clock menu more-arrow no yes

The next deadly pathogen could come from a rogue scientist. Here’s how we can prevent that.

DNA synthesis is driving innovations in biology. But gaps in screening mechanisms risk the release of deadly pathogens.

DNA synthesis and assembly, once expensive, is now cheap and widely used for critical biology research.
Getty Images/fStop

In the past few years, something new has become possible in biology: cheaply “printing” DNA for insertion into a cell.

That means a scientist who needs a particular DNA sequence to, say, create new bacteria for research can now order that DNA sequence from a lab. That might seem like a niche technology — how many biologists need to custom-print their own DNA? — but DNA synthesis and assembly (as the “printing” process is called) are actually useful for an astonishing variety of research uses, and could have far-reaching implications for how we live. In labs around the world, tons of critically important, valuable biology research is advancing thanks to DNA synthesis, and things look likely to get even better as DNA synthesis gets even cheaper.

But as is often the case when a scientific field gets a lot better at what it does very quickly, progress in DNA synthesis has been so fast that coordination against bad actors has lagged. As a private individual, I can send a DNA sequence I’d like synthesized to dozens of labs around the world that can print it out and send it to me.

But what if I asked them to print for me the genetic code of the influenza that caused the 1918 flu that killed millions of people? What if I sent them the instructions for a new disease that I have reason to believe is dangerous? What if I was doing legitimate research, but my lab didn’t adhere to modern safety standards?

The answer is that a few DNA synthesis companies will send me what I asked for, with no screening to check whether they’re sending out a pathogen that ought to be carefully controlled. (Synthetic DNA is not a live virus, of course; I’d have to be a talented biologist with specialized knowledge, lots of resources, and access to expensive tools to use it maliciously.)

Some companies — including most industry-leading ones — do follow US guidelines that require a background check and also check the DNA sequence against a list of known hazardous ones and would stop me from making this dangerous order — but a recent report found no evidence of any laws requiring laboratories to follow those guidelines in any country in the world. Doing so adds some time and expense to the ordering process, so there is some incentive to cut corners.

That’s why many experts argue that we need to do better. Their proposals on how to fix the system vary, but they all agree on one thing: I shouldn’t be allowed to order myself the 1918 influenza or a new coronavirus off the internet and have it delivered to my home.

And to establish screening for DNA orders on a global scale will take large-scale international coordination — and so far, we have struggled to coordinate even for simpler countermeasures.

How DNA synthesis works

A few decades ago, researchers embarked on the Human Genome Project, which tried to determine the base pairs that make up all of human DNA. It was a 13-year project of enormous scope and complexity. The government had to invest billions of dollars to make it happen.

Since then, the world of genetics has changed. New technology has made us a lot better at scanning — and manipulating — DNA. It now costs about $1,000, instead of billions, to sequence a full human genome. Other critical aspects of genetics research are getting cheaper too.

Of particular importance? DNA synthesis.

When researchers wanted to produce copies of a DNA sequence they’re studying, they used to have no choice but to painstakingly clone an organism with the DNA they want, inserting or removing genes with splicing techniques. Now, that has changed. With today’s techniques, we can artificially build DNA sequences, adding one base pair at a time, in a lab.

The process is fairly cheap and getting cheaper — only about 8 cents per base pair added in this fashion — though it does still add up with something as big as the human genome. But for many smaller projects, getting the DNA you need synthesized is a viable option. If I have on my computer a sequence of DNA which I want to work with in the lab, I can send those instructions to a DNA synthesis service — and they’ll send back the DNA, ready for lab work.

Let’s consider a researcher who has modified the genome of a bacterium so that it will produce human insulin. Just a few years ago, it would have been expensive and an enormous hassle to get her DNA sequence “printed” — all of the base pairs attached in order — so that she could insert it into an organism and start her experiment. Just a few years before that, it would have been basically impossible.

But today, doing this is quite affordable. That’s amazing news for researchers, who can cheaply and quickly order DNA sequences online and get the DNA they asked for delivered straight to them at a reasonable price.

