A DNA database contains DNA profiles. These profiles can be used to analyze genetic diseases, help law enforcement identify fingerprints, and discover one’s family history. DNA databases are everywhere; they are both publicly and privately owned. In the United States, for example, Ancestry.com, an American genealogy company based in Lehi, Utah, has more than 20 million DNA tests in its database. Ancestry.com has over 3 million paying subscribers in the United States alone. Now, imagine if bad actors were to hack its database and then use the stolen data to create very specific, very dangerous bioweapons? The stuff of science fiction, right? Wrong.
Since 2010, the Aspen Strategy Group has hosted The Aspen Security Forum, an annual three-and-a-half day conference that focuses on the most pressing security threats facing the United States. At the most recent event, which ran from July 19–22, Rep. Jason Crow (D-Colo.), a member of the House Intelligence Committee, spoke about the dangers of sharing their DNA with the likes of Ancestry.com and other prominent genealogy companies. “You can actually take someone’s DNA, take—you know—their medical profile,” said Crow, “and you can target a biological weapon that will kill that person or take them off the battlefield or make them inoperable.”
Of course, genealogy companies don’t make bioweapons, but they possess the ingredients (genetic data) to do so. They could, for example, sell the data to a company or government agency capable of developing bioweapons. Again, this might sound farfetched, but it really shouldn’t.
23andMe, a saliva-based DNA service, has sold millions of testing kits to U.S. citizens. It also sold people’s genetic data to GlaxoSmithKline, a pharmaceutical company. If that’s not bad enough, at least three scientists at the pharmaceutical company have been found guilty of attempting to steal sensitive data to benefit China, the United States’ number-one rival and a country that appears to be extremely interested in developing deadly bioweapons. More on China later.
Even if companies promise not to sell your data without your explicit permission, are they capable of keeping it safe? The answer appears to be, No.
Last year, DNA Diagnostics Center, an Ohio-based DNA testing company, announced that the personal information of some 2 million individuals had been stolen.
What can a hacker do with your DNA?
As the author Matt Jancer previously discussed, DNA “reveals potentially damaging information,” thus making it a prime target for cybercriminals. Hackers who manage to access the highly sensitive data “may offer to ransom it back to the owner, at the risk of exposing sensitive information, like medical issues or family secrets.” Jancer referenced a hack that took place in 2018, when a number of cybercriminals targeted “Indiana-based Hancock Health hospitals and got paid four Bitcoin—at the time worth about $50,000—not to disperse patient information.” If data are the new oil, then DNA-related data are inarguably the most valuable “oil” in existence. As cybercriminals become more proficient and hacking more sophisticated, expect the DNA raids to become a more regular occurrence.
Which brings us back to aforementioned China. Beijing-backed hackers have already stolen the personal data of 80 percent of American adults. In recent times, the Chinese Communist Party (CCP) has become particularly interested in the use of DNA testing—you know, for security purposes. DNA testing has been used to both identify and track Uyghur Muslims, according to NPR. In 2020, The New York Times ran a story documenting the many ways in which Chinese authorities were using DNA testing to monitor the movements of the country’s male population—roughly 700 million individuals. Again, all in the name of security, of course.
What happens in China, sadly, no longer stays there. Not just content with using DNA data to spy on its own citizens, the CCP is looking to collect data on citizens of other countries, especially U.S. citizens. As the NPR piece warned, DNA collection by Chinese agencies “should be seen as part of a comprehensive effort to vacuum up millions and millions of records on U.S. citizens.”
April Falcon Doss, a former member of the National Security Agency and author of the book Cyber Privacy:Who Has Your Data and Why You Should Care, told NPR that most Americans have already “had their data compromised by the cyber intelligence units of the Chinese government and Chinese military intelligence.” Now, with DNA-related data, China is interested in collecting even more “detailed personal information on a massive scale for multiple reasons,” including boosting “its economy, advancing its technology, and to support its espionage efforts,” she added.
Reality, as they say, is very often far stranger than fiction. This includes science fiction. The idea of having your data stolen sounds completely reasonable. Why? Because data are stolen all the time. Why then should the idea of your DNA-related data being stolen sound ludicrous? For an increasing number of cybercriminals, some of whom are affiliated with nefarious regimes, getting access to our DNA is fast becoming their number-one goal.
Views expressed in this article are the opinions of the author and do not necessarily reflect the views of The Epoch Times.