A group of cyber researchers discovered that an “end-to-end” cyber-biological attack can trick scientists into unintentionally creating dangerous viruses in their laboratories.

Cyber security is an increasingly major issue and has become everyone’s problem. While tech teams may be ahead of the game in terms of understanding the risks, nobody had really thought of the situation where hackers can dupe DNA scientists into creating deadly viruses. Recently, a team of researchers poses a frankly wild-sounding question: Could a computer hack result in scientists being tricked into creating a piece of genetic code that’s harmful, or potentially toxic – rather than being helpful?

The answer to the above question probably seems ‘yes’ to a team of Israeli researchers. A group of cyber researchers from the Israel-based Ben-Gurion University of the Negev, in a paper published in the journal Nature Biotechnology, said that as DNA synthesis becomes more widespread, concerns regarding cyberattack intervening with synthetic DNA orders could lead to the synthesis of nucleic acids encoding parts of pathogenic organisms or harmful proteins and toxins.

DNA molecule spiral structure

A group of cyber researchers has discovered that an “end-to-end” cyber-biological attack can trick scientists into unintentionally creating dangerous toxins or viruses in their laboratories. More often it is believed that a criminal need to have physical contact with a dangerous substance to produce and deliver it. But this is not the case in this situation, it is the malware here that could easily replace a short sub-string in the DNA structure on a bioengineer’s computer so that they can unintentionally produce a toxin.

Security flaw could trick scientists:

Medical professionals or bio-scientists use synthetic DNA for a variety of reasons, including the development of immunogens for creating vaccines. This synthesis of DNA helps scientists to design and fabricate biological components and systems that do not already exist in the natural world. 

The Israeli researchers recently developed and tested an end-to-end attack that changes data on a bioengineer’s computer in order to replace short DNA sub-strings with malicious code. Traditionally, it was believed that physical access to the laboratory is necessary, but the situation is totally different. If today, terrorists wanted to spread a virus or toxin, they could simply do it by hijacking a reputable lab with the help of malware.

According to the recent study, the researchers claim that a simple trojan horse and a bit of hidden code could turn medicine into malice. The researchers also described a scenario wherein a Trojan horse is used to infect a researcher’s computer. When the researcher is ready to order synthetic DNA, the malware jumbles the DNA order and obfuscate DNA sub-strings that are harmful and toxic.

Researchers found bioterrorists can infect biologist’s computer with malware that replaces a short sub-string of the DNA in the code with a new sequence

The most dangerous part of this situation is that the researchers remain clueless about the fact that the DNA structure has been changed by the hackers or bioterrorists in order to create a deadly virus that is highly harmful to the society.

The threat is real:

The threat is obviously very real but is highly dangerous at the same time. With all the advancements in technology, our Artificial Intelligence (AI) is not advanced enough yet to detect these kinds of attacks.

It is important to note that DNA replication services synthesize DNA in numbers thus making it impossible for humans to check each sequence. Therefore, we mostly rely on automation and AI to make sure that everything is in place, but when anomalies show up the machines turn to humans to make a call. In this case, humans likely wouldn’t be able to see through the problems and most of the time remains unaware of the malice in the system.

At a time where scientists worldwide are pushing ahead with the development of potential vaccines to combat the COVID-19 pandemic, these researchers believe that scientists could be duped into producing toxins or synthetic viruses on their behalf through targeted cyberattacks. 

The probable cyberwarfare:

In the recent study, researchers reveal, how malware is used to infiltrate a biologist’s computer and replace sub-strings in DNA sequencing. The researchers found that accessibility to the synthetic gene engineering workflow, with insufficient cyber security controls, can allow malware to interfere with biological processes within the bio scientist’s lab, making it possible to exploit the DNA molecule.

Researchers said that this DNA injection attack with the help of a malicious code can alter biological processes that could harm the society. Cyber dangers are now spilling over to the physical space, blurring the separation between the digital world and the real world, especially with increasing levels of automation in the biological lab and therefore, best practices and standards must be used into operational biological protocols to combat these threats.