Bioterrorists trick scientists into making deadly viruses by infecting lab computers with malware



Bioterrorists can trick scientists into making dangerous toxins or viruses by infecting lab computers with malware that alter the synthetic DNA they produce for experiments

  • New cyber attack prompts scientists to manufacture toxic chemicals or viruses
  • Hackers can infect computers with malware to alter DNA sequences
  • They can bypass defined protocols to analyze DNA for malicious sequences
  • Hackers can also hide their threats on scientist’s computers

Cyber ​​security researchers have discovered an online attack that tricks scientists into creating toxic chemicals or deadly viruses in their own labs.

A team from Ben-Gurion University in the Negev has found that bioterrorists can infect a biologist’s computer “ unintentionally ” with malware and easily replace a short DNA substring in the code with a new sequence.

The US Department of Health and Human Services (HHS) has protocols for screening DNA orders from suppliers of synthetic genes who are looking for potentially dangerous DNA.

However, the team was able to bypass the guidelines by obfuscation and found that 16 of 50 obfuscated DNA samples were not detected when screening according to HHS best-match guidelines.

Researchers have found that bioterrorists can infect a biologist's computer 'unintentionally' with malware that replaces a short DNA substring in code with a new sequence

Researchers have found that bioterrorists can infect a biologist’s computer ‘unintentionally’ with malware that replaces a short DNA substring in code with a new sequence

Rami Puzis, director of the Complex Networks Analysis Laboratory at Ben-Gurion University (BGU), said: “ To regulate the intentional and unintentional generation of hazardous substances, most synthetic gene suppliers are looking at orders DNA, which is currently the most effective line of defense against these attacks.

The researchers also found that the accessibility and automation of the synthetic genetic engineering workflow, combined with insufficient cybersecurity controls, allowed malware to interfere with biological processes within the victim’s lab, shutting down the loop with the possibility of an exploit written in a DNA molecule.

The team described the attack in their study published in Nature using a script from Alice, Bob and Eva.

Alice is a scientist working at an academic institution and orders synthetic DNA from Bob, in which Eve, attacking him, replaces part of the ordered sequences with a malicious sequence.

The team described the attack in their study published in Nature using a script from Alice, Bob and Eva.  Alice is a scientist working at an academic institution and orders synthetic DNA from Bob, in which Eve, attacking him, replaces some of the ordered sequences with obscured agents and selected sequences for his future disobfuscation.

The team described the attack in their study published in Nature using a script from Alice, Bob and Eva. Alice is a scientist working at an academic institution and orders synthetic DNA from Bob, in which Eve, attacking him, replaces some of the ordered sequences with obscured agents and selected sequences for his future disobfuscation.

Eve also attacks Alice’s computer with malware that replaces part of Alice’s sequence and camouflages fragments of the pathogenic DNA in the backdoor order.

Alice unintentionally uses the malicious DNA along with other sequences, including Cas9.

During cell transformation, Cas9 proteins are combined with the gRNA of the malicious sequence to form CRISPR complexes that create multiple double-stranded breaks – resulting in a harmful agent.

“This threat is real. We conducted a proof of concept: an obscured DNA encoding a toxic peptide was not detected by software implementing the screening guidelines, ”reads the published study.

“The DNA injection attack demonstrates a significant new threat of malicious code altering biological processes.

Alice unintentionally uses the malicious DNA along with other sequences, including Cas9.  During cell transformation, Cas9 proteins are combined with the gRNA of the malicious sequence to form CRISPR complexes that create multiple double-stranded breaks - resulting in a harmful agent

Alice unintentionally uses the malicious DNA along with other sequences, including Cas9. During cell transformation, Cas9 proteins are combined with the gRNA of the malicious sequence to form CRISPR complexes that create multiple double-stranded breaks – resulting in a harmful agent

The researchers also found that the accessibility and automation of the synthetic genetic engineering workflow, combined with insufficient cybersecurity controls, allowed malware to interfere with biological processes within the victim’s lab, shutting down the loop with the possibility of an exploit written in a DNA molecule.

“This attack scenario highlights the need to strengthen the synthetic DNA supply chain with protections against cyber-biological threats,” says Puzis.

“To address these threats, we propose an improved screening algorithm that takes into account gene editing in vivo.

“We hope this article will pave the way for robust and adversary resistant DNA sequence screening services and synthetic gene production services enhanced by cybersecurity when biosafety screening is mandated by regulations. local around the world.


Source link