1887
Perspective Open Access
Like 0

Abstract

Next generation sequencing (NGS) is becoming the new gold standard in public health microbiology. Like any disruptive technology, its growing popularity inevitably attracts cyber security actors, for whom the health sector is attractive because it combines mission-critical infrastructure and high-value data with cybersecurity vulnerabilities. In this Perspective, we explore cyber security aspects of microbial NGS. We discuss the motivations and objectives for such attack, its feasibility and implications, and highlight policy considerations aimed at threat mitigation. Particular focus is placed on the attack vectors, where the entire process of NGS, from sample to result, could be vulnerable, and a risk assessment based on probability and impact for representative attack vectors is presented. Cyber attacks on microbial NGS could result in loss of confidentiality (leakage of personal or institutional data), integrity (misdetection of pathogens) and availability (denial of sequencing services). NGS platforms are also at risk of being used as propagation vectors, compromising an entire system or network. Owing to the rapid evolution of microbial NGS and its applications, and in light of the dynamics of the cyber security domain, frequent risk assessments should be carried out in order to identify new threats and underpin constantly updated public health policies.

Loading

Article metrics loading...

/content/10.2807/1560-7917.ES.2020.25.6.1900574
2020-02-13
2024-11-23
http://instance.metastore.ingenta.com/content/10.2807/1560-7917.ES.2020.25.6.1900574
Loading
Loading full text...

Full text loading...

/deliver/fulltext/eurosurveillance/25/6/eurosurv-25-6-5.html?itemId=/content/10.2807/1560-7917.ES.2020.25.6.1900574&mimeType=html&fmt=ahah

