In what may put the future potential Covid vaccine development at risk, researchers have spotted a new form of biohacking that can dupe DNA scientists into unknowingly creating deadly viruses.
Researchers from the Israel-based Ben-Gurion University of the Negev, in a paper published in the journal Nature Biotechnology, said that as DNA synthesis becomes more widespread, “concern is mounting that a cyberattack intervening with synthetic DNA orders could lead to the synthesis of nucleic acids encoding parts of pathogenic organisms or harmful proteins and toxins”.
The research team said that it is no longer the case that a threat actor needs physical access to a “dangerous” substance to produce or deliver it and scientists could be duped into producing toxins or synthetic viruses on their behalf through targeted cyberattacks.
“As cybersecurity becomes an increasing concern across all business sectors, the possible procurement of DNA for malicious purposes by hackers highlights the need for greater cyber-biosecurity, especially as cyber-bio attacks have been overlooked by the synthesis community and many academic laboratories lack the firewalls and cybersecurity infrastructure to ensure integrity of communication,” they elaborated.
Most DNA synthesis providers check each requested sequence across databases of problematic sequences before order fulfillment.
“Unfortunately, however, there are no comprehensive databases of pathogenic sequences, and the guidelines — unenforced outside of US National Institutes of Health (NIH) grantees — are outdated,” the researchers lamented.
Commercial DNA synthesisers sell billions of nucleotides to customers each year, amounting to hundreds of millions of dollars in sales.
Suspicious sequences require human inspection to verify safety and legitimacy.
“Human follow-ups are, however, costly and time consuming. And, without a comprehensive penetration testing of the screening frameworks, some pathogenic sequences will fall through the oversight cracks,” the study noted.
The threat is real.
The researchers conducted a proof of concept — an obfuscated DNA encoding a toxic peptide was not detected by software implementing the screening guidelines.
“The respective order was moved to production. Details are withheld, but IGSC (International Gene Synthesis Consortium) was notified about the threat and potential mitigation methods,” said the team from Ben-Gurion University.
“The order was canceled for biosecurity reasons following our disclosure.”
Cyber dangers are spilling over to the physical space, blurring the separation between the digital world and the real world, especially with increasing levels of automation in the biological lab.
“Best practices and standards must be woven into operational biological protocols to combat these threats,” the researchers cautioned.
–IANS