Meet the Scientists on the Frontlines of Protecting Humanity from a Man-Made Pathogen
Jean Peccoud wasn't expecting an email from the FBI. He definitely wasn't expecting the agency to invite him to a meeting. "My reaction was, 'What did I do wrong to be on the FBI watch list?'" he recalls.
You use those blueprints for white-hat research—which is, indeed, why the open blueprints exist—or you can do the same for a black-hat attack.
He didn't know what the feds could possibly want from him. "I was mostly scared at this point," he says. "I was deeply disturbed by the whole thing."
But he decided to go anyway, and when he traveled to San Francisco for the 2008 gathering, the reason for the e-vite became clear: The FBI was reaching out to researchers like him—scientists interested in synthetic biology—in anticipation of the potential nefarious uses of this technology. "The whole purpose of the meeting was, 'Let's start talking to each other before we actually need to talk to each other,'" says Peccoud, now a professor of chemical and biological engineering at Colorado State University. "'And let's make sure next time you get an email from the FBI, you don't freak out."
Synthetic biology—which Peccoud defines as "the application of engineering methods to biological systems"—holds great power, and with that (as always) comes great responsibility. When you can synthesize genetic material in a lab, you can create new ways of diagnosing and treating people, and even new food ingredients. But you can also "print" the genetic sequence of a virus or virulent bacterium.
And while it's not easy, it's also not as hard as it could be, in part because dangerous sequences have publicly available blueprints. You use those blueprints for white-hat research—which is, indeed, why the open blueprints exist—or you can do the same for a black-hat attack. You could synthesize a dangerous pathogen's code on purpose, or you could unwittingly do so because someone tampered with your digital instructions. Ordering synthetic genes for viral sequences, says Peccoud, would likely be more difficult today than it was a decade ago.
"There is more awareness of the industry, and they are taking this more seriously," he says. "There is no specific regulation, though."
Trying to lock down the interconnected machines that enable synthetic biology, secure its lab processes, and keep dangerous pathogens out of the hands of bad actors is part of a relatively new field: cyberbiosecurity, whose name Peccoud and colleagues introduced in a 2018 paper.
Biological threats feel especially acute right now, during the ongoing pandemic. COVID-19 is a natural pathogen -- not one engineered in a lab. But future outbreaks could start from a bug nature didn't build, if the wrong people get ahold of the right genetic sequences, and put them in the right sequence. Securing the equipment and processes that make synthetic biology possible -- so that doesn't happen -- is part of why the field of cyberbiosecurity was born.
The Origin Story
It is perhaps no coincidence that the FBI pinged Peccoud when it did: soon after a journalist ordered a sequence of smallpox DNA and wrote, for The Guardian, about how easy it was. "That was not good press for anybody," says Peccoud. Previously, in 2002, the Pentagon had funded SUNY Stonybrook researchers to try something similar: They ordered bits of polio DNA piecemeal and, over the course of three years, strung them together.
Although many years have passed since those early gotchas, the current patchwork of regulations still wouldn't necessarily prevent someone from pulling similar tricks now, and the technological systems that synthetic biology runs on are more intertwined — and so perhaps more hackable — than ever. Researchers like Peccoud are working to bring awareness to those potential problems, to promote accountability, and to provide early-detection tools that would catch the whiff of a rotten act before it became one.
Peccoud notes that if someone wants to get access to a specific pathogen, it is probably easier to collect it from the environment or take it from a biodefense lab than to whip it up synthetically. "However, people could use genetic databases to design a system that combines different genes in a way that would make them dangerous together without each of the components being dangerous on its own," he says. "This would be much more difficult to detect."
After his meeting with the FBI, Peccoud grew more interested in these sorts of security questions. So he was paying attention when, in 2010, the Department of Health and Human Services — now helping manage the response to COVID-19 — created guidance for how to screen synthetic biology orders, to make sure suppliers didn't accidentally send bad actors the sequences that make up bad genomes.
Guidance is nice, Peccoud thought, but it's just words. He wanted to turn those words into action: into a computer program. "I didn't know if it was something you can run on a desktop or if you need a supercomputer to run it," he says. So, one summer, he tasked a team of student researchers with poring over the sentences and turning them into scripts. "I let the FBI know," he says, having both learned his lesson and wanting to get in on the game.
Peccoud later joined forces with Randall Murch, a former FBI agent and current Virginia Tech professor, and a team of colleagues from both Virginia Tech and the University of Nebraska-Lincoln, on a prototype project for the Department of Defense. They went into a lab at the University of Nebraska at Lincoln and assessed all its cyberbio-vulnerabilities. The lab develops and produces prototype vaccines, therapeutics, and prophylactic components — exactly the kind of place that you always, and especially right now, want to keep secure.
