Hacking

Exploring malware to bypass DNA screening and lead to ‘biohacking’ attacks

Boffins from the Ben-Gurion University of the Negev described a new cyberattack on DNA scientists that could open to biological warfare.

A team of researchers from the Ben-Gurion University of the Negev described a new cyberattack on DNA scientists that could open to biological warfare.

Scientists play a crucial role in modern society, especially during the COVID-19 pandemic.

A research paper titled “Cyberbiosecurity: Remote DNA Injection Threat in Synthetic Biology” published in the academic journal Nature Biotechnology documented how to use malware to compromise a biologist’s computer to replace sub-strings in DNA sequencing.

Threat actors could exploit bugs in the Screening Framework Guidance for Providers of Synthetic Double-Stranded DNA and Harmonized Screening Protocol v2.0 systems to circumvent protocols.

The experts explained that every time a DNA order is made by biologists to synthetic gene providers, the US Department of Health and Human Services (HHS) guidance requires the adoption of screening protocols to scan for potentially harmful DeoxyriboNucleic Acid.

The researchers used a malicious code to circumvent these protocols through obfuscation. The tests demonstrated that 16 out of 50 obfuscated DNA samples were able to bypass the DeoxyriboNucleic Acid screening. 

“Eve is a cyber-criminal targeting Alice. Eve can easily infect Alice’s vulnerable computers with malware. Eve replaces all or part of Alice’s order with a malicious sequence (Fig. 1). Eve employs DNA obfuscation — inspired by cyber-hacking malicious code obfuscation — to camouflage fragments of the pathogenic DNA in the hijacked order.” reads the research paper. “Bob will not detect the malicious DeoxyriboNucleic Acid; with obfuscation, best-match-based screening procedures will return legitimate matches for any 200 bp subsequence. Eve’s sequences can contain all of the necessary constituents to subsequently deobfuscate themselves in vivo via CRISPR–Cas9-mediated deletion and homology-directed repair.”

The researchers also explained that threat actors could carry out man-in-the-browser attacks against software used to design and manage synthetic DNA projects to inject arbitrary DNA strings into genetic orders.

The researchers explained that malware could manipulate the residue Cas9 protein transforming this sequence into pathogens.

“If Alice or her clients insert the plasmid containing the obfuscated agent into Cas9-expressing cells, the DeoxyriboNucleic Acid, deobfuscated by CRISPR–Cas9, will allow the expression of the gene encoding a noxious agent. This threat is real” continues the paper.

“To regulate both intentional and unintentional generation of dangerous substances, most synthetic gene providers screen DNA orders which is currently the most effective line of defense against such attacks,” states Rami Puzis, head of the BGU Complex Networks Analysis Lab. “Unfortunately, the screening guidelines have not been adapted to reflect recent developments in synthetic biology and cyberwarfare.”

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, malware)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Meta plans to train AI on EU user data from May 27 without consent

Meta plans to train AI on EU user data from May 27 without consent; privacy…

3 hours ago

AI in the Cloud: The Rising Tide of Security and Privacy Risks

Over half of firms adopted AI in 2024, but cloud tools like Azure OpenAI raise…

5 hours ago

Google fixed a Chrome vulnerability that could lead to full account takeover

Google released emergency security updates to fix a Chrome vulnerability that could lead to full…

6 hours ago

Nova Scotia Power discloses data breach after March security incident

Nova Scotia Power confirmed a data breach involving the theft of sensitive customer data after…

16 hours ago

Coinbase disclosed a data breach after an extortion attempt

Coinbase confirmed rogue contractors stole customer data and demanded a $20M ransom in a breach…

19 hours ago

U.S. CISA adds a Fortinet flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Fortinet vulnerability to its Known Exploited Vulnerabilities…

1 day ago