Let’s be clear: This is great news. Advances in our ability to synthesize DNA open lots of avenues for promising new research. Researchers can test custom sequences and arrive at a better understanding of gene sequences and what they do. Progress on this front will make for better medicine, better crops, and better production of proteins we need for industrial processes.

But there’s a critical security problem to be solved as DNA synthesis gets cheaper and easier.

Why screening for dangerous pathogens is hard

Since DNA can be both beneficial and dangerous, experts agree that screening should happen. But most countries don’t have laws or even guidelines on how to do it.

“DNA is an inherently dual-use technology,” James Diggans, who works on biosecurity at the industry-leading Twist Bioscience, told me. What that means is DNA synthesis makes fundamental biology research and lifesaving drug development go faster, but it can also be used to do research that can be potentially deadly for humanity. That’s the problem that biosecurity researchers — in industry, in academia, and in the government — are faced with today: trying to figure out how to make DNA synthesis faster and cheaper for its many beneficial uses while ensuring every printed sequence is screened and hazards are appropriately handled.

Where does policy stand on this? The US government has guidelines intended to prevent dangerous incidents, and If I went to a company like Twist, where Diggans works, and asked for a DNA sequence, they would conduct a background check to determine “Is the customer on a watchlist, are there reasons to worry?” Diggans told me. They’d ensure I had a license and ship only to a legitimate lab.

The next step? “Screen the sequence,” said Diggans — or check my request to compare it to known prohibited pathogens. If they noticed I was requesting a dangerous influenza virus, they would follow up with me to learn more about what I’m researching.

But not every company follows those guidelines (though most synthetic DNA is produced by companies that do abide by them, and the International Gene Synthesis Consortium polices its members). And the guidelines don’t cover short sequences, which are a growing share of biology research.

“The technology has kind of outpaced where the government regulators are,” Diggans told me.

So new screening — and new regulations backing the international use of that screening — is needed. The aim of a new screening regime should be to ensure that requests for DNA are checked to determine whether they contain prohibited, dangerous sequences, without adding too much to the expense of screening and without slowing down legitimate researchers, who should be able to access DNA for their projects cheaply and quickly.

“We have this window of time to get screening right,” Beth Cameron, who works on mechanisms for preventing illicit gene synthesis at the Nuclear Threat Initiative (NTI), told me. NTI is a nonprofit focused on global catastrophic risks and works to prevent attacks and accidents with nuclear, biological, and chemical agents. Last month in Davos, Switzerland, NTI and the World Economic Forum recommended a new international effort to establish a common mechanism for screening DNA orders. The report recommends creating a technical consortium to build and launch that mechanism for use by companies and labs around the world, with the goal of making screening a norm.

The Nuclear Threat Initiative also recommends establishing a new global entity focused on preventing biotechnology catastrophes — a place whose mission is to oversee DNA synthesis screening. Since diseases can spread around the world, and DNA synthesis can be located anywhere, strong international cooperation is needed. Lots of international organizations are working together, but there’s no good institution to coordinate it.

Changing the incentives for DNA synthesis research

Another focus for biosecurity researchers should be on changing the incentives for how research is currently conducted.

Why do some companies choose not to screen? Well, screening is expensive. Comparing extremely long sequences of letters to a large database of prohibited sequences requires a lot of computer runtime. If a potential problem is identified, an expert biologist is needed to suss out whether there’s a real issue. “As DNA screening has gotten cheaper,” Cameron told me, “screening becomes a larger percentage of the cost.”

That puts companies that are doing the right thing at a competitive disadvantage.

So here’s another idea: Make grants for biologists who do research with DNA synthesis contingent on using labs that follow screening guidelines. Most of the grants for DNA research actually comes from the US government. By mandating that scientists only buy their DNA from organizations that are employing state-of-the-art, agreed-upon screening procedures — otherwise they don’t get the grant — we can turn DNA screening from a competitive disadvantage into a competitive advantage, and hopefully drive more labs to get on board.

