Link: Biotech Corporate Email Hacked

by ilzolende1 min read2nd Dec 20145 comments


Personal Blog

Here's the NYTimes story: Hackers With Apparent Investment Banking Background Target Biotech

You should be able to download a copy of the report from the FireEye website here. Alternatively, you can request a free copy of the FireEye report here by pretending to be a company (for example, entering "no company" in the "company" field). There may be a time delay in between requesting and receiving the report.

Luckily for all of us, just because the hackers, referred to as FIN4, had financial motivations (getting "inside information about impending market catalysts") did not mean that they attempted to maximize their financial gain. If they had, this could would have been on the front page instead of in the technology section, and the headline could have been "Terrorists Hired Hackers to Manufacture Synthetic Disease," or alternately "Hacker Group Threatens to Release Synthetic Plague if Demands Not Met."

I sincerely hope that, if artificial gene synthesis devices were not kept air-gapped before, that they will be now. If hackers were able to compromise the email accounts of researchers and scientists (listed separately in the report for some reason), and artificial gene synthesis devices took requests from authorized users by internet, then these hackers could have ordered genes synthesized.

5 comments, sorted by Highlighting new comments since Today at 6:50 AM
New Comment

There no good reason to believe that at present tech levels you can simply create synthetic disease by having control of the computers and synthesing equipment of a biotech company.

If you could you might as well just register for the service and use it legally. It's not like any of those biology-as-a-service companies evaluate what their customers synthesize for pathogenicity.

They might have filters in place that alert them when someone tries to synthesise small pox or the Spanish flu.

I doubt they do. Why would they bother?

There's almost definitely government working group for biosafety that think about issues like this.

Asking a DNA synthesis company to check their order against a handful of genes and report back when a customer tries to order one of those isn't complicated.

The companies inturn prefer informal solutions.