Bioterrorists trick scientists into creating deadly viruses by infecting lab computers with malware

Cybersecurity researchers have discovered an online attack that tricks scientists into creating toxic chemicals or deadly viruses in their labs.

A team from Ben-Gurion University of the Negev has found that bioterrorists can infect an “unwitting” biologist’s computer with malware and easily replace a short DNA substring in the code with a new sequence.

The United States Department of Health and Human Services (HHS) has protocols for screening DNA orders from synthetic gene suppliers that scan for potentially harmful DNA.

However, the team was able to circumvent the guidelines through obfuscation and found that 16 of the 50 obfuscated DNA samples were not detected when they were screened according to the HHS “best-match” guidelines.

Rami Puzis, head of the complex network analysis laboratory at Ben-Gurion University (BGU), said: “ To regulate the intentional and unintentional generation of hazardous substances, most suppliers of synthetic genes screen orders from the DNA, which is currently the most effective line of defense against such attacks. ‘

The researchers also found that the accessibility and automation of the synthetic genetic engineering workflow, combined with insufficient cyber security controls, allow the malware to interfere with biological processes within the victim’s laboratory, closing the cycle with the possibility of an exploit written in a DNA molecule.

The team described the attack in their study published in Nature using a scenario from Alice, Bob and Eva.

Alice is a scientist who works in an academic institution and orders Bob the synthetic DNA, in which Eve, the attacker, replaces part of the ordered sequences with a harmful sequence.

Eve also attacks Alice’s computer with malware that replaces part of Alice’s sequence and camouflages fragments of the pathogenic DNA in the hijacked order.

Alice unintentionally uses the malicious DNA along with other sequences, including Cas9.

During cellular transformation, Cas9 proteins are combined with gRNA from the damaging sequence to form CRISPR complexes that create multiple double-stranded breaks, resulting in a damaging agent.

‘This threat is real. We conducted a proof of concept: an obfuscated DNA encoding a toxic peptide was not detected by the software implementing the screening guidelines, “the published study reads.

“The DNA injection attack demonstrates a significant new threat of malicious code that alters biological processes.”

The researchers also found that the accessibility and automation of the synthetic genetic engineering workflow, combined with insufficient cybersecurity controls, allow the malware to interfere with biological processes within the victim’s laboratory, closing the cycle with the possibility of an exploit written in a DNA molecule.

“This attack scenario underscores the need to strengthen the synthetic DNA supply chain with protections against cyber-biological threats,” says Puzis.

“To address these threats, we propose an improved screening algorithm that takes into account in vivo genetic modification.

“We hope this paper will set the stage for robust, adversarial DNA sequence screening and cybersecurity-enhanced synthetic gene production services, when biosecurity screening is enforced by local regulations around the world.” .