New cyber-biological attack can deceive scientists into producing toxic substances
We have come across cyber crimes and biological attack. How about a cyber-biological attack?
Cyber-researchers of the Ben-Gurion University of the Negev have come across a new cyber-biological attack that’s end-to-end. They may deceive unsuspecting biological researchers into producing dangerous toxins. This has been published in Nature Biotechnology.
It is presently thought that a criminal who wants to generate and supply a hazardous substance needs to have physical access. However, it has now been discovered that a sequence to generate a toxin can inadvertently be produced on a bioengineer’s computer by replacing a short sub-string of a DNA using malware.
Screening of DNA orders to prevent the new cyber-biological attack
BGU Complex Networks Analysis Lab’s head Rami Puzis says that the most effective way to defend against such attacks is by screening the DNA orders. This is done by most providers of synthetic genes to manage both deliberate and unintended production of toxins. The Gene Purchase Regulation Legislation was first introduced in California in 2020.
Puzis, who is also a member of BGU’s Department of Software and Information Systems Engineering and Cyber, added that companies outside California that do not act as screening DNA orders might sometimes sell harmful DNA to bioterrorists. Sadly, advancements in synthetic biology and cyber warfare haven’t been mirrored in the screening standards that can cause this new cyber-biological attack
The United States HHS (Department of Health and Human Services) has a weak point in their guideline. Using this, criminals may bypass the screening protocol that prevents the screening software from identifying DNA used to generate toxins by a common obfuscation method.
Puzis revealed that the tested DNA samples used this method to comply with the ‘best-match’ HHS guidelines as an experiment. It resulted in them discovering that 16 out of the fifty obfuscated samples went undetected.
Cybersecurity in biosecurity
Scientists found that this new cyber-biological attack is due to automation and ease of access to synthetic gene engineering operations, and inadequate cybersecurity controls. This allows the exploitation of biological procedures in the target biologist’s lab via malware by modifying the DNA molecule.
This new DNA attack thus demonstrates the substantial new danger of destructive code modifying biological procedures. Software, biosecurity screening, and biological procedures are the 3 levels of workflow in bioengineering. Puzis and the team have selected a demonstration of several weaknesses at all 3 levels.
Rami Puzis has further emphasized the significance of this new cyber-biological attack. He says that this discovery highlights the importance of solidifying the supply chain of synthetic DNA against such threats. He has recommended an improved algorithm for screening that considers gene editing in-vivo. He hopes that the paper will be a base for the strong, enemy-resistant screening of DNA sequences and services for synthetic gene manufacture protected by cybersecurity when local regulations for biosecurity screening are implemented globally.
This instance of the new cyber-biological attack brings to light the new application of cybersecurity knowledge in fields of genetic coding and biosecurity.
Author : Deepthi Prakash
