Researchers from the University of Washington have successfully infected a computer by encoding malicious software using custom strands of DNA.
At a security symposium in Vancouver, Canada, the researchers explained how they used synthetic DNA to store a malware, and then gained control over the computer by targeting the security loopholes in the software that analyses DNA.
“We designed and created a synthetic DNA strand that contained malicious computer code encoded in the bases of the DNA strand,” said Tadayoshi Kohno, a computer-science professor at the university and a member of the research team.
“When this physical strand was sequenced and processed by the vulnerable program it gave remote control of the computer doing the processing. That is, we were able to remotely exploit and gain full control over a computer using adversarial synthetic DNA.”
They used the four bases in DNA, adenine, cytosine, guanine, and thymine – A, C, G, and T – to encode their malware. In this, the digital bits of data are converted into synthetic DNA.
The hack was only possible because of weakness in the DNA sequencing software. The researchers have clarified that there is no need for concern: “Note that there is no present cause for alarm about present-day threats. We have no evidence to believe that the security of DNA sequencing or DNA data in general is currently under attack.”