The new coronavirus, Covid-2019 – that has infected more than 80,000 people in China and other countries is harmful not only because it causes potentially fatal disease. As advances in microbiology bring whole genome sequencing of infectious agents to the forefront of disease diagnostics, new cybersecurity risks for public health have materialized.
Next-generation sequencing (NGS) is a new method to identify and characterize pathogens quickly, leading to faster treatment. As DNA sequencing has become cheaper, the next step is to move from the lab
into the field and – in the future – even into homes.
Researchers at Ben-Gurion University of the Negev in Beersheba argue in a first-of-its-kind policy paper published in the open-access journal Eurosurveillance that cyber-attacks on NGS-based public health surveillance systems could have a harmful effect such as false detection of significant public health threats. They could also lead to delayed recognition of epidemics. Such incidents could have a major regional or global impact and contemporary global health challenges as is evident by the recent natural spread of the new coronavirus.
Such a development exposes microbial test results and DNA sequence banks to potential hackers. Therefore, protection of this data from troublemakers in cyberspace must be built as part and parcel of the products themselves and not tacked on as an afterthought, the Israeli scientists declare.
“Computerized medical equipment is an attractive target for malicious cyber activity, as it is among a rapidly shrinking group of industries which combine mission-critical infrastructure and high value data with relatively weak cybersecurity standards,” the researchers wrote.
The team was headed by Prof. Jacob Moran-Gilad and Dr. Yair Motro from the the BGU Faculty of Health Science’s department of health systems management, with Prof. Lior Rokach, Dr. Yossi Oren and student Iliya Fayans of the department of software and information systems engineering in theFaculty of Engineering Sciences.
The researchers suggest a number of different potentially vulnerable points during the process. From sample processing and DNA sequencing to bioinformatics software and sequence-based public health surveillance systems, the whole NGS pipeline is currently vulnerable.
But as some attacks are more likely than others and may have different impacts, the team discuss 12 attacks and ranked them according to three major effects, six moderate effects and three minor ones.
The researchers also offer a series of recommendations as NGS devices and surveillance systems are built. “NGS devices, bioinformatics software and surveillance systems present challenges beyond the normal ones of other information-technology devices. Thus, cyber security must be considered when devices and systems are designed,” concluded Oren, and not just tacked on afterwards as is often the case with other Internet-of-Things devices (networks of Internet connected objects able to collect and exchange data) today.