In the photo to the left is a test tube with hundreds of billions of copies of the exploit encoded in synthetic DNA molecules that can infect the computer system after sequencing and processing.
Over the past five years, the cost of genome sequencing has fallen from $ 100,000 to less than $ 1,000 , Which stimulated research in the field of genomics and a whole galaxy of commercial services that offer to analyze your genome for different purposes: building a genetic tree, searching for ancestors, analyzing physical abilities, Fitness for various sports and physical activity, the study of compatible microorganisms in the intestinal tract and much more. The authors of the scientific work are sure that in the sequencing of the genome, insufficient attention is paid to safety: in this area they simply have not yet encountered malicious programs that attack directly through the genome. Now such an attack vector needs to be taken into account.
Sequencing of the genome begins to be used in applied disciplines such as forensic examination and archival storage of data, therefore, security issues should be studied before sequencing becomes widespread.
The researchers wrote an exploit and then synthesized a DNA sequence that, after sequencing And processing generates a file with an exploit. Being downloaded to a vulnerable program, this file opens a socket for remote system management.
The study is of no practical use, because the authors did not hack into the specific sequencer program that biologists use. Instead, they themselves modified the fqzcomp version 4.6 (the DNA sequence compression utility) by adding a known vulnerability to its source code. Nevertheless, this does not contradict the fact that in these programs there are also vulnerabilities. The main thing, scientists managed to prove that the infection of the computer is really possible through a sample of biological material.
To change the source code
fqzcomp you had to add 54 lines to C ++ and remove 127 lines. The modified version of the program processed DNA using a simple two-bit scheme: four nucleotides were encoded as two bits: A as 00, C as 01, G as 10, and T as 11.
In addition to implementing the exploit in the program and translating into a two-bit Processing, the researchers also disabled known security functions in the operating system, including the ASLR memory randomization system, and also protection against stack overflow.
The exploit itself (shown in the left-hand window) was 94 bytes in size and encoded 376 Nucleotides. This sequence was loaded into the service for the synthesis of biological molecules IDT gBlocks. The first attempt to synthesize DNA with an exploit was unsuccessful.
There were several problems. There were too many repeating sequences in the molecule, which is not recommended for synthesis. In one place there were 13 consecutive nucleotides T, which is very difficult to synthesize. In addition, along the entire length there were not enough GC pairs that strengthen the molecule. Eventually, the exploit was too long to be sequenced.
But researchers were able to overcome all the difficulties, they reduced the exploit length to 43 bytes and obtained an acceptable number of CG sequences, because the exploit text consists predominantly of lowercase letters (01 in ASCII corresponds to nucleotide C). The port number in the exploit for this reason changed from 3 (ATAT) to 9 (ATGC). The resulting sequence was loaded into the IDT gBlocks synthesis service, which takes $ 89 for synthesis up to 500 base pairs.
Having proved the theoretical possibility of attack, researchers studied the safety of programs that are used for sequencing and analysis DNA. In total, 13 known open source biological programs written in C / C ++ were studied. Their security was compared to the standard software, which is usually attacked by attackers, such as Web servers and remote shells. It turned out that biological programs have many more potentially dangerous function calls (such as
It was possible to find also buffer overflows in three programs (fastx-toolkit, samtools and SOAPdenovo2). Through such bugs, you can cause the program to crash. Knowing that such failures are often converted into working exploits, the authors dwelled on this.
The presentation of the scientific work (pdf) will be held on August 17, 2017 at the 26th USENIX Security Symposium.