Apocalypse Now: experts presented a new type of cyber-biological attack

A new type of cyber-biological attack

On Monday, November 30, specialists from the Ben-Gurion University of Negev (Israel) presented a new type of cyber-biological attack that can bring biological warfare to a new level.

The attack, presented by the researchers, allows biotechnologists working with DNA to inadvertently create dangerous viruses and toxins.

While all the world is busy developing vaccines against the coronavirus, attackers do not need to be near them to interact with dangerous substances and viruses. They can create toxins or synthetic viruses at the hands of unsuspecting scientists through targeted cyberattacks.say scientists from the Negev desert.

The researchers described how an attacker can spoof DNA sequencing chains using malware on a biotechnologist’s computer. In particular, vulnerabilities in the Screening Guidelines for Suppliers of Synthetic Double-stranded DNA and Harmonized Screening Protocol 2.0 allow “to bypass the protocols using a common obfuscation procedure.”

According to the US Department of Health and Human Services, specific screening protocols must be followed to identify potentially harmful DNA when sequencing genes during DNA sequencing. However, the researchers were able to bypass these protocols by using obfuscation, as a result of which 16 out of 50 obfuscated DNA samples were not detected using “DNA screening for best match.”

Suspicious sequences require human inspection to verify safety and legality. However, observing people is costly and time consuming. And without extensive penetration testing of screening systems, some pathogenic sequences leak through inspection gaps.scientists write.

The software used to develop and manage synthetic DNA projects is also vulnerable to man-in-the-browser attacks. With these attacks, attackers can inject arbitrary strands of DNA into gene sequences – what researchers have called an “end-to-end cyber attack.”

To demonstrate the possibility of their attack, the researchers cited a Cas9 protein residue, using malware to convert this sequence into active pathogens.

A new type of cyber-biological attack
Scheme of attack

According to the scientists, using the CRISPR protocols, the Cas9 protein can be used to “deobfuscate harmful DNA in host cells.” For the unsuspecting scientist processing the sequence, this could mean the accidental creation of hazardous substances, including synthetic viruses or toxins.

As I mentioned, cybercriminals attacked UCSF, the US leading COVID-19 vaccine developer.

By Vladimir Krasnogolovy

Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.

Leave a comment

Your email address will not be published. Required fields are marked *