- Grammy winner Kacey Musgraves spoiled ‘RuPaul’s Drag Race All Stars 4’ 2 Years Ago
- Conservatives feel vindicated by new developments in Jussie Smollett case Today 12:19 PM
- Don Cheadle made important fashion choices on ‘SNL’ Today 9:47 AM
- Why the Twitter left loves to dunk on Max Boot Today 6:30 AM
- How to watch ‘Last Week Tonight with John Oliver’ online for free Today 6:30 AM
- How to stream Francis Ngannou vs. Cain Velasquez for free Today 6:00 AM
- How to stream the 2019 Daytona 500 for free Today 5:50 AM
- 7-year-old YouTuber to get his own show on Nickelodeon Saturday 5:30 PM
- ‘Hipster’ jobs are trending, and Indeed says the market is booming Saturday 3:33 PM
- Trump meme removed after copyright complaint Saturday 2:15 PM
- Facebook pushes back against moderators complaining about ‘Big Brother’ environment Saturday 12:46 PM
- Twitter hid post from an account linked to Iran’s Supreme Leader Saturday 10:17 AM
- How to stream Leo Santa Cruz vs. Rafael Rivera for free Saturday 8:00 AM
- ‘Larry Charles’ Dangerous World of Comedy’ finds the balance between tragedy and comedy Saturday 7:30 AM
- How to stream Michael ‘Venom’ Page vs. Paul Daley for free Saturday 7:00 AM
Photo via vchal/Shutterstock (Licensed)
It’s said to be the first DNA exploit used on a computer.
Remember a few month ago when we were all laughing at Harvard scientists for putting a GIF inside a strand of DNA? Now that bridge between technology and the substance that makes up every living organism has taken a much darker turn.
Researchers at the University of Washington took control of a machine using a malicious strand of DNA in what is being considered the first “DNA-based exploit of a computer system.” Malicious software was encoded into short strands of DNA that scientists purchased online. When analyzed, the infected DNA corrupted gene-sequencing software, allowing researchers to take “full control” of the underlying system.
Researchers believe the remarkable feat could one day become practical for illegal hacking as DNA sequencing becomes more popular and powerful. They warn that criminals could use blood or saliva samples to gain access to places they know will sequence them, like university computers, police forensics labs, or genetics laboratories. This could potentially give hackers access to sensitive information and enough control to tamper with DNA evidence.
“There are a lot of interesting—or threatening may be a better word—applications of this coming in the future,” Peter Ney, a researcher on the project, told Wired.
The malware was encoded into DNA using a buffer overflow, a cybersecurity anomaly that occurs when a command overwhelms an allocated block of memory and overflows onto adjacent memory, causing the execution of malicious code. All the data the researchers used for their virus needed to fit in just 176 DNA code units—the bases A, T, G, and C—so the strands would stay intact.
The synthetic strand went after the buffer overflow scientists intentionally put inside FASTQ, a program used to sequence DNA. The result of their work is a hack that can break out of the FASTQ program and into other blocks of memory contained within a computer running the DNA sequencing.
“We know that if an adversary has control over the data a computer is processing, it can potentially take over that computer,” Tadayoshi Kohno, University of Washington computer science professor, told Wired. “That means when you’re looking at the security of computational biology systems, you’re not only thinking about the network connectivity and the USB drive and the user at the keyboard but also the information stored in the DNA they’re sequencing. It’s about considering a different class of threat.”
As terrifying as this may sound, there is very little risk of your computer being hacked by DNA anytime soon. The researchers admit they rigged the experiment in their favor, disabling critical computer security systems and inserting their own flaw to allow the buffer overflow.
“This is interesting research about potential long-term risks. We agree with the premise of the study that this does not pose an imminent threat and is not a typical cyber security capability,” Jason Callahan, the chief information security officer at gene-sequencing equipment manufacturer Illumina, told Wired.
The DNA hack will be shown at the Usenix Security Symposium in Vancouver later this month. You can find the full research paper on the University of Washington website.
Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.