“Those research dollars should go to companies that screen responsibly,” Diggans told me. With research dollars only going to compliant companies, companies that currently do not screen as encouraged by the US guidelines would likely start complying with them.

New technical approaches to screening

Some researchers think the system could be improved along other dimensions as well.

Kevin Esvelt, at MIT, is one of them. Esvelt led early research on CRISPR gene drives, and he’s been thinking about misuse of biotechnologies for just as long.

He points at a key limitation of even the best proposed screening programs. In order for companies to know what pathogens to screen for, they need to have a database with the DNA sequences of all the dangerous biological agents we know of — so they can cross-check between that database and requests from customers.

But maintaining that database creates some problems. If a new pathogen is added to it, then any bad actor can see that it was added and knows it might be an interesting threat. If a bad actor wants to get dangerous DNA past the screening process, they can review the database and learn whether their sequence will be flagged. That’s why lots of secure systems do not make the details of what test you have to pass publicly available.

There are a few ways to solve this problem. One is to aim to design a comprehensive screening system that is safe even if people have full access to the database of potential hazards.

Esvelt’s proposed solution goes in the other direction, by arranging for the database to be secure and inaccessible. His proposal is the product of work by cryptographers as well as biologists. The line of research has a few elements.

Current DNA screening sometimes requires an expert to review a potential match and determine whether it’s a real match. This is expensive, takes up a lot of time, and requires a database of hazards.

Esvelt and the researchers he works with want to make some major changes. The key idea is that they want to develop a comparison system that counts only exact matches, instead of the “near-matches” counted under current systems. That’d reduce false positives and make it possible to automate screening. It’d also mean we don’t need to compare each new customer request with the full genome of every dangerous biological agent out there. Instead, we can pick some essential segments of dangerous biological agents — segments that those agents couldn’t function without. (We could also find alternate versions of those segments that are predicted to have the same functionality.)

That would ideally mean there’s less to screen for — making screening faster — without missing any dangerous pathogens the old method would have caught. And there wouldn’t be the need for a database of full sequences that could lead to disaster if it fell into the wrong hands. Instead, the database would be distributed and encrypted so no one could access it but everyone could compare sequences to it.

Getting serious about keeping DNA research safe and secure

Not every expert I spoke to was convinced that all the measures above were necessary — or even feasible to get international agreement on. Experts are divided about whether hash matching — Esvelt’s approach — would be an improvement on the current gold standard for screening, IARPA’s Fun GCAT. But all of them agreed that to make progress on DNA research security, screening needs to get faster, cheaper, and better coordinated.

Technological solutions will almost certainly be a significant part of the picture as we make DNA screening safe and cheap enough that it can be universal. (One complication to look out for: The technology is now arriving for biology labs to have their own “bench-top” DNA synthesis. These machines can be equipped from the outset to conduct screening. But if they’re released without any of the capabilities that would make screening possible, it’ll be very hard — perhaps impossible — to retrofit that in later.)

But legal and regulatory changes, and international cooperation, will have to be a significant part of the picture too. “It’s been about coalition building between companies like Twist, nonprofits, and governments internationally,” Diggans told me of Twist’s work on screening.

“Over the last two years, we have seen a tremendous sense of urgency from companies and technical experts in developing a global process,” Cameron said about the NTI Biosecurity Innovation and Risk Reduction Initiative. “But there’s a lot of work to make biosecurity a mainstream part of technology research and development.”

Any technical solution will only make the world safer to the extent that governments and research funders around the world can adopt it and help make it happen.


Sign up for the Future Perfect newsletter and we’ll send you a roundup of ideas and solutions for tackling the world’s biggest challenges — and how to get better at doing good.

Future Perfect is funded in part by individual contributions, grants, and sponsorships. Learn more here.

Sign up for the newsletter Sign up for The Weeds

Get our essential policy newsletter delivered Fridays.