Hackers can dupe DNA scientists into creating deadly viruses, reveals new study

Researchers from the Israel-based Ben-Gurion University of the Negev, in a paper published in the journal Nature Biotechnology, said that as DNA synthesis becomes more widespread, "concern is mounting that a cyberattack intervening with synthetic DNA orders could lead to the synthesis of nucleic acids encoding parts of pathogenic organisms or harmful proteins and toxins".

The research team said that it is no longer the case that a criminal needs to have physical contact with a dangerous substance to produce and deliver it. Scientists could be duped into producing toxins or synthetic viruses on their behalf through targeted cyberattacks. This can be done by easily replacing a short substring of the DNA with malware on a bio- engineer's computer so that they unintentionally create a toxin-producing sequence.

Dr Rami Puzis, head of the BGU Complex Networks Analysis Lab, in the journal, explained that to regulate both intentional and unintentional generation of dangerous substances, most synthetic gene providers screen DNA orders which is currently the most effective line of defence against such attacks.

The researchers in the journal raised their concerns that this form of bio hacking could pose a risk for the future potential of Covid vaccine development.

"As cybersecurity becomes an increasing concern across all business sectors, the possible procurement of DNA for malicious purposes by hackers highlights the need for greater cyber-biosecurity, especially as cyber-bio attacks have been overlooked by the synthesis community and many academic laboratories lack the firewalls and cybersecurity infrastructure to ensure the integrity of communication," they elaborated.

Before order fulfilment, most DNA synthesis providers check each requested sequence across databases of problematic sequences. However, the researchers in the journal lamented that there are no comprehensive databases of pathogenic sequences and the guidelines unenforced outside of US National Institutes of Health (NIH) grantees are outdated.

These suspicious sequences require a human inspection to verify safety and legitimacy. But the study noted that human follow-ups are, however, costly and time-consuming. And some pathogenic sequences will fall through the oversight cracks without a comprehensive penetration testing of the screening frameworks.

"Best practices and standards must be woven into operational biological protocols to combat these threats," the researchers cautioned.