Cyber researchers from Ben-Gurion University of the Negev in Israel have discovered that the potential exists for cybercriminals to create dangerous substances without ever stepping foot into a lab.

Cyber biological attacks, according to the cyber-research team, could potentially be conducted using malware as a replacement for a sub-string of the DNA on a bioengineer’s computer so that the bioengineer unknowingly creates a toxin-producing sequence.

This is reportedly the result of a fault in the guidance issued by the U.S. Department of Health and Human Services (HHS) for DNA bioengineers. While the majority of synthetic gene engineers screen DNA orders to thwart these attacks, such screening protocols can be bypassed via a generic obfuscation technique, thereby confusing the screening software designed to detect toxin-producing DNA.

"Using this technique, our experiments revealed that 16 out of 50 obfuscated DNA samples were not detected when screened according to the 'best-match' HHS guidelines," according to researchers.

"This attack scenario underscores the need to harden the synthetic DNA supply chain with protections against cyber-biological threats," the team explained. "To address these threats, we propose an improved screening algorithm that takes into account in vivo gene editing. We hope this paper sets the stage for robust, adversary resilient DNA sequence screening and cybersecurity-hardened synthetic gene production services when biosecurity screening will be enforced by local regulations worldwide.”

The research appears in a paper published in the journal Nature Biotechnology.

To contact the author of this article, email mdonlon@globalspec.com