Meet the Scientists on the Frontlines of Protecting Humanity from a Man-Made Pathogen
Jean Peccoud wasn't expecting an email from the FBI. He definitely wasn't expecting the agency to invite him to a meeting. "My reaction was, 'What did I do wrong to be on the FBI watch list?'" he recalls.
You use those blueprints for white-hat research—which is, indeed, why the open blueprints exist—or you can do the same for a black-hat attack.
He didn't know what the feds could possibly want from him. "I was mostly scared at this point," he says. "I was deeply disturbed by the whole thing."
But he decided to go anyway, and when he traveled to San Francisco for the 2008 gathering, the reason for the e-vite became clear: The FBI was reaching out to researchers like him—scientists interested in synthetic biology—in anticipation of the potential nefarious uses of this technology. "The whole purpose of the meeting was, 'Let's start talking to each other before we actually need to talk to each other,'" says Peccoud, now a professor of chemical and biological engineering at Colorado State University. "'And let's make sure next time you get an email from the FBI, you don't freak out."
Synthetic biology—which Peccoud defines as "the application of engineering methods to biological systems"—holds great power, and with that (as always) comes great responsibility. When you can synthesize genetic material in a lab, you can create new ways of diagnosing and treating people, and even new food ingredients. But you can also "print" the genetic sequence of a virus or virulent bacterium.
And while it's not easy, it's also not as hard as it could be, in part because dangerous sequences have publicly available blueprints. You use those blueprints for white-hat research—which is, indeed, why the open blueprints exist—or you can do the same for a black-hat attack. You could synthesize a dangerous pathogen's code on purpose, or you could unwittingly do so because someone tampered with your digital instructions. Ordering synthetic genes for viral sequences, says Peccoud, would likely be more difficult today than it was a decade ago.
"There is more awareness of the industry, and they are taking this more seriously," he says. "There is no specific regulation, though."
Trying to lock down the interconnected machines that enable synthetic biology, secure its lab processes, and keep dangerous pathogens out of the hands of bad actors is part of a relatively new field: cyberbiosecurity, whose name Peccoud and colleagues introduced in a 2018 paper.
Biological threats feel especially acute right now, during the ongoing pandemic. COVID-19 is a natural pathogen -- not one engineered in a lab. But future outbreaks could start from a bug nature didn't build, if the wrong people get ahold of the right genetic sequences, and put them in the right sequence. Securing the equipment and processes that make synthetic biology possible -- so that doesn't happen -- is part of why the field of cyberbiosecurity was born.
The Origin Story
It is perhaps no coincidence that the FBI pinged Peccoud when it did: soon after a journalist ordered a sequence of smallpox DNA and wrote, for The Guardian, about how easy it was. "That was not good press for anybody," says Peccoud. Previously, in 2002, the Pentagon had funded SUNY Stonybrook researchers to try something similar: They ordered bits of polio DNA piecemeal and, over the course of three years, strung them together.
Although many years have passed since those early gotchas, the current patchwork of regulations still wouldn't necessarily prevent someone from pulling similar tricks now, and the technological systems that synthetic biology runs on are more intertwined — and so perhaps more hackable — than ever. Researchers like Peccoud are working to bring awareness to those potential problems, to promote accountability, and to provide early-detection tools that would catch the whiff of a rotten act before it became one.
Peccoud notes that if someone wants to get access to a specific pathogen, it is probably easier to collect it from the environment or take it from a biodefense lab than to whip it up synthetically. "However, people could use genetic databases to design a system that combines different genes in a way that would make them dangerous together without each of the components being dangerous on its own," he says. "This would be much more difficult to detect."
After his meeting with the FBI, Peccoud grew more interested in these sorts of security questions. So he was paying attention when, in 2010, the Department of Health and Human Services — now helping manage the response to COVID-19 — created guidance for how to screen synthetic biology orders, to make sure suppliers didn't accidentally send bad actors the sequences that make up bad genomes.
Guidance is nice, Peccoud thought, but it's just words. He wanted to turn those words into action: into a computer program. "I didn't know if it was something you can run on a desktop or if you need a supercomputer to run it," he says. So, one summer, he tasked a team of student researchers with poring over the sentences and turning them into scripts. "I let the FBI know," he says, having both learned his lesson and wanting to get in on the game.
Peccoud later joined forces with Randall Murch, a former FBI agent and current Virginia Tech professor, and a team of colleagues from both Virginia Tech and the University of Nebraska-Lincoln, on a prototype project for the Department of Defense. They went into a lab at the University of Nebraska at Lincoln and assessed all its cyberbio-vulnerabilities. The lab develops and produces prototype vaccines, therapeutics, and prophylactic components — exactly the kind of place that you always, and especially right now, want to keep secure.
"We were creating wiki of all these nasty things."
