In August 2017 a research group from the University of Washington released spectacular results: They have found that malware can be encrypted into physical DNA threads. Their aim was to test open source software for security holes, the type of bioinformatics software that researchers worldwide use to analyze DNA material. Where you would normally check the security of computer software by using common malware the research group decided to attack the computer that should analyze the results with DNA strings containing malicious code.
For the sake of the experiment, the researchers purposefully implemented a security hole in the system, but they emphasized that similar security holes do exist in the DNA software used today.
DNA-computation
Normally computers operate by using silicon-based technologies. DNA computing is a form of computing where DNA, biochemistry and elements of molecular biology are used as hardware instead. With DNA computation the process speed is significantly slower than with traditional silicon-based computing technologies. On the other hand you can do many parallel calculations simultaneously. Therefore one can perform a very complex calculation of billions of molecules that interact with each other at the same time.
The field was developed by Leonard Adleman of the University of Southern California in 1994. In the experiment he created various DNA fragments which all represented a city that a traveling merchant could visit. Each of the small DNA fragments could be associated with the others. They were created and then mixed together in a test tube and within a few seconds larger fragments of the small fragments were formed. In this experiment you could call these larger fragments the different routes the travelling merchant could choose between. Through a chemical reaction which lasted for a few days the DNA fragments which represented the longest routes were eliminated. The result of the attempt was that only the remaining fragments representing the shortest routes remained. In this experiment DNA data processing was used to find the solution to how the traveling merchant could reach the different cities most effectively.
Infecting the DNA string
What the researchers did was to infect the DNA string with a program which destroys the program that analyzes the DNA sequence. This allowed the malicious code to take over the computer. It should be mentioned that most hackers would choose other types of vira and malware simply because this method of taking over other computers is incredibly difficult and complicated. However, the reason that it still interests the researchers is that this kind of hacking may become more common in the future. It seems obvious that it will happen as DNA sequencing becomes more normal and will increasingly be executed on more fragile third-party services.
This is how the malicious DNA infected the computer.
The research group found it somewhat harder to encode the DNA string than expected. But after extensive research and testing they managed to create a piece of software that could survive the translation from physical DNA to digital format and thus cause the attack. This translation is also known as FASTQ, which is a text based format that is used to store the biological sequence – the DNA code. FASTQ files are usually compressed because the text code can take up several GB of space. During the compression it hacked the compression software with a buffer overflow. This way the malicious code could break out of the program and into the computer’s memory that started running the software arbitrarily. It should be mentioned that the code was only 37% translated at the time and that the program decoded the code backwards. It is one of the disadvantages of writing code in a physical object such as a DNA string since DNA can be sequenced both ways but code can only read one way. The solution will probably be to make palindrome codes in the future.
No need to worry
Although there is no cause for immediate concern there is a risk that this kind of hack can help hackers gain access to valuable confidential information that is covered by intellectual property. There is also the possibility that large companies can exploit this kind of technology and potentially place malware in the DNA string of GM foods to protect business secrets.
It will take many years before we will experience hacking of this type but it will become increasingly common that computation is done using DNA code. Using DNA to compute is an area in slow development which researchers have experimented with since 1994. One of the amazing things about using DNA-based computers is that it will be possible to store information for hundreds of years. DNA has the ability to maintain its structure much longer than magnetic coding in flash memory or on a hard drive. If we begin to use DNA computing, a natural consequence of course will be that we will also begin to see DNA-based computer attacks.
DNA hacks in the future
For a long time bioinformatics was a field known only in the world of scientists and researchers. To be able to conduct bioinformatics, you must use computers and programs which work at a completely different level than the normal computer user has come to know. These are extremely complicated computing processes that can be hard to understand.
Some people believe that stories about DNA hacking only belong in science fiction movies and among people suffering from severe paranoia. The fact is that researchers have managed to hack a computer by inserting malicious code into a DNA string.
As you know most hackers are not research groups trying to figure out how to encode and infect a DNA string with malicious code. And even though you do not currently really have to fear that you or anyone else is exposed to DNA hacking, it is always good to watch your own computer.