Malware can trick biologists into generating dangerous toxins in their labs

Researchers from Ben-Gurion University of the Negev have discovered an end-to-end cyberbiological attack, in which unwitting biologists can be tricked into generating dangerous toxins in their laboratories.

Malware could replace physical contact

According to one newspaper, it is currently believed that a criminal must have physical contact with a dangerous substance to produce and deliver it. However, the malware could easily substitute a short DNA substring on a bioengineer’s computer so that they inadvertently create a sequence that produces toxins.

“To regulate the intentional and unintentional generation of hazardous substances, most suppliers of synthetic genes screen the orders of the DNA which is currently the most effective line of defense against such attacks,” says Rami Puzis, head of BGU Complex Networks Analysis. Lab, a member of the Department of Software and Information Systems Engineering and Cyber ​​@ BGU. California was the first state in 2020 to introduce legislation to regulate the purchase of genes.

“However, outside the state, bioterrorists can buy dangerous DNA from companies that don’t control orders,” Puzis says. “Unfortunately, the screening guidelines have not been adapted to reflect recent developments in synthetic biology and cyber warfare.”

A weakness in the U.S. Department of Health and Human Services (HHS) guidelines for DNA providers allows it to bypass screening protocols using a generic obfuscation procedure that makes it difficult for screening software to detect the toxin it produces. DNA.

“Using this technique, our experiments revealed that 16 of the 50 obfuscated DNA samples were not detected when they were screened according to the HHS ‘best-match’ guidelines,” says Puzis.

The synthetic DNA supply chain needs to be strengthened

The researchers also found that the accessibility and automation of the synthetic genetic engineering workflow, combined with insufficient cyber security controls, allow the malware to interfere with biological processes within the victim’s laboratory, closing the cycle with the possibility of an exploit written in a DNA molecule.

The DNA injection attack demonstrates a significant new threat of malicious code that alters biological processes. While there are simpler attacks that can damage biological experiments, we chose to demonstrate a scenario that uses multiple weaknesses at three levels of the bioengineering workflow: software, biosafety screening, and biological protocols. This scenario highlights the opportunities to apply cybersecurity know-how in new contexts such as biosecurity and gene coding.

“This attack scenario underscores the need to strengthen the synthetic DNA supply chain with protections against cyberbiological threats,” says Puzis.

“To address these threats, we propose an improved screening algorithm that takes into account in vivo gene editing. We hope this paper will set the stage for robust, adversarial DNA sequence screening and cybersecurity-enhanced synthetic gene production services when biosecurity screening is enforced by local regulations around the world.