"We were creating wiki of all these nasty things."
The team found dozens of Achilles' heels, and put them in a private report. Not long after that project, the two and their colleagues wrote the paper that first used the term "cyberbiosecurity." A second paper, led by Murch, came out five months later and provided a proposed definition and more comprehensive perspective on cyberbiosecurity. But although it's now a buzzword, it's the definition, not the jargon, that matters. "Frankly, I don't really care if they call it cyberbiosecurity," says Murch. Call it what you want: Just pay attention to its tenets.
A Database of Scary Sequences
Peccoud and Murch, of course, aren't the only ones working to screen sequences and secure devices. At the nonprofit Battelle Memorial Institute in Columbus, Ohio, for instance, scientists are working on solutions that balance the openness inherent to science and the closure that can stop bad stuff. "There's a challenge there that you want to enable research but you want to make sure that what people are ordering is safe," says the organization's Neeraj Rao.
Rao can't talk about the work Battelle does for the spy agency IARPA, the Intelligence Advanced Research Projects Activity, on a project called Fun GCAT, which aims to use computational tools to deep-screen gene-sequence orders to see if they pose a threat. It can, though, talk about a twin-type internal project: ThreatSEQ (pronounced, of course, "threat seek").
The project started when "a government customer" (as usual, no one will say which) asked Battelle to curate a list of dangerous toxins and pathogens, and their genetic sequences. The researchers even started tagging sequences according to their function — like whether a particular sequence is involved in a germ's virulence or toxicity. That helps if someone is trying to use synthetic biology not to gin up a yawn-inducing old bug but to engineer a totally new one. "How do you essentially predict what the function of a novel sequence is?" says Rao. You look at what other, similar bits of code do.
"We were creating wiki of all these nasty things," says Rao. As they were working, they realized that DNA manufacturers could potentially scan in sequences that people ordered, run them against the database, and see if anything scary matched up. Kind of like that plagiarism software your college professors used.
Battelle began offering their screening capability, as ThreatSEQ. When customers -- like, currently, Twist Bioscience -- throw their sequences in, and get a report back, the manufacturers make the final decision about whether to fulfill a flagged order — whether, in the analogy, to give an F for plagiarism. After all, legitimate researchers do legitimately need to have DNA from legitimately bad organisms.
"Maybe it's the CDC," says Rao. "If things check out, oftentimes [the manufacturers] will fulfill the order." If it's your aggrieved uncle seeking the virulent pathogen, maybe not. But ultimately, no one is stopping the manufacturers from doing so.
Beyond that kind of tampering, though, cyberbiosecurity also includes keeping a lockdown on the machines that make the genetic sequences. "Somebody now doesn't need physical access to infrastructure to tamper with it," says Rao. So it needs the same cyber protections as other internet-connected devices.
Scientists are also now using DNA to store data — encoding information in its bases, rather than into a hard drive. To download the data, you sequence the DNA and read it back into a computer. But if you think like a bad guy, you'd realize that a bad guy could then, for instance, insert a computer virus into the genetic code, and when the researcher went to nab her data, her desktop would crash or infect the others on the network.
Something like that actually happened in 2017 at the USENIX security symposium, an annual programming conference: Researchers from the University of Washington encoded malware into DNA, and when the gene sequencer assembled the DNA, it corrupted the sequencer's software, then the computer that controlled it.
"This vulnerability could be just the opening an adversary needs to compromise an organization's systems," Inspirion Biosciences' J. Craig Reed and Nicolas Dunaway wrote in a paper for Frontiers in Bioengineering and Biotechnology, included in an e-book that Murch edited called Mapping the Cyberbiosecurity Enterprise.
Where We Go From Here
So what to do about all this? That's hard to say, in part because we don't know how big a current problem any of it poses. As noted in Mapping the Cyberbiosecurity Enterprise, "Information about private sector infrastructure vulnerabilities or data breaches is protected from public release by the Protected Critical Infrastructure Information (PCII) Program," if the privateers share the information with the government. "Government sector vulnerabilities or data breaches," meanwhile, "are rarely shared with the public."
"What I think is encouraging right now is the fact that we're even having this discussion."
The regulations that could rein in problems aren't as robust as many would like them to be, and much good behavior is technically voluntary — although guidelines and best practices do exist from organizations like the International Gene Synthesis Consortium and the National Institute of Standards and Technology.
Rao thinks it would be smart if grant-giving agencies like the National Institutes of Health and the National Science Foundation required any scientists who took their money to work with manufacturing companies that screen sequences. But he also still thinks we're on our way to being ahead of the curve, in terms of preventing print-your-own bioproblems: "What I think is encouraging right now is the fact that we're even having this discussion," says Rao.
