Corey M Hudson — From Buffer Overflowing Genomics Tools to Securing — DEF CON 27 Bio Hacking Village

In this presentation we describe a previously unreported buffer overflow vulnerability in popular genomics alignment software package BWA. We will show how this exploit, combined with well-known attacks allows an attacker to access and modify patient data and manipulate genomic tests. We then show how this class of attacks constitutes a wider threat to global biomedical infrastructure and what a newly-formed team from Sandia National Labs and BioBright are doing about it.