Researchers from Sandia National Laboratories uncovered vulnerable spot in open-source software scientists use to uncover genetic alterations, Health IT Security reports. This, Sandia notes in a press release, left some analyses open to cyber attacks, though it adds that a patch has been issued.
The weak point arose, according to Computerworld Australia, when the Burrows-Wheeler Aligner imported the standard reference genome from government servers, as it traveled over insecure channels. That left the process open to a "man in the middle" attack in which a hacker could intercept the standardized genome sequence and attach malware to it before sending it on its way to the BWA user, according to Sandia. That malware could then change a patient's genetic information file as it is mapped to the reference, altering the analysis and, potentially, the patient's treatment, it adds.
"Once we discovered that this attack could change a patient's genetic information, we followed responsible disclosure," Corey Hudson, a bioinformatics researcher at Sandia, says in a statement. Sandia adds that the software developers then issued a patch.
There has been no known attack based on this vulnerability, Computerworld Australia adds.