Peccoud, for his part, has worked to keep such conversations going, including by doing training for the FBI and planning a workshop for students in which they imagine and work to guard against the malicious use of their research. But actually, Peccoud believes that human error, flawed lab processes, and mislabeled samples might be bigger threats than the outside ones. "Way too often, I think that people think of security as, 'Oh, there is a bad guy going after me,' and the main thing you should be worried about is yourself and errors," he says.
Murch thinks we're only at the beginning of understanding where our weak points are, and how many times they've been bruised. Decreasing those contusions, though, won't just take more secure systems. "The answer won't be technical only," he says. It'll be social, political, policy-related, and economic — a cultural revolution all its own.
Time to visit your TikTok doc? The good and bad of doctors on social media
Rakhi Patel has carved a hobby out of reviewing pizza — her favorite food — on Instagram. In a nod to her preferred topping, she calls herself thepepperoniqueen. Photos and videos show her savoring slices from scores of pizzerias. In some of them, she’s wearing scrubs — her attire as an inpatient neurology physician associate at Tufts Medical Center in Boston.
“Depending on how you dress your pizza, it can be more nutritious,” said Patel, who suggests a thin crust, sugarless tomato sauce and vegetables galore as healthier alternatives. “There are no boundaries for a health care professional to enjoy pizza.”
Beyond that, “pizza fuels my mental health and makes me happy, especially when loaded with pepperoni,” she said. “If I’m going to be a pizza connoisseur, then I also need to take care of my physical health by ensuring that I get at least three days of exercise per week and eat nutritiously when I’m not eating pizza.”
She’s among an increasing number of health care professionals, including doctors and nurses, who maintain an active persona on social media, according to bioethics researchers. They share their hobbies and interests with people inside and outside the world of medicine, helping patients and the public become acquainted with the humans behind the scrubs or white coats. Other health care experts limit their posts to medical topics, while some opt for a combination of personal and professional commentaries. Depending on the posts, ethical issues may come into play.
“Health care professionals are quite prevalent on social media,” said Mercer Gary, a postdoctoral researcher at The Hastings Center, an independent bioethics research institute in Garrison, New York. “They’ve been posting on #medTwitter for many years, mainly to communicate with one another, but, of course, anyone can see the threads. Most recently, doctors and nurses have become a presence on TikTok.”
On social media, many health care providers perceive themselves to be “humanizing” their profession by coming across as more approachable — “reminding patients that providers are people and workers, as well as repositories of medical expertise,” Gary said. As a result, she noted that patients who are often intimidated by clinicians may feel comfortable enough to overcome barriers to scheduling health care appointments. The use of TikTok in particular may help doctors and nurses connect with younger followers.
When health care providers post on social media, they must bear in mind that they have legal and ethical duties to their patients, profession and society, said Elizabeth Levy, founder and director of Physicians for Justice.
While enduring three years of pandemic conditions, many health care professionals have struggled with burnout, exhaustion and moral distress. “Much health care provider content on social media seeks to expose the difficulties of the work,” Gary added. “TikTok and Instagram reels have shown health care providers crying after losing a patient or exhausted after a night shift in the emergency department.”
A study conducted in Beijing, China and published last year found that TikTok is the world’s most rapidly growing video application, amassing 1.6 billion users in 2021. “More and more patients are searching for information on genitourinary cancers via TikTok,” the study’s authors wrote in Frontiers in Oncology, referring to cancers of the urinary tracts and male reproductive organs. Among the 61 sample videos examined by the researchers, health care practitioners contributed the content in 29, or 47 percent, of them. Yet, 22 posts, 36 percent, were misinformative, mostly due to outdated information.
More than half of the videos offered good content on disease symptoms and examinations. The authors concluded that “most videos on genitourinary cancers on TikTok are of poor to medium quality and reliability. However, videos posted by media agencies enjoyed great public attention and interaction. Medical practitioners could improve the video quality by cooperating with media agencies and avoiding unexplained terminologies.”
When health care providers post on social media, they must bear in mind that they have legal and ethical duties to their patients, profession and society, said Elizabeth Levy, founder and director of Physicians for Justice in Irvine, Calif., a nonprofit network of volunteer physicians partnering with public interest lawyers to address the social determinants of health.
“Providers are also responsible for understanding the mechanics of their posts,” such as who can see these messages and how long they stay up, Levy said. As a starting point for figuring what’s acceptable, providers could look at social media guidelines put out by their professional associations. Even beyond that, though, they must exercise prudent judgment. “As social media continues to evolve, providers will also need to stay updated with the changing risks and benefits of participation.”
Patients often research their providers online, so finding them on social media can help inform about values and approaches to care, said M. Sara Rosenthal, a professor and founding director of the program for bioethics and chair of the hospital ethics committee at the University of Kentucky College of Medicine.
