Protect the DNA synthesizer from hackers
Bioterrorism may cause new epidemics
Cybersecurity researchers from Ben-Gurion University in the Negev recently discovered a cyberattack method that could allow hackers to remotely mislead laboratory researchers and start the production of dangerous toxins and viruses. At the same time, the laboratory software responsible for checking the composition of the manufactured drug may not notice the changes made.
Israeli cybersecurity experts from Ben-Gurion University have found and tested a method that can allow hackers to gain remote access to bioengineers' computers in research laboratories in order to make malicious changes to software. During a cyberattack, hackers can remotely replace fragments of synthetic DNA with malicious code.
Article by Puzis et al. Increased cyber-biosecurity for DNA synthesis is published in the journal Nature Biotechnology – VM.
Synthetic DNA is usually created from chemical components using a computer program and used for various purposes. For example, to develop vaccines, medicines or other medical products. The inclusion of malicious software code can help hackers inject a virus into the medicine.
If earlier terrorists needed to physically enter the laboratory to spread a virus or toxin and hide them inside a vaccine or other medical drug, now everything has changed, now attackers can pull off such an operation much easier and faster.
With the help of a malicious Trojan program, hackers can remotely change the DNA code contained in the drug, and the laboratory that produces the drug does not even know that a dangerous pathogen is now in their product.
"A cyberattack that changes the order of synthetic DNA can lead to the synthesis of pathogens, dangerous proteins or toxins. This is indeed a real threat. We conducted an experiment and proved that the DNA we changed, containing a dangerous fragment, was not detected by the laboratory software. Accordingly, the dangerous drug was sent to production," the researchers report.
As part of the experiment, Israeli cyberspecialists managed to cheat the security system of laboratories 16 times out of 50. This means that there is a non-illusory potential threat that may contribute to the development of bioterrorism.
In order for such an attack to succeed, it is necessary to perform two actions. First, the attacker must infect the scientist's computer with a malicious program, which, in turn, will connect to the laboratory software and change the order of DNA synthesis. This malware works on the same principle as Trojans that are embedded in banking programs and modify the data of money transfers in order to send money to another recipient.
Then the modified DNA must be checked by the supplier, and if no changes were found in it, then the attack succeeded.
In the context of the COVID-19 pandemic, many pharmaceutical companies and laboratories engaged in vaccine development are subject to cyber attacks. For example, a group of hackers, suspected by experts from North Korea, has been trying to hack the computer systems of the British-Swedish company AstraZeneca in recent weeks, which is developing a coronavirus vaccine in cooperation with Oxford University.
Portal "Eternal youth" http://vechnayamolodost.ru