Genomics Cyber Security Issues

In a bid to boost the battle against cancer, in 2011, Illumina received the sum of $100,000 from Steve Jobs who was battling pancreatic cancer as pay to carry out sequencing of his DNA. As of 2017, price has dropped for individual sequencing from over $1000 to below $200, which even covers in-depth data analytics.

With this rapid fall in price, there has also been a proportional increase in the number of requests for genomics. By making use of genomics companies such as Illumina, companies such as Ancestry.com and 23andMe provide services to customers to determine the risks of certain diseases, determine a customer’s ancestry using their DNA sample, and more.

With this sudden rise in the popularity of companies offering genomics services, the need to store genetic information on cloud servers is also increasing. Since the genetic information is sensitive information, cybersecurity is vital to genomics.

What are the Dangers?

Since the data involved in this case is de-identified, it is not under the Health Insurance Portability and Accountability Act (HIPAA). The implication is that the protection of information is up to the genomic companies. Genomic companies usually advise their clients to freely show their genetic information to as many people as they can reach asides the other third parties.

Voluntarily sharing genetic information is a fast and easy way for people to identify their relatives from areas where they would never have guessed to search. It can also aid advancements in genetics research. These are a few benefits of sharing.

Although there are advantages, which are attainable through sharing genomic information with other people, and information connecting a person to a genetic sequence is not decipherable, the possibilities of problems arising now and in the future are also real. The article, “The Promise & Perils of Sharing DNA,” by Adam Tanner published on Undark.org in 2016 outline some of the risks threatening the security of genomics data. Below are some of the threats he discusses:

  • A person who has not undergone genomic testing can have information on their DNA leaked through the DNA of anyone related to them by blood.
  • It is possible that an identity may be placed on DNA as time goes on due to the unique nature of a DNA. There is a possibility that developments may arise where it will be easy to trace back a DNA to the identity of its owner.
  • Future advancements in technology may make identity theft a possibility  through Genetics.
  • Since genomics can determine the likelihood of a disease affecting a person, insurance companies may use this to their advantage. Marketing companies and employers may also use this information.

Other situations where the threats are on a larger scale will undoubtedly include the use of genetic information by terrorist organizations or another foreign power. If one goes through the CNBC article by Eamon Javers, “US Official: American DNA Info At Risk For Theft By Foreign Powers,” he explains the fears of government officials on how biological bombs can be built to affect people based on health information to a devastating degree.

What are the tasks that lie ahead For Cyber Security

Now, the primary responsibility for cybersecurity personnel is ensuring that access to DNA sequences on a cloud network is only available to people with clearance or authorization.

In the “Protecting Genomic Data Analytics In The Cloud: State Of The Art And Opportunities,” a BMC Medical Genomics technical paper by Haixu Tang, et al., outsourcing, and collaboration are two significant areas where genetic data security must be at a maximum level.

There is also information on a test in the form of a competition to determine how well the cybersecurity methods available function. Haixu Tang, et al. state that compared to some of the analytical tasks, there is a need to make advancements in the methods used for encrypted data. To ensure maximum safety of genetic information in networked environments, privacy-enhancing technologies (PET) will need improvements, and it will be a joint venture between experts such as biomedical professionals, penetration testers, cryptographers, and computer scientists.

Since storing genetic information on a single cloud server is unsafe, DNA cryptography is a method in which various cloud servers will store information concurrently. In the Indian Journal of Science and Technology, a paper titled “Cloud Computing: A Survey on Security Issues And DNA, ID-Base Cryptography,” by R. Thilagavathy and A. Murugan sheds more light on what DNA cryptography entails.

For a safer approach to storage, Thilagavathy and Murugan, suggest the storing of the DNA sequencing data in two parts. This first will involve applying a binary rule through data embedding to the initial DNA data as soon during at the uploading stage. The second is using a base pair rule on DNA information to create a ciphertext conversion in a method known as data extracting. This base pair rule borrows from the nature of paired nucleotides of DNA.

The process takes place across four different cloud servers, to bolster security. With the incorporation of data embedding and data extracting to the DNA cryptography, the merits of genomics can be enjoyed by schools, researchers and government units without any risk.

Training
The online cyber security degree available in Maryville University provides a virtual training lab where students practice skills in network and wireless security, digital forensics, cybersecurity, and ethical hacking. There is also a virtual lab for conducting practical training.

After completing the course and successful graduation, there are opportunities to secure posts as information security manager, network architect, networking consultant, or security analyst with high pay in some of the worlds most renowned tech companies.

If you wish to get more information, contact Maryville University.