Meet the Scientists on the Frontlines of Protecting Humanity from a Man-Made Pathogen
Jean Peccoud wasn't expecting an email from the FBI. He definitely wasn't expecting the agency to invite him to a meeting. "My reaction was, 'What did I do wrong to be on the FBI watch list?'" he recalls.
You use those blueprints for white-hat research—which is, indeed, why the open blueprints exist—or you can do the same for a black-hat attack.
He didn't know what the feds could possibly want from him. "I was mostly scared at this point," he says. "I was deeply disturbed by the whole thing."
But he decided to go anyway, and when he traveled to San Francisco for the 2008 gathering, the reason for the e-vite became clear: The FBI was reaching out to researchers like him—scientists interested in synthetic biology—in anticipation of the potential nefarious uses of this technology. "The whole purpose of the meeting was, 'Let's start talking to each other before we actually need to talk to each other,'" says Peccoud, now a professor of chemical and biological engineering at Colorado State University. "'And let's make sure next time you get an email from the FBI, you don't freak out."
Synthetic biology—which Peccoud defines as "the application of engineering methods to biological systems"—holds great power, and with that (as always) comes great responsibility. When you can synthesize genetic material in a lab, you can create new ways of diagnosing and treating people, and even new food ingredients. But you can also "print" the genetic sequence of a virus or virulent bacterium.
And while it's not easy, it's also not as hard as it could be, in part because dangerous sequences have publicly available blueprints. You use those blueprints for white-hat research—which is, indeed, why the open blueprints exist—or you can do the same for a black-hat attack. You could synthesize a dangerous pathogen's code on purpose, or you could unwittingly do so because someone tampered with your digital instructions. Ordering synthetic genes for viral sequences, says Peccoud, would likely be more difficult today than it was a decade ago.
"There is more awareness of the industry, and they are taking this more seriously," he says. "There is no specific regulation, though."
Trying to lock down the interconnected machines that enable synthetic biology, secure its lab processes, and keep dangerous pathogens out of the hands of bad actors is part of a relatively new field: cyberbiosecurity, whose name Peccoud and colleagues introduced in a 2018 paper.
Biological threats feel especially acute right now, during the ongoing pandemic. COVID-19 is a natural pathogen -- not one engineered in a lab. But future outbreaks could start from a bug nature didn't build, if the wrong people get ahold of the right genetic sequences, and put them in the right sequence. Securing the equipment and processes that make synthetic biology possible -- so that doesn't happen -- is part of why the field of cyberbiosecurity was born.
The Origin Story
It is perhaps no coincidence that the FBI pinged Peccoud when it did: soon after a journalist ordered a sequence of smallpox DNA and wrote, for The Guardian, about how easy it was. "That was not good press for anybody," says Peccoud. Previously, in 2002, the Pentagon had funded SUNY Stonybrook researchers to try something similar: They ordered bits of polio DNA piecemeal and, over the course of three years, strung them together.
Although many years have passed since those early gotchas, the current patchwork of regulations still wouldn't necessarily prevent someone from pulling similar tricks now, and the technological systems that synthetic biology runs on are more intertwined — and so perhaps more hackable — than ever. Researchers like Peccoud are working to bring awareness to those potential problems, to promote accountability, and to provide early-detection tools that would catch the whiff of a rotten act before it became one.
Peccoud notes that if someone wants to get access to a specific pathogen, it is probably easier to collect it from the environment or take it from a biodefense lab than to whip it up synthetically. "However, people could use genetic databases to design a system that combines different genes in a way that would make them dangerous together without each of the components being dangerous on its own," he says. "This would be much more difficult to detect."
After his meeting with the FBI, Peccoud grew more interested in these sorts of security questions. So he was paying attention when, in 2010, the Department of Health and Human Services — now helping manage the response to COVID-19 — created guidance for how to screen synthetic biology orders, to make sure suppliers didn't accidentally send bad actors the sequences that make up bad genomes.
Guidance is nice, Peccoud thought, but it's just words. He wanted to turn those words into action: into a computer program. "I didn't know if it was something you can run on a desktop or if you need a supercomputer to run it," he says. So, one summer, he tasked a team of student researchers with poring over the sentences and turning them into scripts. "I let the FBI know," he says, having both learned his lesson and wanting to get in on the game.
