNA sequencing hardware.

Anyone who creates an account at DNA research institutes could also submit sequencing files that could be malicious.

The team introduced the DNA into E. coli at a rate of one frame per day for five days.

Researchers at the University of Washington showed that it's possible to convert malicious software into data and store it in physical strands of synthetic DNA, the Wall Street Journal reports.

Like this: