Security researchers have managed to infect a computer with malware embedded in a strand of human DNA.
The news sounds like a science-fiction writer's dream, but when biologists want to handle large amounts of DNA samples, they need to digitise them and process them on their computers. But the software that they use to process these samples is usually open-source, and often doesn't follow security best practices.
So if, by some arcane magic, a DNA sample that needs to be digitised, carries a malicious code, would it be able to infect a computer? The answer is a definitive yes.
"We analyzed open-source bioinformatics tools that are commonly used by researchers to analyze DNA data," the team explained in a research blog. "Many of these are written in languages like C and C++ that are known to contain security vulnerabilities unless programs are carefully written."
Once the malware-infected synthetic DNA strand was sequenced, the machine got infeced and essentially granted unlimited access of the system to the hacker.
Researchers said that no such attack was ever recorded in the wild and that DNA sequencing is not under an attack. The goal of the research was to create awareness of a possible security flaw.
"We again stress that there is no cause for people to be alarmed today," the team added, "But we also encourage the DNA sequencing community to proactively address computer security risks before any adversaries manifest. That said, it is time to improve the state of DNA security."
Photo Credit: andriano.cz/Shutterstock