Cybersecurity on DNA sequencing tools failed to protect data

A recent study form the University of Washington found that security measures on patient's genetic tests are poorly maintained. The unprotected DNA information poses an additional threat because it can be encrypted with malicious code and harm the computer.

The improvement of DNA sequencing has increased the amount of genetic testing information, but security practices continue to fail to keep this information safe. Findings are set to be presented at the 26th USENIX Security Symposium.

"We don't want to alarm people or make patients worry about genetic testing, which can yield incredibly valuable information," said co-author Luis Ceze, associate professor at the University of Washington. "We do want to give people a heads up that as these molecular and electronic worlds get closer together, there are potential interactions that we haven't really had to contemplate before."

The study explained that when a DNA strand is processed, a malicious exploit can take control of the computer running the system. To protect the system, researchers compiled a list of recommendations which included following best practices for secure software, using adversarial thinking when applying processes, monitoring who controls DNA samples, verifying DNA samples before they are processed and developing methods to detect malicious executable code in DNA.

"There is some really low-hanging fruit out there that people could address just by running standard software analysis tools that will point out security problems and recommend fixes," said co-author Karl Koscher, a research scientist in the UW Security and Privacy Lab. "There are certain functions that are known to be risky to use, and there are ways to rewrite your programs to avoid using them. That would be a good initial step."

""
Cara Livernois, News Writer

Cara joined TriMed Media in 2016 and is currently a Senior Writer for Clinical Innovation & Technology. Originating from Detroit, Michigan, she holds a Bachelors in Health Communications from Grand Valley State University.

Around the web

The American College of Cardiology has shared its perspective on new CMS payment policies, highlighting revenue concerns while providing key details for cardiologists and other cardiology professionals. 

As debate simmers over how best to regulate AI, experts continue to offer guidance on where to start, how to proceed and what to emphasize. A new resource models its recommendations on what its authors call the “SETO Loop.”

FDA Commissioner Robert Califf, MD, said the clinical community needs to combat health misinformation at a grassroots level. He warned that patients are immersed in a "sea of misinformation without a compass."

Trimed Popup
Trimed Popup