The team found dozens of Achilles' heels, and put them in a private report. Not long after that project, the two and their colleagues wrote the paper that first used the term "cyberbiosecurity." A second paper, led by Murch, came out five months later and provided a proposed definition and more comprehensive perspective on cyberbiosecurity. But although it's now a buzzword, it's the definition, not the jargon, that matters. "Frankly, I don't really care if they call it cyberbiosecurity," says Murch. Call it what you want: Just pay attention to its tenets.
A Database of Scary Sequences
Peccoud and Murch, of course, aren't the only ones working to screen sequences and secure devices. At the nonprofit Battelle Memorial Institute in Columbus, Ohio, for instance, scientists are working on solutions that balance the openness inherent to science and the closure that can stop bad stuff. "There's a challenge there that you want to enable research but you want to make sure that what people are ordering is safe," says the organization's Neeraj Rao.
Rao can't talk about the work Battelle does for the spy agency IARPA, the Intelligence Advanced Research Projects Activity, on a project called Fun GCAT, which aims to use computational tools to deep-screen gene-sequence orders to see if they pose a threat. It can, though, talk about a twin-type internal project: ThreatSEQ (pronounced, of course, "threat seek").
The project started when "a government customer" (as usual, no one will say which) asked Battelle to curate a list of dangerous toxins and pathogens, and their genetic sequences. The researchers even started tagging sequences according to their function — like whether a particular sequence is involved in a germ's virulence or toxicity. That helps if someone is trying to use synthetic biology not to gin up a yawn-inducing old bug but to engineer a totally new one. "How do you essentially predict what the function of a novel sequence is?" says Rao. You look at what other, similar bits of code do.
"We were creating wiki of all these nasty things," says Rao. As they were working, they realized that DNA manufacturers could potentially scan in sequences that people ordered, run them against the database, and see if anything scary matched up. Kind of like that plagiarism software your college professors used.
Battelle began offering their screening capability, as ThreatSEQ. When customers -- like, currently, Twist Bioscience -- throw their sequences in, and get a report back, the manufacturers make the final decision about whether to fulfill a flagged order — whether, in the analogy, to give an F for plagiarism. After all, legitimate researchers do legitimately need to have DNA from legitimately bad organisms.
"Maybe it's the CDC," says Rao. "If things check out, oftentimes [the manufacturers] will fulfill the order." If it's your aggrieved uncle seeking the virulent pathogen, maybe not. But ultimately, no one is stopping the manufacturers from doing so.
Beyond that kind of tampering, though, cyberbiosecurity also includes keeping a lockdown on the machines that make the genetic sequences. "Somebody now doesn't need physical access to infrastructure to tamper with it," says Rao. So it needs the same cyber protections as other internet-connected devices.
Scientists are also now using DNA to store data — encoding information in its bases, rather than into a hard drive. To download the data, you sequence the DNA and read it back into a computer. But if you think like a bad guy, you'd realize that a bad guy could then, for instance, insert a computer virus into the genetic code, and when the researcher went to nab her data, her desktop would crash or infect the others on the network.
Something like that actually happened in 2017 at the USENIX security symposium, an annual programming conference: Researchers from the University of Washington encoded malware into DNA, and when the gene sequencer assembled the DNA, it corrupted the sequencer's software, then the computer that controlled it.
"This vulnerability could be just the opening an adversary needs to compromise an organization's systems," Inspirion Biosciences' J. Craig Reed and Nicolas Dunaway wrote in a paper for Frontiers in Bioengineering and Biotechnology, included in an e-book that Murch edited called Mapping the Cyberbiosecurity Enterprise.
Where We Go From Here
So what to do about all this? That's hard to say, in part because we don't know how big a current problem any of it poses. As noted in Mapping the Cyberbiosecurity Enterprise, "Information about private sector infrastructure vulnerabilities or data breaches is protected from public release by the Protected Critical Infrastructure Information (PCII) Program," if the privateers share the information with the government. "Government sector vulnerabilities or data breaches," meanwhile, "are rarely shared with the public."
"What I think is encouraging right now is the fact that we're even having this discussion."
The regulations that could rein in problems aren't as robust as many would like them to be, and much good behavior is technically voluntary — although guidelines and best practices do exist from organizations like the International Gene Synthesis Consortium and the National Institute of Standards and Technology.
Rao thinks it would be smart if grant-giving agencies like the National Institutes of Health and the National Science Foundation required any scientists who took their money to work with manufacturing companies that screen sequences. But he also still thinks we're on our way to being ahead of the curve, in terms of preventing print-your-own bioproblems: "What I think is encouraging right now is the fact that we're even having this discussion," says Rao.
Peccoud, for his part, has worked to keep such conversations going, including by doing training for the FBI and planning a workshop for students in which they imagine and work to guard against the malicious use of their research. But actually, Peccoud believes that human error, flawed lab processes, and mislabeled samples might be bigger threats than the outside ones. "Way too often, I think that people think of security as, 'Oh, there is a bad guy going after me,' and the main thing you should be worried about is yourself and errors," he says.
Murch thinks we're only at the beginning of understanding where our weak points are, and how many times they've been bruised. Decreasing those contusions, though, won't just take more secure systems. "The answer won't be technical only," he says. It'll be social, political, policy-related, and economic — a cultural revolution all its own.
Story by Big Think
In rare cases, a woman’s heart can start to fail in the months before or after giving birth. The all-important muscle weakens as its chambers enlarge, reducing the amount of blood pumped with each beat. Peripartum cardiomyopathy can threaten the lives of both mother and child. Viral illness, nutritional deficiency, the bodily stress of pregnancy, or an abnormal immune response could all play a role, but the causes aren’t concretely known.
If there is a silver lining to peripartum cardiomyopathy, it’s that it is perhaps the most survivable form of heart failure. A remarkable 50% of women recover spontaneously. And there’s an even more remarkable explanation for that glowing statistic: The fetus‘ stem cells migrate to the heart and regenerate the beleaguered muscle. In essence, the developing or recently born child saves its mother’s life.
Saving mama
While this process has not been observed directly in humans, it has been witnessed in mice. In a 2015 study, researchers tracked stem cells from fetal mice as they traveled to mothers’ damaged cardiac cells and integrated themselves into hearts.
Evolutionarily, this function makes sense: It is in the fetus’ best interest that its mother remains healthy.
Scientists also have spotted cells from the fetus within the hearts of human mothers, as well as countless other places inside the body, including the skin, spleen, liver, brain, lung, kidney, thyroid, lymph nodes, salivary glands, gallbladder, and intestine. These cells essentially get everywhere. While most are eliminated by the immune system during pregnancy, some can persist for an incredibly long time — up to three decades after childbirth.
This integration of the fetus’ cells into the mother’s body has been given a name: fetal microchimerism. The process appears to start between the fourth and sixth week of gestation in humans. Scientists are actively trying to suss out its purpose. Fetal stem cells, which can differentiate into all sorts of specialized cells, appear to target areas of injury. So their role in healing seems apparent. Evolutionarily, this function makes sense: It is in the fetus’ best interest that its mother remains healthy.
Sending cells into the mother’s body may also prime her immune system to grow more tolerant of the developing fetus. Successful pregnancy requires that the immune system not see the fetus as an interloper and thus dispatch cells to attack it.
Fetal microchimerism
But fetal microchimerism might not be entirely beneficial. Greater concentrations of the cells have been associated with various autoimmune diseases such as lupus, Sjogren’s syndrome, and even multiple sclerosis. After all, they are foreign cells living in the mother’s body, so it’s possible that they might trigger subtle, yet constant inflammation. Fetal cells also have been linked to cancer, although it isn’t clear whether they abet or hinder the disease.
A team of Spanish scientists summarized the apparent give and take of fetal microchimerism in a 2022 review article. “On the one hand, fetal microchimerism could be a source of progenitor cells with a beneficial effect on the mother’s health by intervening in tissue repair, angiogenesis, or neurogenesis. On the other hand, fetal microchimerism might have a detrimental function by activating the immune response and contributing to autoimmune diseases,” they wrote.
Regardless of a fetus’ cells net effect, their existence alone is intriguing. In a paper published earlier this year, University of London biologist Francisco Úbeda and University of Western Ontario mathematical biologist Geoff Wild noted that these cells might very well persist within mothers for life.
“Therefore, throughout their reproductive lives, mothers accumulate fetal cells from each of their past pregnancies including those resulting in miscarriages. Furthermore, mothers inherit, from their own mothers, a pool of cells contributed by all fetuses carried by their mothers, often referred to as grandmaternal microchimerism.”
So every mother may carry within her literal pieces of her ancestors.
New implants let paraplegics surf the web and play computer games
When I greeted Rodney Gorham, age 63, in an online chat session, he replied within seconds: “My pleasure.”
“Are you moving parts of your body as you type?” I asked.
This time, his response came about five minutes later: “I position the cursor with the eye tracking and select the same with moving my ankles.” Gorham, a former sales representative from Melbourne, Australia, living with amyotrophic lateral sclerosis, or ALS, a rare form of Lou Gehrig’s disease that impairs the brain’s nerve cells and the spinal cord, limiting the ability to move. ALS essentially “locks” a person inside their own body. Gorham is conversing with me by typing with his mind only–no fingers in between his brain and his computer.
The brain-computer interface enabling this feat is called the Stentrode. It's the brainchild of Synchron, a company backed by Amazon’s Jeff Bezos and Microsoft cofounder Bill Gates. After Gorham’s neurologist recommended that he try it, he became one of the first volunteers to have an 8mm stent, laced with small electrodes, implanted into his jugular vein and guided by a surgeon into a blood vessel near the part of his brain that controls movement.
After arriving at their destination, these tiny sensors can detect neural activity. They relay these messages through a small receiver implanted under the skin to a computer, which then translates the information into words. This minimally invasive surgery takes a day and is painless, according to Gorham. Recovery time is typically short, about two days.
When a paralyzed patient thinks about trying to move their arms or legs, the motor cortex will fire patterns that are specific to the patient’s thoughts.
When a paralyzed patient such as Gorham thinks about trying to move their arms or legs, the motor cortex will fire patterns that are specific to the patient’s thoughts. This pattern is detected by the Stentrode and relayed to a computer that learns to associate this pattern with the patient’s physical movements. The computer recognizes thoughts about kicking, making a fist and other movements as signals for clicking a mouse or pushing certain letters on a keyboard. An additional eye-tracking device controls the movement of the computer cursor.
The process works on a letter by letter basis. That’s why longer and more nuanced responses often involve some trial and error. “I have been using this for about two years, and I enjoy the sessions,” Gorham typed during our chat session. Zafar Faraz, field clinical engineer at Synchron, sat next to Gorham, providing help when required. Gorham had suffered without internet access, but now he looks forward to surfing the web and playing video games.
Gorham, age 63, has been enjoying Stentrode sessions for about two years.
Rodeny Dekker
The BCI revolution
In the summer of 2021, Synchron became the first company to receive the FDA’s Investigational Device Exemption, which allows research trials on the Stentrode in human patients. This past summer, the company, together with scientists from Icahn School of Medicine at Mount Sinai and the Neurology and Neurosurgery Department at Utrecht University, published a paper offering a framework for how to develop BCIs for patients with severe paralysis – those who can't use their upper limbs to type or use digital devices.
Three months ago, Synchron announced the enrollment of six patients in a study called COMMAND based in the U.S. The company will seek approval next year from the FDA to make the Stentrode available for sale commercially. Meanwhile, other companies are making progress in the field of BCIs. In August, Neuralink announced a $280 million financing round, the biggest fundraiser yet in the field. Last December, Synchron announced a $75 million financing round. “One thing I can promise you, in five years from now, we’re not going to be where we are today. We're going to be in a very different place,” says Elad I. Levy, professor of neurosurgery and radiology at State University of New York in Buffalo.
The risk of hacking exists, always. Cybercriminals, for example, might steal sensitive personal data for financial reasons, blackmailing, or to spread malware to other connected devices while extremist groups could potentially hack BCIs to manipulate individuals into supporting their causes or carrying out actions on their behalf.
“The prospect of bestowing individuals with paralysis a renewed avenue for communication and motor functionality is a step forward in neurotech,” says Hayley Nelson, a neuroscientist and founder of The Academy of Cognitive and Behavioral Neuroscience. “It is an exciting breakthrough in a world of devastating, scary diseases,” says Neil McArthur, a professor of philosophy and director of the Centre for Professional and Applied Ethics at the University of Manitoba. “To connect with the world when you are trapped inside your body is incredible.”
While the benefits for the paraplegic community are promising, the Stentrode’s long-term effectiveness and overall impact needs more research on safety. “Potential risks like inflammation, damage to neural tissue, or unexpected shifts in synaptic transmission due to the implant warrant thorough exploration,” Nelson says.
There are also concens about data privacy concerns and the policies of companies to safeguard information processed through BCIs. “Often, Big Tech is ahead of the regulators because the latter didn’t envisage such a turn of events...and companies take advantage of the lack of legal framework to push forward,” McArthur says. Hacking is another risk. Cybercriminals could steal sensitive personal data for financial reasons, blackmailing, or to spread malware to other connected devices. Extremist groups could potentially hack BCIs to manipulate individuals into supporting their causes or carrying out actions on their behalf.
“We have to protect patient identity, patient safety and patient integrity,” Levy says. “In the same way that we protect our phones or computers from hackers, we have to stay ahead with anti-hacking software.” Even so, Levy thinks the anticipated benefits for the quadriplegic community outweigh the potential risks. “We are on the precipice of an amazing technology. In the future, we would be able to connect patients to peripheral devices that enhance their quality of life.”
In the near future, the Stentrode could enable patients to use the Stentrode to activate their wheelchairs, iPods or voice modulators. Synchron's focus is on using its BCI to help patients with significant mobility restrictions—not to enhance the lives of healthy people without any illnesses. Levy says we are not prepared for the implications of endowing people with superpowers.
I wondered what Gorham thought about that. “Pardon my question, but do you feel like you have sort of transcended human nature, being the first in a big line of cybernetic people doing marvelous things with their mind only?” was my last question to Gorham.
A slight smile formed on his lips. In less than a minute, he typed: “I do a little.”