Jean Peccoud wasn't expecting an email from the FBI. He definitely wasn't expecting the agency to invite him to a meeting. "My reaction was, 'What did I do wrong to be on the FBI watch list?'" he recalls.
You use those blueprints for white-hat research—which is, indeed, why the open blueprints exist—or you can do the same for a black-hat attack.
He didn't know what the feds could possibly want from him. "I was mostly scared at this point," he says. "I was deeply disturbed by the whole thing."
But he decided to go anyway, and when he traveled to San Francisco for the 2008 gathering, the reason for the e-vite became clear: The FBI was reaching out to researchers like him—scientists interested in synthetic biology—in anticipation of the potential nefarious uses of this technology. "The whole purpose of the meeting was, 'Let's start talking to each other before we actually need to talk to each other,'" says Peccoud, now a professor of chemical and biological engineering at Colorado State University. "'And let's make sure next time you get an email from the FBI, you don't freak out."
Synthetic biology—which Peccoud defines as "the application of engineering methods to biological systems"—holds great power, and with that (as always) comes great responsibility. When you can synthesize genetic material in a lab, you can create new ways of diagnosing and treating people, and even new food ingredients. But you can also "print" the genetic sequence of a virus or virulent bacterium.
And while it's not easy, it's also not as hard as it could be, in part because dangerous sequences have publicly available blueprints. You use those blueprints for white-hat research—which is, indeed, why the open blueprints exist—or you can do the same for a black-hat attack. You could synthesize a dangerous pathogen's code on purpose, or you could unwittingly do so because someone tampered with your digital instructions. Ordering synthetic genes for viral sequences, says Peccoud, would likely be more difficult today than it was a decade ago.
"There is more awareness of the industry, and they are taking this more seriously," he says. "There is no specific regulation, though."
Trying to lock down the interconnected machines that enable synthetic biology, secure its lab processes, and keep dangerous pathogens out of the hands of bad actors is part of a relatively new field: cyberbiosecurity, whose name Peccoud and colleagues introduced in a 2018 paper.
Biological threats feel especially acute right now, during the ongoing pandemic. COVID-19 is a natural pathogen -- not one engineered in a lab. But future outbreaks could start from a bug nature didn't build, if the wrong people get ahold of the right genetic sequences, and put them in the right sequence. Securing the equipment and processes that make synthetic biology possible -- so that doesn't happen -- is part of why the field of cyberbiosecurity was born.
The Origin Story
It is perhaps no coincidence that the FBI pinged Peccoud when it did: soon after a journalist ordered a sequence of smallpox DNA and wrote, for The Guardian, about how easy it was. "That was not good press for anybody," says Peccoud. Previously, in 2002, the Pentagon had funded SUNY Stonybrook researchers to try something similar: They ordered bits of polio DNA piecemeal and, over the course of three years, strung them together.
Although many years have passed since those early gotchas, the current patchwork of regulations still wouldn't necessarily prevent someone from pulling similar tricks now, and the technological systems that synthetic biology runs on are more intertwined — and so perhaps more hackable — than ever. Researchers like Peccoud are working to bring awareness to those potential problems, to promote accountability, and to provide early-detection tools that would catch the whiff of a rotten act before it became one.
Peccoud notes that if someone wants to get access to a specific pathogen, it is probably easier to collect it from the environment or take it from a biodefense lab than to whip it up synthetically. "However, people could use genetic databases to design a system that combines different genes in a way that would make them dangerous together without each of the components being dangerous on its own," he says. "This would be much more difficult to detect."
After his meeting with the FBI, Peccoud grew more interested in these sorts of security questions. So he was paying attention when, in 2010, the Department of Health and Human Services — now helping manage the response to COVID-19 — created guidance for how to screen synthetic biology orders, to make sure suppliers didn't accidentally send bad actors the sequences that make up bad genomes.