Peccoud later joined forces with Randall Murch, a former FBI agent and current Virginia Tech professor, and a team of colleagues from both Virginia Tech and the University of Nebraska-Lincoln, on a prototype project for the Department of Defense. They went into a lab at the University of Nebraska at Lincoln and assessed all its cyberbio-vulnerabilities. The lab develops and produces prototype vaccines, therapeutics, and prophylactic components — exactly the kind of place that you always, and especially right now, want to keep secure.
"We were creating wiki of all these nasty things."
The team found dozens of Achilles' heels, and put them in a private report. Not long after that project, the two and their colleagues wrote the paper that first used the term "cyberbiosecurity." A second paper, led by Murch, came out five months later and provided a proposed definition and more comprehensive perspective on cyberbiosecurity. But although it's now a buzzword, it's the definition, not the jargon, that matters. "Frankly, I don't really care if they call it cyberbiosecurity," says Murch. Call it what you want: Just pay attention to its tenets.
A Database of Scary Sequences
Peccoud and Murch, of course, aren't the only ones working to screen sequences and secure devices. At the nonprofit Battelle Memorial Institute in Columbus, Ohio, for instance, scientists are working on solutions that balance the openness inherent to science and the closure that can stop bad stuff. "There's a challenge there that you want to enable research but you want to make sure that what people are ordering is safe," says the organization's Neeraj Rao.
Rao can't talk about the work Battelle does for the spy agency IARPA, the Intelligence Advanced Research Projects Activity, on a project called Fun GCAT, which aims to use computational tools to deep-screen gene-sequence orders to see if they pose a threat. It can, though, talk about a twin-type internal project: ThreatSEQ (pronounced, of course, "threat seek").
The project started when "a government customer" (as usual, no one will say which) asked Battelle to curate a list of dangerous toxins and pathogens, and their genetic sequences. The researchers even started tagging sequences according to their function — like whether a particular sequence is involved in a germ's virulence or toxicity. That helps if someone is trying to use synthetic biology not to gin up a yawn-inducing old bug but to engineer a totally new one. "How do you essentially predict what the function of a novel sequence is?" says Rao. You look at what other, similar bits of code do.
"We were creating wiki of all these nasty things," says Rao. As they were working, they realized that DNA manufacturers could potentially scan in sequences that people ordered, run them against the database, and see if anything scary matched up. Kind of like that plagiarism software your college professors used.
Battelle began offering their screening capability, as ThreatSEQ. When customers -- like, currently, Twist Bioscience -- throw their sequences in, and get a report back, the manufacturers make the final decision about whether to fulfill a flagged order — whether, in the analogy, to give an F for plagiarism. After all, legitimate researchers do legitimately need to have DNA from legitimately bad organisms.
"Maybe it's the CDC," says Rao. "If things check out, oftentimes [the manufacturers] will fulfill the order." If it's your aggrieved uncle seeking the virulent pathogen, maybe not. But ultimately, no one is stopping the manufacturers from doing so.
Beyond that kind of tampering, though, cyberbiosecurity also includes keeping a lockdown on the machines that make the genetic sequences. "Somebody now doesn't need physical access to infrastructure to tamper with it," says Rao. So it needs the same cyber protections as other internet-connected devices.
Scientists are also now using DNA to store data — encoding information in its bases, rather than into a hard drive. To download the data, you sequence the DNA and read it back into a computer. But if you think like a bad guy, you'd realize that a bad guy could then, for instance, insert a computer virus into the genetic code, and when the researcher went to nab her data, her desktop would crash or infect the others on the network.
Something like that actually happened in 2017 at the USENIX security symposium, an annual programming conference: Researchers from the University of Washington encoded malware into DNA, and when the gene sequencer assembled the DNA, it corrupted the sequencer's software, then the computer that controlled it.
"This vulnerability could be just the opening an adversary needs to compromise an organization's systems," Inspirion Biosciences' J. Craig Reed and Nicolas Dunaway wrote in a paper for Frontiers in Bioengineering and Biotechnology, included in an e-book that Murch edited called Mapping the Cyberbiosecurity Enterprise.
Where We Go From Here
So what to do about all this? That's hard to say, in part because we don't know how big a current problem any of it poses. As noted in Mapping the Cyberbiosecurity Enterprise, "Information about private sector infrastructure vulnerabilities or data breaches is protected from public release by the Protected Critical Infrastructure Information (PCII) Program," if the privateers share the information with the government. "Government sector vulnerabilities or data breaches," meanwhile, "are rarely shared with the public."
"What I think is encouraging right now is the fact that we're even having this discussion."
The regulations that could rein in problems aren't as robust as many would like them to be, and much good behavior is technically voluntary — although guidelines and best practices do exist from organizations like the International Gene Synthesis Consortium and the National Institute of Standards and Technology.
Rao thinks it would be smart if grant-giving agencies like the National Institutes of Health and the National Science Foundation required any scientists who took their money to work with manufacturing companies that screen sequences. But he also still thinks we're on our way to being ahead of the curve, in terms of preventing print-your-own bioproblems: "What I think is encouraging right now is the fact that we're even having this discussion," says Rao.
Peccoud, for his part, has worked to keep such conversations going, including by doing training for the FBI and planning a workshop for students in which they imagine and work to guard against the malicious use of their research. But actually, Peccoud believes that human error, flawed lab processes, and mislabeled samples might be bigger threats than the outside ones. "Way too often, I think that people think of security as, 'Oh, there is a bad guy going after me,' and the main thing you should be worried about is yourself and errors," he says.
Murch thinks we're only at the beginning of understanding where our weak points are, and how many times they've been bruised. Decreasing those contusions, though, won't just take more secure systems. "The answer won't be technical only," he says. It'll be social, political, policy-related, and economic — a cultural revolution all its own.
Meet Dr. Renee Wegrzyn, the first Director of President Biden's new health agency, ARPA-H
In today’s podcast episode, I talk with Renee Wegrzyn, appointed by President Biden as the first director of a federal agency created last year called the Advanced Research Projects Agency for Health, or ARPA-H. It’s inspired by DARPA, the agency that develops innovations for the Defense department and has been credited with hatching world changing technologies such as ARPANET, which became the internet.
Time will tell if ARPA-H will lead to similar achievements in the realm of health. That’s what President Biden and Congress expect in return for funding ARPA-H at 2.5 billion dollars over three years.
Listen on Apple | Listen on Spotify | Listen on Stitcher | Listen on Amazon | Listen on Google
How will the agency figure out which projects to take on, especially with so many patient advocates for different diseases demanding moonshot funding for rapid progress.
I talked with Dr. Wegrzyn about the opportunities and challenges, what lessons ARPA-H is borrowing from Operation Warp Speed, how she decided on the first ARPA-H project which was just announced recently, why a separate agency was needed instead of trying to reform HHS and the National Institutes of Health to be better at innovation, and how ARPA-H will make progress on disease prevention in addition to treatments for cancer, Alzheimer’s and diabetes, among many other health priorities.
Dr. Wegrzyn’s resume is filled with experience for her important role. She was a program manager at DARPA where she focused on applying gene editing and synthetic biology to the goal of improving biosecurity. For her work there, she was given the Superior Public Service Medal and, just in case that wasn’t enough ARPA experience, she also worked at another ARPA that leads advanced projects in intelligence, called I-ARPA. Before that, she was in charge of technical teams in the private sector working on gene therapies and disease diagnostics, among other areas. She has been a vice president of business development at Gingko Bioworks and headed innovation at Concentric by Gingko. Her training and education includes a PhD and undergraduate degree in applied biology from the Georgia Institute of Technology and she did her postdoc as an Alexander von Humboldt Fellow in Heidelberg, Germany.
As Dr. Wegrzyn told me, she’s “in the hot seat” - the pressure is on for ARPA-H especially after the need and potential for health innovation was spot lit by the pandemic and the unprecedented speed of vaccine development. We'll soon find out if ARPA-H can produce something in health that’s equivalent to DARPA’s creation of the internet.
ARPA-H - https://arpa-h.gov/
Dr. Wegrzyn profile - https://arpa-h.gov/people/renee-wegrzyn/
Dr. Wegrzyn Twitter - https://twitter.com/rwegrzyn?lang=en
President Biden Announces Dr. Wegrzyn's appointment - https://www.whitehouse.gov/briefing-room/statement...
Leaps.org coverage of ARPA-H - https://leaps.org/arpa/
ARPA-H program for joints to heal themselves - https://arpa-h.gov/news/nitro/ -
ARPA-H virtual talent search - https://arpa-h.gov/news/aco-talent-search/
Matt Fuchs is the editor-in-chief of Leaps.org and Making Sense of Science. He is also a contributing reporter to the Washington Post and has written for the New York Times, Time Magazine, WIRED and the Washington Post Magazine, among other outlets. Follow him @fuchswriter.
Tiny, tough “water bears” may help bring new vaccines and medicines to sub-Saharan Africa
Microscopic tardigrades, widely considered to be some of the toughest animals on earth, can survive for decades without oxygen or water and are thought to have lived through a crash-landing on the moon. Also known as water bears, they survive by fully dehydrating and later rehydrating themselves – a feat only a few animals can accomplish. Now scientists are harnessing tardigrades’ talents to make medicines that can be dried and stored at ambient temperatures and later rehydrated for use—instead of being kept refrigerated or frozen.
Many biologics—pharmaceutical products made by using living cells or synthesized from biological sources—require refrigeration, which isn’t always available in many remote locales or places with unreliable electricity. These products include mRNA and other vaccines, monoclonal antibodies and immuno-therapies for cancer, rheumatoid arthritis and other conditions. Cooling is also needed for medicines for blood clotting disorders like hemophilia and for trauma patients.
Formulating biologics to withstand drying and hot temperatures has been the holy grail for pharmaceutical researchers for decades. It’s a hard feat to manage. “Biologic pharmaceuticals are highly efficacious, but many are inherently unstable,” says Thomas Boothby, assistant professor of molecular biology at University of Wyoming. Therefore, during storage and shipping, they must be refrigerated at 2 to 8 degrees Celsius (35 to 46 degrees Fahrenheit). Some must be frozen, typically at -20 degrees Celsius, but sometimes as low -90 degrees Celsius as was the case with the Pfizer Covid vaccine.
For Covid, fewer than 73 percent of the global population received even one dose. The need for refrigerated or frozen handling was partially to blame.
The costly cold chain
The logistics network that ensures those temperature requirements are met from production to administration is called the cold chain. This cold chain network is often unreliable or entirely lacking in remote, rural areas in developing nations that have malfunctioning electrical grids. “Almost all routine vaccines require a cold chain,” says Christopher Fox, senior vice president of formulations at the Access to Advanced Health Institute. But when the power goes out, so does refrigeration, putting refrigerated or frozen medical products at risk. Consequently, the mRNA vaccines developed for Covid-19 and other conditions, as well as more traditional vaccines for cholera, tetanus and other diseases, often can’t be delivered to the most remote parts of the world.
To understand the scope of the challenge, consider this: In the U.S., more than 984 million doses of Covid-19 vaccine have been distributed so far. Each one needed refrigeration that, even in the U.S., proved challenging. Now extrapolate to all vaccines and the entire world. For Covid, fewer than 73 percent of the global population received even one dose. The need for refrigerated or frozen handling was partially to blame.
Globally, the cold chain packaging market is valued at over $15 billion and is expected to exceed $60 billion by 2033.
Freeze-drying, also called lyophilization, which is common for many vaccines, isn’t always an option. Many freeze-dried vaccines still need refrigeration, and even medicines approved for storage at ambient temperatures break down in the heat of sub-Saharan Africa. “Even in a freeze-dried state, biologics often will undergo partial rehydration and dehydration, which can be extremely damaging,” Boothby explains.
The cold chain is also very expensive to maintain. The global pharmaceutical cold chain packaging market is valued at more than $15 billion, and is expected to exceed $60 billion by 2033, according to a report by Future Market Insights. This cost is only expected to grow. According to the consulting company Accenture, the number of medicines that require the cold chain are expected to grow by 48 percent, compared to only 21 percent for non-cold-chain therapies.
Tardigrades to the rescue
Tardigrades are only about a millimeter long – with four legs and claws, and they lumber around like bears, thus their nickname – but could provide a big solution. “Tardigrades are unique in the animal kingdom, in that they’re able to survive a vast array of environmental insults,” says Boothby, the Wyoming professor. “They can be dried out, frozen, heated past the boiling point of water and irradiated at levels that are thousands of times more than you or I could survive.” So, his team is gradually unlocking tardigrades’ survival secrets and applying them to biologic pharmaceuticals to make them withstand both extreme heat and desiccation without losing efficacy.
