DNA software and the pipeline for synthesizing sequences lack the necessary cybersecurity protections to prevent attackers from compromising the pipeline and producing potential pathogenic sequences, according to a team of researchers from Ben-Gurion University of the Negev.
The researchers conducted a proof-of-concept attack ordering a toxic peptide by obfuscating the DNA sequence in an approach that resembled the obfuscation techniques used by malware authors. The order bypassed screening checks and had moved to production before the researchers notified the company and canceled the order. Such attacks can be mitigated, but only if the industry starts looking for malicious DNA sequences in much the same way the companies currently look for malicious code, the team said in a letter published in Nature last week.
In fact,…