Guidance is nice, Peccoud thought, but it's just words. He wanted to turn those words into action: into a computer program. "I didn't know if it was something you can run on a desktop or if you need a supercomputer to run it," he says. So, one summer, he tasked a team of student researchers with poring over the sentences and turning them into scripts. "I let the FBI know," he says, having both learned his lesson and wanting to get in on the game.
Peccoud later joined forces with Randall Murch, a former FBI agent and current Virginia Tech professor, and a team of colleagues from both Virginia Tech and the University of Nebraska-Lincoln, on a prototype project for the Department of Defense. They went into a lab at the University of Nebraska at Lincoln and assessed all its cyberbio-vulnerabilities. The lab develops and produces prototype vaccines, therapeutics, and prophylactic components — exactly the kind of place that you always, and especially right now, want to keep secure.
"We were creating wiki of all these nasty things."
The team found dozens of Achilles' heels, and put them in a private report. Not long after that project, the two and their colleagues wrote the paper that first used the term "cyberbiosecurity." A second paper, led by Murch, came out five months later and provided a proposed definition and more comprehensive perspective on cyberbiosecurity. But although it's now a buzzword, it's the definition, not the jargon, that matters. "Frankly, I don't really care if they call it cyberbiosecurity," says Murch. Call it what you want: Just pay attention to its tenets.
A Database of Scary Sequences
Peccoud and Murch, of course, aren't the only ones working to screen sequences and secure devices. At the nonprofit Battelle Memorial Institute in Columbus, Ohio, for instance, scientists are working on solutions that balance the openness inherent to science and the closure that can stop bad stuff. "There's a challenge there that you want to enable research but you want to make sure that what people are ordering is safe," says the organization's Neeraj Rao.
Rao can't talk about the work Battelle does for the spy agency IARPA, the Intelligence Advanced Research Projects Activity, on a project called Fun GCAT, which aims to use computational tools to deep-screen gene-sequence orders to see if they pose a threat. It can, though, talk about a twin-type internal project: ThreatSEQ (pronounced, of course, "threat seek").
The project started when "a government customer" (as usual, no one will say which) asked Battelle to curate a list of dangerous toxins and pathogens, and their genetic sequences. The researchers even started tagging sequences according to their function — like whether a particular sequence is involved in a germ's virulence or toxicity. That helps if someone is trying to use synthetic biology not to gin up a yawn-inducing old bug but to engineer a totally new one. "How do you essentially predict what the function of a novel sequence is?" says Rao. You look at what other, similar bits of code do.
"We were creating wiki of all these nasty things," says Rao. As they were working, they realized that DNA manufacturers could potentially scan in sequences that people ordered, run them against the database, and see if anything scary matched up. Kind of like that plagiarism software your college professors used.
Battelle began offering their screening capability, as ThreatSEQ. When customers -- like, currently, Twist Bioscience -- throw their sequences in, and get a report back, the manufacturers make the final decision about whether to fulfill a flagged order — whether, in the analogy, to give an F for plagiarism. After all, legitimate researchers do legitimately need to have DNA from legitimately bad organisms.
"Maybe it's the CDC," says Rao. "If things check out, oftentimes [the manufacturers] will fulfill the order." If it's your aggrieved uncle seeking the virulent pathogen, maybe not. But ultimately, no one is stopping the manufacturers from doing so.
Beyond that kind of tampering, though, cyberbiosecurity also includes keeping a lockdown on the machines that make the genetic sequences. "Somebody now doesn't need physical access to infrastructure to tamper with it," says Rao. So it needs the same cyber protections as other internet-connected devices.
Scientists are also now using DNA to store data — encoding information in its bases, rather than into a hard drive. To download the data, you sequence the DNA and read it back into a computer. But if you think like a bad guy, you'd realize that a bad guy could then, for instance, insert a computer virus into the genetic code, and when the researcher went to nab her data, her desktop would crash or infect the others on the network.
Something like that actually happened in 2017 at the USENIX security symposium, an annual programming conference: Researchers from the University of Washington encoded malware into DNA, and when the gene sequencer assembled the DNA, it corrupted the sequencer's software, then the computer that controlled it.
"This vulnerability could be just the opening an adversary needs to compromise an organization's systems," Inspirion Biosciences' J. Craig Reed and Nicolas Dunaway wrote in a paper for Frontiers in Bioengineering and Biotechnology, included in an e-book that Murch edited called Mapping the Cyberbiosecurity Enterprise.
Where We Go From Here
So what to do about all this? That's hard to say, in part because we don't know how big a current problem any of it poses. As noted in Mapping the Cyberbiosecurity Enterprise, "Information about private sector infrastructure vulnerabilities or data breaches is protected from public release by the Protected Critical Infrastructure Information (PCII) Program," if the privateers share the information with the government. "Government sector vulnerabilities or data breaches," meanwhile, "are rarely shared with the public."
"What I think is encouraging right now is the fact that we're even having this discussion."
The regulations that could rein in problems aren't as robust as many would like them to be, and much good behavior is technically voluntary — although guidelines and best practices do exist from organizations like the International Gene Synthesis Consortium and the National Institute of Standards and Technology.
Rao thinks it would be smart if grant-giving agencies like the National Institutes of Health and the National Science Foundation required any scientists who took their money to work with manufacturing companies that screen sequences. But he also still thinks we're on our way to being ahead of the curve, in terms of preventing print-your-own bioproblems: "What I think is encouraging right now is the fact that we're even having this discussion," says Rao.
Peccoud, for his part, has worked to keep such conversations going, including by doing training for the FBI and planning a workshop for students in which they imagine and work to guard against the malicious use of their research. But actually, Peccoud believes that human error, flawed lab processes, and mislabeled samples might be bigger threats than the outside ones. "Way too often, I think that people think of security as, 'Oh, there is a bad guy going after me,' and the main thing you should be worried about is yourself and errors," he says.
Murch thinks we're only at the beginning of understanding where our weak points are, and how many times they've been bruised. Decreasing those contusions, though, won't just take more secure systems. "The answer won't be technical only," he says. It'll be social, political, policy-related, and economic — a cultural revolution all its own.
Jessica Ware is obsessed with bugs.
My guest today is a leading researcher on insects, the president of the Entomological Society of America and a curator at the American Museum of Natural History. Learn more about her here.
You may not think that insects and human health go hand-in-hand, but as Jessica makes clear, they’re closely related. A lot of people care about their health, and the health of other creatures on the planet, and the health of the planet itself, but researchers like Jessica are studying another thing we should be focusing on even more: how these seemingly separate areas are deeply entwined. (This is the theme of an upcoming event hosted by Leaps.org and the Aspen Institute.)
Listen to the Episode
Entomologist Jessica Ware
D. Finnin / AMNH
Maybe it feels like a core human instinct to demonize bugs as gross. We seem to try to eradicate them in every way possible, whether that’s with poison, or getting out our blood thirst by stomping them whenever they creep and crawl into sight.
But where did our fear of bugs really come from? Jessica makes a compelling case that a lot of it is cultural, rather than in-born, and we should be following the lead of other cultures that have learned to live with and appreciate bugs.
The truth is that a healthy planet depends on insects. You may feel stung by that news if you hate bugs. Reality bites.
Jessica and I talk about whether learning to live with insects should include eating them and gene editing them so they don’t transmit viruses. She also tells me about her important research into using genomic tools to track bugs in the wild to figure out why and how we’ve lost 50 percent of the insect population since 1970 according to some estimates – bad news because the ecosystems that make up the planet heavily depend on insects. Jessica is leading the way to better understand what’s causing these declines in order to start reversing these trends to save the insects and to save ourselves.
The first thing Jeroen Perk saw after he partially regained his sight nearly a decade ago was the outline of his guide dog Pedro.
“There was a white floor, and the dog was black,” recalls Perk, a 43-year-old investigator for the Dutch customs service. “I was crying. It was a very nice moment.”
Perk was diagnosed with retinitis pigmentosa as a child and had been blind since early adulthood. He has been able to use the implant placed into his retina in 2013 to help identify street crossings, and even ski and pursue archery. A video posted by the company that designed and manufactured the device indicates he’s a good shot.
Less black-and-white has been the journey Perk and others have been on after they were implanted with the Argus II, a second-generation device created by a Los Angeles-based company called Second Sight Medical Devices.
The Argus II uses the implant and a video camera embedded in a special pair of glasses to provide limited vision to those with retinitis pigmentosa, a genetic disease that causes cells in the retina to deteriorate. The camera feeds information to the implant, which sends electrical impulses into the retina to recapitulate what the camera sees. The impulses appear in the Argus II as a 60-pixel grid of blacks, grays and whites in the user’s eye that can render rough outlines of objects and their motion.
Smartphone and computer manufacturers typically stop issuing software upgrades to their devices after two or three years, eventually rendering them bricks. But is the smartphone approach acceptable for a device that helps restore the most crucial sense a human being possesses?
Ross Doerr, a retired disability rights attorney in Maine who received an Argus II in 2019, describes the field of vision as the equivalent of an index card held at arm’s length. Perk often brings objects close to his face to decipher them. Moreover, users must swivel their heads to take in visual data; moving their eyeballs does not work.
Despite its limitations, the Argus II beats the alternative. Perk no longer relies on his guide dog. Doerr was uplifted when he was able to see the outlines of Christmas trees at a holiday show.
“The fairy godmother department sort of reaches out and taps you on the shoulder once in a while,” Doerr says of his implant, which came about purely by chance. A surgeon treating his cataracts was partnered with the son of another surgeon who was implanting the devices, and he was referred.
Doerr had no reason to believe the shower of fairy dust wouldn’t continue. Second Sight held out promises that the Argus II recipients’ vision would gradually improve through upgrades to much higher pixel densities. The ability to recognize individual faces was even touted as a possibility. In the winter of 2020, Doerr was preparing to travel across the U.S. to Second Sight’s headquarters to receive an upgrade. But then COVID-19 descended, and the trip was canceled.
The pandemic also hit Second Sight’s bottom line. Doerr found out about its tribulations only from one of the company’s vision therapists, who told him the entire department was being laid off. Second Sight cut nearly 80% of its workforce in March 2020 and announced it would wind down operations.
Ross Doerr has mostly stopped using his Argus II, the result of combination of fear of losing its assistance from wear and tear and disdain for the company that brought it to market.
Second Sight’s implosion left some 350 Argus recipients in the metaphorical dark about what to do if their implants failed. Skeleton staff seem to have rarely responded to queries from their customers, at least based on the experiences of Perk and Doerr. And some recipients have unfortunately returned to the actual dark as well, as reports have surfaced of Argus II failures due to aging or worn-down parts.
Product support for complex products is remarkably uneven. Although the iconic Ford Mustang ceased production in the late 1960s, its parts market is so robust that it’s theoretically possible to assemble a new vehicle from recently crafted components. Conversely, smartphone and computer manufacturers typically stop issuing software upgrades to their devices after two or three years, eventually rendering them bricks. Consumers have accepted both extremes.
But is the smartphone approach acceptable for a device that helps restore the most crucial sense a human being possesses?
Margaret McLean, a senior fellow at the Markkula Center for Applied Ethics at Santa Clara University in California, notes companies like Second Sight have a greater obligation for product support than other consumer product ventures.
“In this particular case, you have a great deal of risk that is involved in using this device, the implant, and the after care of this device,” she says. “You cannot, like with your car, decide that ‘I don’t like my Mustang anymore,’ and go out and buy a Corvette.”
And, whether the Argus II implant works or not, its physical presence can impact critical medical decisions. Doerr’s doctor wanted him to undergo an MRI to assist in diagnosing attacks of vertigo. But the physician was concerned his implant might interfere. With the latest available manufacturer advisories on his implant nearly a decade old, the procedure was held up. Doerr spent months importuning Second Sight through phone calls, emails and Facebook postings to learn if his implant was contraindicated with MRIs, which he never received. Although the cause of his vertigo was found without an MRI, Doerr was hardly assured.
“Put that into context for a minute. I get into a serious car accident. I end up in the emergency room, and I have a tag saying I have an implanted medical device,” he says. “You can’t do an MRI until you get the proper information from the company. Who’s going to answer the phone?”
Second Sight’s management did answer the call to revamp its business. It netted nearly $78 million through a private stock placement and an initial public offering last year. At the end of 2021, Second Sight had nearly $70 million in cash on hand, according to a recent filing with the Securities and Exchange Commission.
And while the Argus II is still touted at length on Second Sight’s home page, it appears little of its corporate coffers are earmarked toward its support. These days, the company is focused on obtaining federal approvals for Orion, a new implant that would go directly into the recipient’s brain and could be used to remedy blindness from a variety of causes. It obtained a $6.4 million grant from the National Institutes of Health in May 2021 to help develop Orion.
Presented with a list of written questions by email, Second Sight’s spokesperson, Dave Gentry of the investor relations firm Red Chip Companies, copied a subordinate with an abrupt message to “please handle.” That was the only response from a company representative. A call to Second Sight acting chief executive officer Scott Dunbar went unreturned.
Whether or not the Orion succeeds remains to be seen. The company’s SEC filings suggest a viable and FDA-approved device is years away, and that operational losses are expected for the “foreseeable future.” Second Sight reported zero revenue in 2020 or 2021.
Moreover, the experiences of the Argus II recipients could color the reception of future Second Sight products. Doerr notes that his insurer paid nearly $500,000 to implant his device and for training on how to use it.
“What’s the insurance industry going to say the next time this crops up?” Doerr asks, noting that the company’s reputation is “completely shot” with the recipients of its implants.
Perk, who made speeches to praise the Argus II and is still featured in a video on the Second Sight website, says he also no longer supports the company.
Jeroen Perk, an investigator for the Dutch customs service, cried for joy after partially regaining his sight, but he no longer trusts Second Sight, the company that provided his implant.
Nevertheless, Perk remains highly reliant on the technology. When he dropped an external component of his device in late 2020 and it broke, Perk briefly debated whether to remain blind or find a way to get his Argus II working again. Three months later, he was able to revive it by crowdsourcing parts, primarily from surgeons with spare components or other Argus II recipients who no longer use their devices. Perk now has several spare parts in reserve in case of future breakdowns.
Despite the frantic efforts to retain what little sight he has, Perk has no regrets about having the device implanted. And while he no longer trusts Second Sight, he is looking forward to possibly obtaining more advanced implants from companies in the Netherlands and Australia working on their own products.
Doerr suggests that biotech firms whose implants are distributed globally be bound to some sort of international treaty requiring them to service their products in perpetuity. Such treaties are still applied to the salvage rights for ships that sunk centuries ago, he notes.
“I think that in a global tech economy, that would be a good thing,” says McLean, the fellow at Santa Clara, “but I am not optimistic about it in the near term. Business incentives push toward return on share to stockholders, not to patients and other stakeholders. We likely need to rely on some combination of corporately responsibility…and [international] government regulation. It’s tough—the Paris Climate Accord implementation at a slow walk comes to mind.”
Unlike Perk, Doerr has mostly stopped using his Argus II, the result of combination of fear of losing its assistance from wear and tear and disdain for the company that brought it to market. At 70, Doerr says he does not have the time or energy to hold the company more accountable. And with Second Sight having gone through a considerable corporate reorganization, Doerr believes a lawsuit to compel it to better serve its Argus recipients would be nothing but an extremely costly longshot.
“It’s corporate America at its best,” he observes.