DNA testing companies like 23andMe can show you your heritage, but at what cost? Here we’ll talk about why keeping your biometrics and biological data secure is important.
Despite this, not many people are familiar with the term “cyberbiosecurity”. In fact, Grammarly doesn’t even recognize it as a word.
What is this concept, how are we at risk, and what can we do to mitigate those risks?
The Origins of Biosecurity and Biosafety
The original term “biosecurity” applies to measures taken to stop or slow the spread of dangerous diseases or organisms to plant, human, and animal life. There is also the term “biosafety” which focuses on biological integrity and the maintenance of it.
Neither of these definitions apply to concerns surrounding 23andMe and other DNA testing services. That’s why a new term (cyberbiosecurity) has emerged to avoid confusion.
Cyberbiosecurity, as described by Peccoud Lab Synthetic Biology Informatics, relates to the relationship between biology and technology. Specifically, the relationship between biosecurity and cybersecurity.
As legislation largely fails to keep up with technology, legal safeguards involving biotech are also lagging. Still, there is a movement to ensure better security practices involving biotech and synthetic biology.
Jean Peccoud is the lead author on the paper “Trends in Biotechnology” which came out December 7, 2017.
Along with colleagues from Virginia Tech and the University of Nebraska, Peccoud warned about cyber-physical breaches.
The paper also cautions more pointed threats such as those with ill intent. Peccoud told Phys.org “…it’s so easy to read DNA sequences, for example, or to make DNA molecules out of sequences publicly available from bioinformatics databases.”
Now you can see how the threads connect to DNA testing services such as 23andMe.
Malware Infected DNA: Closer to Reality Than Fiction
We recently wrote about a ransomware infected robot demanding bitcoins. It seems that malware and ransomware will be significant concerns in an IoT future.
This also relates to our own biological information with increasing cyberbiosecurity risks. The biotechnology paper attributes this to a lack of risk mitigation.
“Trust within the biotechnology community creates vulnerabilities at the interface between cyberspace and biology. Awareness is a prerequisite to managing these risks.”
Since the world of cyberbiosecurity is still forming, getting ahead of those who would do it harm is a smart move. After all, it isn’t just genetic information that hackers could hijack or insert malware into using biohacking.
They can also take control of biomanufacturing smart equipment. This grants them access to DNA and genetic information, as well as potentially dangerous information on pathogens. A biohacking group could get information on a synthetically engineered virus.
They could then transform that into a bioweapon and potentially use it to ill ends. This means that plots like the one from Mission: Impossible 2 might not be so far-fetched.
How do we Mitigate Cyberbiosecurity Risks Today?
Peccoud and his team have assisted federal government bodies in cyberbiosecurity. So there is a little bit of a trail blazed when it comes to taking precautions.
As outlined in Techrepublic, you can follow these steps:
- Train employees in cyberbiosecurity awareness for cyber-physical, cyber, and infrastructure related vulnerabilities
- Analyze risks posed by current biosafety and biosecurity protocols
- Prioritize risk mitigation based on that analysis
- Implement new policies to prevent incidents and detect possible threats
As for your own personal cyberbiosecurity, the jury is still out on that one. Avoiding DNA testing services such as 23andMe might afford you an extra layer of biosecurity. But human DNA is not immune to the effects of malware.
Our own Rechelle Ann Fuertes covered a story where researchers encoded DNA with malicious software. Don’t worry: the experiment only proved that DNA could carry malware. It didn’t necessarily prove that someone could biohack your body.
That makes me feel so much better.