Iron out your tin-foil hat with your hand because today we have some cybersecurity news that will boggle your mind.
Scientists at the University of Washington have taken control of a computer using malware that was stored in a strand of DNA. Crazy right? Well yes and no.
First – the science. Storing data on DNA is not all that new. The standard nucleotides of a DNA strand can be represented by letters which can then read by a computer program. In the past we’ve seen this being exploited to store data but these scientists weren’t concerned with that.
“We then designed and created a synthetic DNA strand that contained malicious computer code encoded in the bases of the DNA strand. When this physical strand was sequenced and processed by the vulnerable program it gave remote control of the computer doing the processing,” said the scientists.
So just like that the team was able to take control of a PC, but – and this is rather important – we don’t need to be concerned about this attack vector. Not yet at least.
The team says that the experiment was done to see if an attack such as this is even possible and that synthesising DNA to target vulnerabilities in DNA processing vulnerabilities is challenging.
“While scientifically interesting, we stress that people today should not necessarily be alarmed,” said the team.
So why show the world’s black-hat hackers that this is possible at all? Well, as the scientists point out, information security is about heading vulnerabilities off at the pass and being able to plug holes in emerging technology is often easier than doing it once those that technology has emerged.
You can find the full report of the findings as well as the full peer-reviewed technical paper over on the University of Washington website.