Researchers Successfully Hack a Computer Using DNA They Bought Online

August 12, 2017

In a world first, scientists have used a strand of DNA to hack a computer. The malware was encoded into a gene and then used to take over a computer that analyzes DNA. The successful hack serves as a warning that one day, cyber criminals could use similar techniques to steal blood samples from forensic labs or researchers.

The world’s first DNA-based malware was created by researchers at the University of Washington in Seattle. Co-Author of the paper, Dr. Luis Ceze says, “We don’t want to alarm people or make patients worry about genetic testing, which can yield incredibly valuable information.” He adds, “We do want to give people a heads up that as these molecular and electronic worlds get closer together, there are potential interactions that we haven’t really had to contemplate before.”

The world’s first DNA-based malware

The researchers undertook the experimental process by encoding malicious software into a small stretch of DNA. They then encoded this physical piece of DNA with malicious software. When the piece of DNA was put into a gene sequencer, the resulting data becomes a program that can corrupt the gene sequencing software and take over the computer running it.

The technique currently doesn’t have any useful applications, but as DNA sequencing becomes more common and more powerful this type of attacks could become a more realistic threat.  

The piece of DNA used in the experiment was purchased online. As sequencing becomes a more common occurrence, run by large central processing services, unvetted DNA may pose a threat to lab security. 

The experiment took advantage of a well known ‘hack’ or ‘exploit’ that works when data that exceeds a storage buffer can be interpreted as a computer command. For this controlled attack, the command contacted a designated server from which they took control of the computer in their lab they were using to analyze the DNA file.  

The carefully constructed attack requires precise manipulation of the software into the DNA. Initial attempts at the encoding proved difficult to enable the data to remain intact through the aggressive sequencing process.   

[Image Source: Pixabay]

In doing the experiment the scientists admitted, they created the “best possible” chances of success. Security features on the targeted computer were turned off and a small addition of vulnerability was added too. “Their exploit is basically unrealistic,” says Yaniv Erlich, a geneticist, and programmer who is also the chief scientific officer of MyHeritage.com.

While using this method as part of a computer hack is unlikely in the near future, there is more and more development of using DNA for handing computer information. Last month we saw a GIF be encoded into a DNA sample by Harvard researchers.  Data stored in DNA can be preserved for hundreds of years, due to DNA’s ability to maintain its structure for longer than any other type of memory we currently use. The bottom line being if there is information stored somewhere, hackers will find a way to get to it.  

Sources: MIT Technology Review, University of Washington

SEE ALSO: Rosalind Franklin: The Unsung Hero Behind the Discovery of DNA’s Structure