Matthew Griffin, described as “The Adviser behind the Advisers” and a “Young Kurzweil,” is the founder and CEO of the 311 Institute, a global futures think tank working between the dates of 2020 to 2070, and is an award winning futurist, and author of “Codex of the Future.” Regularly featured in the global media, including AP, BBC, CNBC, Discovery, RT, and Viacom, Matthew’s ability to identify, track, and explain the impacts of hundreds of revolutionary emerging technologies on global culture, industry and society, is unparalleled. Recognised for the past six years as one of the world’s foremost futurists, innovation and strategy experts Matthew is an international speaker who helps governments, investors, multi-nationals and regulators around the world envision, build and lead an inclusive, sustainable future. A rare talent Matthew’s recent work includes mentoring several Education and Lunar XPrize teams, building the first generation of biological computers and re-envisioning global education with the G20, and helping the world’s largest conglomerates ideate the next 20 years of intelligent devices and machines. Matthew's clients include three Prime Ministers and several governments, including the G7, Accenture, Bain & Co, BCG, BOA, Blackrock, Bentley, Credit Suisse, Dell EMC, Dentons, Deloitte, Du Pont, E&Y, HPE, Huawei, JPMorgan Chase, KPMG, McKinsey, PWC, Qualcomm, SAP, Samsung, Sopra Steria, UBS, and many more.
WHY THIS MATTERS IN BRIEF
As we increasingly become masters of manipulating the makeup of life criminals will find new, innovative ways, to breach computer systems and cause havoc.
We are increasingly becoming masters of manipulating the building blocks of life, whether it’s creating new “alien” life forms that have six DNA base pairs, not four, creating lifeforms that are resistant to every known virus on Earth, or even “teleporting life,” but now, in what appears to be the first successful hack of its kind a team of researchers in the US have announced they’ve managed to introduce malware into a genetic molecule that allowed them to use DNA to hack the software in the computer used to analyse it.
The biological malware was created by scientists at the University of Washington, who then went on to call it the first “DNA-based exploit of a computer system.”
To carry out the hack the team, who were led by Tadayoshi and Luis Ceze, encoded malicious software in a short stretch of DNA they’d bought online and then used it to gain “full control” over the computer that tried to process the genetic data after it was read by their DNA sequencing machine.
The researchers warn that hackers could one day use faked blood or spit samples to gain access to university computers, steal or change information from police forensics labs, or infect genome files shared by scientists, and the list of course, could go on and on.
For now, DNA malware doesn’t pose much of a security risk, and the researchers admit that to pull off their intrusion, they created the “best possible” chances of success by disabling security features and even adding a vulnerability to a little used bioinformatics program. Their paper appears here.
“Their exploit is basically unrealistic,” says Yaniv Erlich, a geneticist and programmer who is chief scientific officer of MyHeritage.com, a genealogy website.
The new DNA malware will be presented next week at the Usenix Security Symposium in Vancouver.
“We look at emerging technologies and ask if there are upcoming security threats that might manifest, so the idea is to get ahead,” says Peter Ney, a graduate student in Kohno’s Security and Privacy Research Lab.
To make the malware, the team translated a simple computer command into a short stretch of 176 DNA letters, coded as A, G, C, and T after ordering copies of the DNA from a vendor for $109. They then fed the strands into a sequencing machine, which read off the gene letters, storing them as binary digits, 0s and 1s.
Erlich says the attack took advantage of a spill-over effect, when data that exceeds a storage buffer can be interpreted as a computer command. In this case, the command contacted a server controlled by Kohno’s team and then took control of the computer in their lab they were using to analyse the DNA file.
Companies that manufacture synthetic DNA strands and mail them to scientists are already on the alert for bioterrorists, and now they might also have to start checking their DNA for security threats, and as more and more of our DNA data appears online it’s inevitable that criminals will increasingly be able to target it for “nefarious” purposes.
“In some cases, scientific programs used to organize and interpret DNA data aren’t actively maintained, and that could create risks,” said James Bonfield, a bioinformatics expert at the Wellcome Trust Sanger Institute, in the UK.