References

  1. Chiu C, Miller S. Next-generation sequencing. In: Persing DH, Tenover FC, Hayden RT, Ieven M, Miller MB, Nolte FS, et al. (eds). Molecular microbiology: Diagnostic principles and practice. Washington: American Society of Microbiology. 2016. pp. 68-79.
  2. Motro Y, Moran-Gilad J. Next-generation sequencing applications in clinical bacteriology. Biomol Detect Quantif. 2017;14:1-6.  https://doi.org/10.1016/j.bdq.2017.10.002  PMID: 29255684 
  3. Moran-Gilad J. Whole genome sequencing (WGS) for food-borne pathogen surveillance and control - taking the pulse. Euro Surveill. 2017;22(23):30547.  https://doi.org/10.2807/1560-7917.ES.2017.22.23.30547  PMID: 28661389 
  4. Xiong M, Zhao Z, Arnold J, Yu F. Next-generation sequencing. J Biomed Biotechnol. 2010;2010:370710.  https://doi.org/10.1155/2010/370710  PMID: 21512588 
  5. Moran-Gilad J. How do advanced diagnostics support public health policy development? Euro Surveill. 2019;24(4):1900068.  https://doi.org/10.2807/1560-7917.ES.2019.24.4.1900068  PMID: 30696524 
  6. Woolf N. DDoS attack that disrupted internet was largest of its kind in history, experts say. London: The Guardian. 2016. Available from: https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet
  7. Bambrough B. Bitcoin and crypto wallets are now being targeted by malware. New Jersey: Forbes; 2019. Available from: https://www.forbes.com/sites/billybambrough/2019/09/19/bitcoin-and-crypto-wallets-now-targeted-by-malware/#697e906a65db
  8. International Organization for Standardization (ISO). ISO/IEC 27032:2012. Information technology – security techniques – guidelines for cybersecurity. Geneva: ISO; 2012. Available from: https://www.iso.org/standard/44375.html
  9. Jain M, Olsen HE, Paten B, Akeson M. The Oxford Nanopore MinION: delivery of nanopore sequencing to the genomics community. Genome Biol. 2016;17(1):239.  https://doi.org/10.1186/s13059-016-1103-0  PMID: 27887629 
  10. Castro-Wallace SL, Chiu CY, John KK, Stahl SE, Rubins KH, McIntyre ABR, et al. Nanopore DNA sequencing and genome assembly on the International Space Station. Sci Rep. 2017;7(1):18022.  https://doi.org/10.1038/s41598-017-18364-0  PMID: 29269933 
  11. Coventry L, Branley D. Cybersecurity in healthcare: A narrative review of trends, threats and ways forward. Maturitas. 2018;113:48-52.  https://doi.org/10.1016/j.maturitas.2018.04.008  PMID: 29903648 
  12. Martin G, Martin P, Hankin C, Darzi A, Kinross J. Cybersecurity and healthcare: how safe are we? BMJ. 2017;358:j3179.  https://doi.org/10.1136/bmj.j3179  PMID: 28684400 
  13. Field M. WannaCry cyber attack cost the NHS £92m as 19,000 appointments cancelled. London: The Telegraph; 2018. Available from: https://www.telegraph.co.uk/technology/2018/10/11/wannacry-cyber-attack-cost-nhs-92m-19000-appointments-cancelled/
  14. Markowsky G, Markowsky L. From air conditioner to data breach. In: Daimi K, Arabnia HR. (eds). Proceedings of the 2014 International Conference on Security and Management (SAM). Worldcomp'14; 21-24 Jul 2014; Las Vegas. Available from: http://docplayer.net/7778877-George-markowsky-ashu-m-g-solo-kevin-daimi-samiha-ayed-michael-r-grimaila-hanen-idoudi-editors-hamid-r-arabnia.html
  15. Appelbaum J, Gibson A, Guarnieri C, Müller-Maguhn A, Poitras L, Rosenbach M, et al. The Digital Arms Race. NSA preps America for future battle. Hamburg: Der Spiegel; 2015. Available from: https://www.spiegel.de/international/world/new-snowden-docs-indicate-scope-of-nsa-preparations-for-cyber-battle-a-1013409.html
  16. Finlayson SG, Bowers JD, Ito J, Zittrain JL, Beam AL, Kohane IS. Adversarial attacks on medical machine learning. Science. 2019;363(6433):1287-9.  https://doi.org/10.1126/science.aaw4399  PMID: 30898923 
  17. Mirsky Y, Mahler T, Shelef I, Elovici Y. CT-GAN: Malicious tampering of 3D medical imagery using deep learning. arXiv preprint arXiv:1901.03597;2019. Available from: https://arxiv.org/abs/1901.03597
  18. Ney P, Koscher K, Organick L, Ceze L, Kohno T. Computer security, privacy, and DNA sequencing: compromising computers with synthesized DNA, privacy leaks, and more. In: Proceedings of the 26th USENIX Security Symposium 16-18 Aug 2017; Vancouver. Available from: https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-ney.pdf
  19. Knetsch CW, van der Veer EM, Henkel C, Taschner P. DNA sequencing. In: van Pelt-Verkuil E, van Leeuwen W, te Witt R. (eds). Molecular diagnostics. Singapore: Springer; 2019. pp. 339-360. Available from: https://link.springer.com/chapter/10.1007/978-981-13-1604-3_8
  20. Hadjadj L, Baron SA, Diene SM, Rolain JM. How to discover new antibiotic resistance genes? Expert Rev Mol Diagn. 2019;19(4):349-62.  https://doi.org/10.1080/14737159.2019.1592678  PMID: 30895843 
  21. Forum of Incident Response and Security Teams (FIRST). Common Vulnerability Scoring System version 3.1: Specification Document. Cary: FIRST. [Accessed: 5 Feb 2020]. Available from: https://www.first.org/cvss/specification-document
  22. Robertson J, Riley M. The big hack: How China used a tiny chip to infiltrate US companies. Bloomberg Businessweek. 2018. Available from: https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
  23. Shwartz O, Mathov Y, Bohadana M, Elovici Y, Oren Y. Opening Pandora’s box: effective techniques for reverse engineering IoT devices. In: Eisenbarth T, Teglia Y (eds). International Conference on Smart Card Research and Advanced Applications 13 Nov 2017; Montpellier. CARDIS 2017. Lecture Notes in Computer Science, vol 10728. Cham: Springer. Available from: https://link.springer.com/chapter/10.1007/978-3-319-75208-2_1#citeas
  24. Brumaghin E, Gibb R, Mercer W, Molyett M, Williams C. CCleanup: A vast number of machines at risk. San Jose: Cisco TALOS. 2017. Available from: https://blogs.cisco.com/security/talos/ccleanup-a-vast-number-of-machines-at-risk
/content/10.2807/1560-7917.ES.2020.25.6.1900574
Loading

Data & Media loading...

Submit comment
Close
Comment moderation successfully completed
This is a required field
Please enter a valid email address
Approval was a Success
Invalid data
An Error Occurred
Approval was partially successful, following selected items could not be processed due to error