Researchers Inject Computer Malware into DNA for the First Time

  In what seems to be an example of a futuristic blending of biological essence and machine logic, researchers at the University of Washington have demonstrated, for the first time, the ability to inject computer program malware into DNA sequencing.  The malware was then used to exploit various computer applications used in DNA sequencing.

After extensive analysis, key research findings include:

  • The ability to create adverse side-channel information leaks in several DNA sequencing technologies.
  • Bioinformatics applications used in DNA sequencing have information systems vulnerabilities, such as insecure function calls and buffer overflows, that allow an adversary to take control of the application or system.
  • Cybersecurity best practices are lacking in the computer coding and implementation of software applications used in the DNA processing.
  • Derivation of hypothetical DNA sequencing attack vectors with recommendations to mitigate potential attacks.

The findings suggest a need for increased cybersecurity awareness in the implementation of DNA sequencing technologies.

Bioinformatics applications are susceptibility to computer system vulnerabilities (such as the aforementioned buffer overflows) that are known to be the result of poor computer coding techniques.  For years other professional technology sectors (e.g., banking, energy, transportation) have made significant efforts to eliminated programming vulnerabilities that allow malware code execution in their computer systems.

Secure programming due diligence in the form of training, tools, and techniques are now required in the genome sequencing field where cyber attacks that once seemed too resource intensive and technically difficult for hacker to undertake are now a possibility.

The full detailed academic research paper is available at: