Meet the Scientists on the Frontlines of Protecting Humanity from a Man-Made Pathogen
From left: Jean Peccoud, Randall Murch, and Neeraj Rao.
Jean Peccoud wasn't expecting an email from the FBI. He definitely wasn't expecting the agency to invite him to a meeting. "My reaction was, 'What did I do wrong to be on the FBI watch list?'" he recalls.
You use those blueprints for white-hat research—which is, indeed, why the open blueprints exist—or you can do the same for a black-hat attack.
He didn't know what the feds could possibly want from him. "I was mostly scared at this point," he says. "I was deeply disturbed by the whole thing."
But he decided to go anyway, and when he traveled to San Francisco for the 2008 gathering, the reason for the e-vite became clear: The FBI was reaching out to researchers like him—scientists interested in synthetic biology—in anticipation of the potential nefarious uses of this technology. "The whole purpose of the meeting was, 'Let's start talking to each other before we actually need to talk to each other,'" says Peccoud, now a professor of chemical and biological engineering at Colorado State University. "'And let's make sure next time you get an email from the FBI, you don't freak out."
Synthetic biology—which Peccoud defines as "the application of engineering methods to biological systems"—holds great power, and with that (as always) comes great responsibility. When you can synthesize genetic material in a lab, you can create new ways of diagnosing and treating people, and even new food ingredients. But you can also "print" the genetic sequence of a virus or virulent bacterium.
And while it's not easy, it's also not as hard as it could be, in part because dangerous sequences have publicly available blueprints. You use those blueprints for white-hat research—which is, indeed, why the open blueprints exist—or you can do the same for a black-hat attack. You could synthesize a dangerous pathogen's code on purpose, or you could unwittingly do so because someone tampered with your digital instructions. Ordering synthetic genes for viral sequences, says Peccoud, would likely be more difficult today than it was a decade ago.
"There is more awareness of the industry, and they are taking this more seriously," he says. "There is no specific regulation, though."
Trying to lock down the interconnected machines that enable synthetic biology, secure its lab processes, and keep dangerous pathogens out of the hands of bad actors is part of a relatively new field: cyberbiosecurity, whose name Peccoud and colleagues introduced in a 2018 paper.
Biological threats feel especially acute right now, during the ongoing pandemic. COVID-19 is a natural pathogen -- not one engineered in a lab. But future outbreaks could start from a bug nature didn't build, if the wrong people get ahold of the right genetic sequences, and put them in the right sequence. Securing the equipment and processes that make synthetic biology possible -- so that doesn't happen -- is part of why the field of cyberbiosecurity was born.
The Origin Story
It is perhaps no coincidence that the FBI pinged Peccoud when it did: soon after a journalist ordered a sequence of smallpox DNA and wrote, for The Guardian, about how easy it was. "That was not good press for anybody," says Peccoud. Previously, in 2002, the Pentagon had funded SUNY Stonybrook researchers to try something similar: They ordered bits of polio DNA piecemeal and, over the course of three years, strung them together.
Although many years have passed since those early gotchas, the current patchwork of regulations still wouldn't necessarily prevent someone from pulling similar tricks now, and the technological systems that synthetic biology runs on are more intertwined — and so perhaps more hackable — than ever. Researchers like Peccoud are working to bring awareness to those potential problems, to promote accountability, and to provide early-detection tools that would catch the whiff of a rotten act before it became one.
Peccoud notes that if someone wants to get access to a specific pathogen, it is probably easier to collect it from the environment or take it from a biodefense lab than to whip it up synthetically. "However, people could use genetic databases to design a system that combines different genes in a way that would make them dangerous together without each of the components being dangerous on its own," he says. "This would be much more difficult to detect."
After his meeting with the FBI, Peccoud grew more interested in these sorts of security questions. So he was paying attention when, in 2010, the Department of Health and Human Services — now helping manage the response to COVID-19 — created guidance for how to screen synthetic biology orders, to make sure suppliers didn't accidentally send bad actors the sequences that make up bad genomes.
Guidance is nice, Peccoud thought, but it's just words. He wanted to turn those words into action: into a computer program. "I didn't know if it was something you can run on a desktop or if you need a supercomputer to run it," he says. So, one summer, he tasked a team of student researchers with poring over the sentences and turning them into scripts. "I let the FBI know," he says, having both learned his lesson and wanting to get in on the game.
Peccoud later joined forces with Randall Murch, a former FBI agent and current Virginia Tech professor, and a team of colleagues from both Virginia Tech and the University of Nebraska-Lincoln, on a prototype project for the Department of Defense. They went into a lab at the University of Nebraska at Lincoln and assessed all its cyberbio-vulnerabilities. The lab develops and produces prototype vaccines, therapeutics, and prophylactic components — exactly the kind of place that you always, and especially right now, want to keep secure.
"We were creating wiki of all these nasty things."
The team found dozens of Achilles' heels, and put them in a private report. Not long after that project, the two and their colleagues wrote the paper that first used the term "cyberbiosecurity." A second paper, led by Murch, came out five months later and provided a proposed definition and more comprehensive perspective on cyberbiosecurity. But although it's now a buzzword, it's the definition, not the jargon, that matters. "Frankly, I don't really care if they call it cyberbiosecurity," says Murch. Call it what you want: Just pay attention to its tenets.
A Database of Scary Sequences
Peccoud and Murch, of course, aren't the only ones working to screen sequences and secure devices. At the nonprofit Battelle Memorial Institute in Columbus, Ohio, for instance, scientists are working on solutions that balance the openness inherent to science and the closure that can stop bad stuff. "There's a challenge there that you want to enable research but you want to make sure that what people are ordering is safe," says the organization's Neeraj Rao.
Rao can't talk about the work Battelle does for the spy agency IARPA, the Intelligence Advanced Research Projects Activity, on a project called Fun GCAT, which aims to use computational tools to deep-screen gene-sequence orders to see if they pose a threat. It can, though, talk about a twin-type internal project: ThreatSEQ (pronounced, of course, "threat seek").
The project started when "a government customer" (as usual, no one will say which) asked Battelle to curate a list of dangerous toxins and pathogens, and their genetic sequences. The researchers even started tagging sequences according to their function — like whether a particular sequence is involved in a germ's virulence or toxicity. That helps if someone is trying to use synthetic biology not to gin up a yawn-inducing old bug but to engineer a totally new one. "How do you essentially predict what the function of a novel sequence is?" says Rao. You look at what other, similar bits of code do.
"We were creating wiki of all these nasty things," says Rao. As they were working, they realized that DNA manufacturers could potentially scan in sequences that people ordered, run them against the database, and see if anything scary matched up. Kind of like that plagiarism software your college professors used.
Battelle began offering their screening capability, as ThreatSEQ. When customers -- like, currently, Twist Bioscience -- throw their sequences in, and get a report back, the manufacturers make the final decision about whether to fulfill a flagged order — whether, in the analogy, to give an F for plagiarism. After all, legitimate researchers do legitimately need to have DNA from legitimately bad organisms.
"Maybe it's the CDC," says Rao. "If things check out, oftentimes [the manufacturers] will fulfill the order." If it's your aggrieved uncle seeking the virulent pathogen, maybe not. But ultimately, no one is stopping the manufacturers from doing so.
Beyond that kind of tampering, though, cyberbiosecurity also includes keeping a lockdown on the machines that make the genetic sequences. "Somebody now doesn't need physical access to infrastructure to tamper with it," says Rao. So it needs the same cyber protections as other internet-connected devices.
Scientists are also now using DNA to store data — encoding information in its bases, rather than into a hard drive. To download the data, you sequence the DNA and read it back into a computer. But if you think like a bad guy, you'd realize that a bad guy could then, for instance, insert a computer virus into the genetic code, and when the researcher went to nab her data, her desktop would crash or infect the others on the network.
Something like that actually happened in 2017 at the USENIX security symposium, an annual programming conference: Researchers from the University of Washington encoded malware into DNA, and when the gene sequencer assembled the DNA, it corrupted the sequencer's software, then the computer that controlled it.
"This vulnerability could be just the opening an adversary needs to compromise an organization's systems," Inspirion Biosciences' J. Craig Reed and Nicolas Dunaway wrote in a paper for Frontiers in Bioengineering and Biotechnology, included in an e-book that Murch edited called Mapping the Cyberbiosecurity Enterprise.
Where We Go From Here
So what to do about all this? That's hard to say, in part because we don't know how big a current problem any of it poses. As noted in Mapping the Cyberbiosecurity Enterprise, "Information about private sector infrastructure vulnerabilities or data breaches is protected from public release by the Protected Critical Infrastructure Information (PCII) Program," if the privateers share the information with the government. "Government sector vulnerabilities or data breaches," meanwhile, "are rarely shared with the public."
"What I think is encouraging right now is the fact that we're even having this discussion."
The regulations that could rein in problems aren't as robust as many would like them to be, and much good behavior is technically voluntary — although guidelines and best practices do exist from organizations like the International Gene Synthesis Consortium and the National Institute of Standards and Technology.
Rao thinks it would be smart if grant-giving agencies like the National Institutes of Health and the National Science Foundation required any scientists who took their money to work with manufacturing companies that screen sequences. But he also still thinks we're on our way to being ahead of the curve, in terms of preventing print-your-own bioproblems: "What I think is encouraging right now is the fact that we're even having this discussion," says Rao.
Peccoud, for his part, has worked to keep such conversations going, including by doing training for the FBI and planning a workshop for students in which they imagine and work to guard against the malicious use of their research. But actually, Peccoud believes that human error, flawed lab processes, and mislabeled samples might be bigger threats than the outside ones. "Way too often, I think that people think of security as, 'Oh, there is a bad guy going after me,' and the main thing you should be worried about is yourself and errors," he says.
Murch thinks we're only at the beginning of understanding where our weak points are, and how many times they've been bruised. Decreasing those contusions, though, won't just take more secure systems. "The answer won't be technical only," he says. It'll be social, political, policy-related, and economic — a cultural revolution all its own.
Catching colds may help protect kids from Covid
A new study shows that the immune system's response to colds can help prepare it to defend against COVID-19 - but only in the very young.
A common cold virus causes the immune system to produce T cells that also provide protection against SARS-CoV-2, according to new research. The study, published last month in PNAS, shows that this effect is most pronounced in young children. The finding may help explain why most young people who have been exposed to the cold-causing coronavirus have not developed serious cases of COVID-19.
One curiosity stood out in the early days of the COVID-19 pandemic – why were so few kids getting sick. Generally young children and the elderly are the most vulnerable to disease outbreaks, particularly viral infections, either because their immune systems are not fully developed or they are starting to fail.
But solid information on the new infection was so scarce that many public health officials acted on the precautionary principle, assumed a worst-case scenario, and applied the broadest, most restrictive policies to all people to try to contain the coronavirus SARS-CoV-2.
One early thought was that lockdowns worked and kids (ages 6 months to 17 years) simply were not being exposed to the virus. So it was a shock when data started to come in showing that well over half of them carried antibodies to the virus, indicating exposure without getting sick. That trend grew over time and the latest tracking data from the CDC shows that 96.3 percent of kids in the U.S. now carry those antibodies.
Antibodies are relatively quick and easy to measure, but some scientists are exploring whether the reactions of T cells could serve as a more useful measure of immune protection.
But that couldn't be the whole story because antibody protection fades, sometimes as early as a month after exposure and usually within a year. Additionally, SARS-CoV-2 has been spewing out waves of different variants that were more resistant to antibodies generated by their predecessors. The resistance was so significant that over time the FDA withdrew its emergency use authorization for a handful of monoclonal antibodies with earlier approval to treat the infection because they no longer worked.
Antibodies got most of the attention early on because they are part of the first line response of the immune system. Antibodies can bind to viruses and neutralize them, preventing infection. They are relatively quick and easy to measure and even manufacture, but as SARS-CoV-2 showed us, often viruses can quickly evolve to become more resistant to them. Some scientists are exploring whether the reactions of T cells could serve as a more useful measure of immune protection.
Kids, colds and T cells
T cells are part of the immune system that deals with cells once they have become infected. But working with T cells is much more difficult, takes longer, and is more expensive than working with antibodies. So studies often lags behind on this part of the immune system.
A group of researchers led by Annika Karlsson at the Karolinska Institute in Sweden focuses on T cells targeting virus-infected cells and, unsurprisingly, saw that they can play a role in SARS-CoV-2 infection. Other labs have shown that vaccination and natural exposure to the virus generates different patterns of T cell responses.
The Swedes also looked at another member of the coronavirus family, OC43, which circulates widely and is one of several causes of the common cold. The molecular structure of OC43 is similar to its more deadly cousin SARS-CoV-2. Sometimes a T cell response to one virus can produce a cross-reactive response to a similar protein structure in another virus, meaning that T cells will identify and respond to the two viruses in much the same way. Karlsson looked to see if T cells for OC43 from a wide age range of patients were cross-reactive to SARS-CoV-2.
And that is what they found, as reported in the PNAS study last month; there was cross-reactive activity, but it depended on a person’s age. A subset of a certain type of T cells, called mCD4+,, that recognized various protein parts of the cold-causing virus, OC43, expressed on the surface of an infected cell – also recognized those same protein parts from SARS-CoV-2. The T cell response was lower than that generated by natural exposure to SARS-CoV-2, but it was functional and thus could help limit the severity of COVID-19.
“One of the most politicized aspects of our pandemic response was not accepting that children are so much less at risk for severe disease with COVID-19,” because usually young children are among the most vulnerable to pathogens, says Monica Gandhi, professor of medicine at the University of California San Francisco.
“The cross-reactivity peaked at age six when more than half the people tested have a cross-reactive immune response,” says Karlsson, though their sample is too small to say if this finding applies more broadly across the population. The vast majority of children as young as two years had OC43-specific mCD4+ T cell responses. In adulthood, the functionality of both the OC43-specific and the cross-reactive T cells wane significantly, especially with advanced age.
“Considering that the mortality rate in children is the lowest from ages five to nine, and higher in younger children, our results imply that cross-reactive mCD4+ T cells may have a role in the control of SARS-CoV-2 infection in children,” the authors wrote in their paper.
“One of the most politicized aspects of our pandemic response was not accepting that children are so much less at risk for severe disease with COVID-19,” because usually young children are among the most vulnerable to pathogens, says Monica Gandhi, professor of medicine at the University of California San Francisco and author of the book, Endemic: A Post-Pandemic Playbook, to be released by the Mayo Clinic Press this summer. The immune response of kids to SARS-CoV-2 stood our expectations on their head. “We just haven't seen this before, so knowing the mechanism of protection is really important.”
Why the T cell immune response can fade with age is largely unknown. With some viruses such as measles, a single vaccination or infection generates life-long protection. But respiratory tract infections, like SARS-CoV-2, cause a localized infection - specific to certain organs - and that response tends to be shorter lived than systemic infections that affect the entire body. Karlsson suspects the elderly might be exposed to these localized types of viruses less often. Also, frequent continued exposure to a virus that results in reactivation of the memory T cell pool might eventually result in “a kind of immunosenescence or immune exhaustion that is associated with aging,” Karlsson says. https://leaps.org/scientists-just-started-testing-a-new-class-of-drugs-to-slow-and-even-reverse-aging/particle-3 This fading protection is why older people need to be repeatedly vaccinated against SARS-CoV-2.
Policy implications
Following the numbers on COVID-19 infections and severity over the last three years have shown us that healthy young people without risk factors are not likely to develop serious disease. This latest study points to a mechanism that helps explain why. But the inertia of existing policies remains. How should we adjust policy recommendations based on what we know today?
The World Health Organization (WHO) updated their COVID-19 vaccination guidance on March 28. It calls for a focus on vaccinating and boosting those at risk for developing serious disease. The guidance basically shrugged its shoulders when it came to healthy children and young adults receiving vaccinations and boosters against COVID-19. It said the priority should be to administer the “traditional essential vaccines for children,” such as those that protect against measles, rubella, and mumps.
“As an immunologist and a mother, I think that catching a cold or two when you are a kid and otherwise healthy is not that bad for you. Children have a much lower risk of becoming severely ill with SARS-CoV-2,” says Karlsson. She has followed public health guidance in Sweden, which means that her young children have not been vaccinated, but being older, she has received the vaccine and boosters. Gandhi and her children have been vaccinated, but they do not plan on additional boosters.
The WHO got it right in “concentrating on what matters,” which is getting traditional childhood immunizations back on track after their dramatic decline over the last three years, says Gandhi. Nor is there a need for masking in schools, according to a study from the Catalonia region of Spain. It found “no difference in masking and spread in schools,” particularly since tracking data indicate that nearly all young people have been exposed to SARS-CoV-2.
Both researchers lament that public discussion has overemphasized the quickly fading antibody part of the immune response to SARS-CoV-2 compared with the more durable T cell component. They say developing an efficient measure of T cell response for doctors to use in the clinic would help to monitor immunity in people at risk for severe cases of COVID-19 compared with the current method of toting up potential risk factors.
In this week's Friday Five: The eyes are the windows to the soul - and biological aging?
Plus, what bean genes mean for health and the planet, a breathing practice that could lower levels of tau proteins in the brain, AI beats humans at assessing heart health, and the benefits of "nature prescriptions"
The Friday Five covers five stories in research that you may have missed this week. There are plenty of controversies and troubling ethical issues in science – and we get into many of them in our online magazine – but this news roundup focuses on new scientific theories and progress to give you a therapeutic dose of inspiration headed into the weekend.
Listen on Apple | Listen on Spotify | Listen on Stitcher | Listen on Amazon | Listen on Google
Here are the stories covered this week:
- The eyes are the windows to the soul - and biological aging?
- What bean genes mean for health and the planet
- This breathing practice could lower levels of tau proteins
- AI beats humans at assessing heart health
- Should you get a nature prescription?