Security

The convergence of biological and computer viruses

The difference between a biological virus and a computer virus is blurring. Learn how a researcher infected himself with a computer virus.

A few years ago, I worked on a series about computer malware. I wish I could say the articles were a hit because of my herculean effort, but I can't. That honor goes to the incredible member discussions — particularly the ones discussing similarities between malware propagation and how we humans spread our maladies.

Another article I've written that garnered much the same interest looked at how computer scientists were able to enhance digital communications by replicating neural networks discovered strangely enough in fruit flies. Lead scientist, Dr. Ziv Bar-Joseph:

Biological systems address many challenges presented by computer networking. For instance, biological processes are often distributed, as are communication systems used by computers. Thus, I believe, solutions for many computer-network problems can be based on what we learn from biological systems.

Is there convergence?

My interest in this subject may not be as lofty as Mr. Einstein and his desire to explain the entire universe using one equation. But, I'm starting to see signs that the convergence between biology and digital electronics is impacting computer security. Something I do consider important. So, when I stumbled across a web page asking, Could you become infected with a Computer Virus, I had to check it out.

After watching the TEDxTalk associated with the webpage, I was somewhat disappointed. The title is technically correct, but not what I had envisioned — or so I thought. The talk starts out with Dr. Mark Gasson, senior research fellow at University of Reading, explaining how he inserted a RFID chip under the skin between his thumb and first finger.

Next, Dr. Gasson discussed several useful functions he programmed into the RFID device:

  • Allow the implanted person to gain access to secure buildings.
  • Allow devices like mobile phones to work only if the RFID tag is in close proximity.
  • The implant stores information that could be useful in emergencies.

Infect the RFID implant

Here's where the talk got interesting. After the RFID implant was in place, Dr. Gasson was able to infect it with a virus. And more importantly, infect (replicate the virus) other devices:

We did two experiments: one with the computer system securing building access using smart card or RFID devices. We infected that computer with a virus. The computer was able to transfer the virus to the implant when I tried to gain access.

In the second experiment, we purposefully infected the implant itself. When the building's access system read the tag, the virus was transferred and corrupted the computer system. At that point any other device (typically RFID smart cards rather than implants) trying to access the system was potentially at risk from the virus.

Is it an official virus?

Now the million-dollar question: can a human become infected with a computer virus? I looked at more definitions of virus than I care to admit. And, the only requirement common to all the definitions; a virus needs to be self-replicating in a host. This definition is one of the more interesting ones I found:

The concept of a virus as an organism challenges the way we define life. Viruses do not respire, nor do they display irritability; they do not move, nor do they grow. However, they do most certainly reproduce, and may adapt to new hosts.

So, if we consider replication a mandatory requirement, is it official?

More ammunition

I'd like to continue the discussion about convergence between computer viruses and biological viruses by introducing "An Attacker's Day into Human Virology," A research paper by Axelle Apvrille and Guillaume Lovet, researchers for Fortinet, that looks at traits common to both biological and computer viruses.

Medical terminology alert: I suspect, like me, most IT-types squeaked by with only the required biology classes at university. Just beware the first several pages of the paper are like this:

Additionally, macrophages release special proteins — cytokines — that activate Natural Killer lymphocytes.

Thankfully, Axelle and Guillaume returned to familiar terminology when they started comparing the two "not that different" types of viruses:

  • Brute force attack: This is one case where the biological virus is nastier. According to the research team, the whole idea is for the virus colony to overwhelm the immune system. Computer viruses are more selective with the main consideration being how to infect more hosts.
  • Polymorphism: Biological viruses are polymorphic because of error-prone replication. As I understand, during replication, duplicating genetic information is not always successful — creating a different virus strain that is not immediately recognizable by the immune system. HIV is a good example. Conficker is a polymorphic computer virus.
  • Attack the AV engine: HIV is a good example of this as well. It directly attacks the immune system — the body's AV engine. There are numerous computer viruses capable of terminating antivirus programs — for example, W32/Sality.
  • Vulnerable hosts: Biological viruses do not attack at random. They target specific cells that are vulnerable to that particular virus's payload. Computer viruses are slightly different. Depending on their design they can either attack at random, hoping to find a vulnerable file or specifically check to see if the host is vulnerable before attacking.
  • Time bombs: Most biological viruses need to reach critical mass before they become effective. There are some famous computer viruses like Michelangelo and CodeRed programmed to activate their payload at a specific time and date.
  • Auto re-infect: The researchers mentioned HIV more than any other biological virus. That must mirror its effectiveness. HIV is insidious with its ability to keep the host infected or automatically re-infect it. The bank-account stealing virus Zeus, also insidious, employs constant updating so the infected host computer remains under the control of the attackers.

What if?

The next topic discussed by the researchers is a bit unnerving:

Fortunately, biological viruses are not advanced enough to implement packing, encryption, virtual machine detection, or anti-debugging tricks. Geneticists should probably pray that future biological viruses won't evolve from the genomes of cyber-criminals or medicine will have even more difficulties in identifying and stopping viruses.

Here's more:

We are quite lucky that biological viruses do not intentionally play a game of cat and mouse with medical doctors. Just imagine what this would translate to: sick people being redirected to a hair stylist instead of a medical doctor (URL redirection), viruses saying hello when you watch them with a microscope, or viruses refusing to replicate under culture (foiling reverse engineering).

Quite a concept — computer viruses are more evolved than their biological counterparts.

Final thoughts

What Dr. Gasson has accomplished brings up several interesting questions:

  • Will the term virus require redefining, taking into account the biological-digital convergence?
  • What does Dr. Gasson proving that implanted devices can be infected mean to the medical field?
  • Mobile phones are close to being a necessity, meaning those without mobile phones are at a disadvantage. Will the same apply to implantable technology?

What say you?

About

Information is my field...Writing is my passion...Coupling the two is my mission.

Editor's Picks