Health care providers’ posts on social media also could promote patient education. They can advance informed consent and help patients navigate the risks and benefits of various treatments or preventive options. However, providers could violate ethical principles if they espouse “harmful, risky or questionable therapies or medical advice that is contrary to clinical practice guidelines or accepted standards of care,” Rosenthal said.
Inappropriate self-disclosure also can affect a provider’s reputation, said Kelly Michelson, a professor of pediatrics and director of the Center for Bioethics and Medical Humanities at Northwestern University’s Feinberg School of Medicine. A clinician’s obligations to professionalism extend beyond those moments when they are directly taking care of their patients, she said. “Many experts recommend against clinicians ‘friending’ patients or the families on social media because it blurs the patient-clinician boundary.”
Meanwhile, clinicians need to adhere closely to confidentiality. In sharing a patient’s case online for educational purposes, safeguarding identity becomes paramount. Removing names and changing minor details is insufficient, Michelson said.
“The patient-clinician relationship is sacred, and it can only be effective if patients have 100 percent confidence that all that happens with their clinician is kept in the strictest of confidence,” she said, adding that health care providers also should avoid obtaining information about their patients from social media because it can lead to bias and risk jeopardizing objectivity.
Academic clinicians can use social media as a recruitment tool to expand the pool of research participants for their studies, Michelson said. Because the majority of clinical research is conducted at academic medical centers, large segments of the population are excluded. “This affects the quality of the data and knowledge we gain from research,” she said.
Don S. Dizon, a professor of medicine and surgery at the Warren Alpert Medical School of Brown University in Providence, Rhode Island, uses LinkedIn and Doximity, as well as Twitter, Instagram, TikTok, Facebook, and most recently, YouTube and Post. He’s on Twitter nearly every day, where he interacts with the oncology community and his medical colleagues.
Also, he said, “I really like Instagram. It’s where you will see a hybrid of who I am professionally and personally. I’ve become comfortable sharing both up to a limit, but where else can I combine my appreciation of clothes with my professional life?” On that site, he’s seen sporting shirts with polka dots or stripes and an occasional bow-tie. He also posts photos of his cats.
Don S. Dizon, a professor of medicine and surgery at Brown, started using TikTok several years ago, telling medical stories in short-form videos.
Don S. Dizon
Dizon started using TikTok several years ago, telling medical stories in short-form videos. He may talk about an inspirational patient, his views on end-of-life care and death, or memories of people who have passed. But he is careful not to divulge any details that would identify anyone.
Recently, some people have become his patients after viewing his content on social media or on the Internet in general, which he clearly states isn’t a forum for medical advice. “In both situations, they are so much more relaxed when we meet, because it’s as if they have a sense of who I am as a person,” Dizon said. “I think that has helped so much in talking through a cancer diagnosis and a treatment plan, and yes, even discussions about prognosis.”
He also posts about equity and diversity. “I have found myself more likely to repost or react to issues that are inherently political, including racism, homophobia, transphobia and lack-of-access issues, because medicine is not isolated from society, and I truly believe that medicine is a social justice issue,” said Dizon, who is vice chair of diversity, equity, inclusion and professional integrity at the SWOG Cancer Research Network.
Through it all, Dizon likes “to break through the notion of doctor as infallible and all-knowing, the doctor as deity,” he said. “Humanizing what I do, especially in oncology, is something that challenges me on social media, and I appreciate the opportunities to do it on TikTok.”
Could this habit related to eating slow down rates of aging?
Last Thursday, scientists at Columbia University published a new study finding that cutting down on calories could lead to longer, healthier lives. In the phase 2 trial, 220 healthy people without obesity dropped their calories significantly and, at least according to one test, their rate of biological aging slowed by 2 to 3 percent in over a couple of years. Small though that may seem, the researchers estimate that it would translate into a decline of about 10 percent in the risk of death as people get older. That's basically the same as quitting smoking.
Previous research has shown that restricting calories results in longer lives for mice, worms and flies. This research is unique because it applies those findings to people. It was published in Nature Aging.
But what did the researchers actually show? Why did two other tests indicate that the biological age of the research participants didn't budge? Does the new paper point to anything people should be doing for more years of healthy living? Spoiler alert: Maybe, but don't try anything before talking with a medical expert about it. I had the chance to chat with someone with inside knowledge of the research -- Dr. Evan Hadley, director of the National Institute of Aging's Division of Geriatrics and Clinical Gerontology, which funded the study. Dr. Hadley describes how the research participants went about reducing their calories, as well as the risks and benefits involved. He also explains the "aging clock" used to measure the benefits.
Evan Hadley, Director of the Division of Geriatrics and Clinical Gerontology at the National Institute of Aging
NIA