Boothby’s team is focusing on blood clotting factor VIII, which, as the name implies, causes blood to clot. Currently, Boothby is concentrating on the so-called cytoplasmic abundant heat soluble (CAHS) protein family, which is found only in tardigrades, protecting them when they dry out. “We showed we can desiccate a biologic (blood clotting factor VIII, a key clotting component) in the presence of tardigrade proteins,” he says—without losing any of its effectiveness.
The researchers mixed the tardigrade protein with the blood clotting factor and then dried and rehydrated that substance six times without damaging the latter. This suggests that biologics protected with tardigrade proteins can withstand real-world fluctuations in humidity.
Furthermore, Boothby’s team found that when the blood clotting factor was dried and stabilized with tardigrade proteins, it retained its efficacy at temperatures as high as 95 degrees Celsius. That’s over 200 degrees Fahrenheit, much hotter than the 58 degrees Celsius that the World Meteorological Organization lists as the hottest recorded air temperature on earth. In contrast, without the protein, the blood clotting factor degraded significantly. The team published their findings in the journal Nature in March.
Although tardigrades rarely live more than 2.5 years, they have survived in a desiccated state for up to two decades, according to Animal Diversity Web. This suggests that tardigrades’ CAHS protein can protect biologic pharmaceuticals nearly indefinitely without refrigeration or freezing, which makes it significantly easier to deliver them in locations where refrigeration is unreliable or doesn’t exist.
The tricks of the tardigrades
Besides the CAHS proteins, tardigrades rely on a type of sugar called trehalose and some other protectants. So, rather than drying up, their cells solidify into rigid, glass-like structures. As that happens, viscosity between cells increases, thereby slowing their biological functions so much that they all but stop.
Now Boothby is combining CAHS D, one of the proteins in the CAHS family, with trehalose. He found that CAHS D and trehalose each protected proteins through repeated drying and rehydrating cycles. They also work synergistically, which means that together they might stabilize biologics under a variety of dry storage conditions.
“We’re finding the protective effect is not just additive but actually is synergistic,” he says. “We’re keen to see if something like that also holds true with different protein combinations.” If so, combinations could possibly protect against a variety of conditions.
Before any stabilization technology for biologics can be commercialized, it first must be approved by the appropriate regulators. In the U.S., that’s the U.S. Food and Drug Administration. Developing a new formulation would require clinical testing and vast numbers of participants. So existing vaccines and biologics likely won’t be re-formulated for dry storage. “Many were developed decades ago,” says Fox. “They‘re not going to be reformulated into thermo-stable vaccines overnight,” if ever, he predicts.
Extending stability outside the cold chain, even for a few days, can have profound health, environmental and economic benefits.
Instead, this technology is most likely to be used for the new products and formulations that are just being created. New and improved vaccines will be the first to benefit. Good candidates include the plethora of mRNA vaccines, as well as biologic pharmaceuticals for neglected diseases that affect parts of the world where reliable cold chain is difficult to maintain, Boothby says. Some examples include new, more effective vaccines for malaria and for pathogenic Escherichia coli, which causes diarrhea.
Tallying up the benefits
Extending stability outside the cold chain, even for a few days, can have profound health, environmental and economic benefits. For instance, MenAfriVac, a meningitis vaccine (without tardigrade proteins) developed for sub-Saharan Africa, can be stored at up to 40 degrees Celsius for four days before administration. “If you have a few days where you don’t need to maintain the cold chain, it’s easier to transport vaccines to remote areas,” Fox says, where refrigeration does not exist or is not reliable.
Better health is an obvious benefit. MenAfriVac reduced suspected meningitis cases by 57 percent in the overall population and more than 99 percent among vaccinated individuals.
Lower healthcare costs are another benefit. One study done in Togo found that the cold chain-related costs increased the per dose vaccine price up to 11-fold. The ability to ship the vaccines using the usual cold chain, but transporting them at ambient temperatures for the final few days cut the cost in half.
There are environmental benefits, too, such as reducing fuel consumption and greenhouse gas emissions. Cold chain transports consume 20 percent more fuel than non-cold chain shipping, due to refrigeration equipment, according to the International Trade Administration.
A study by researchers at Johns Hopkins University compared the greenhouse gas emissions of the new, oral Vaxart COVID-19 vaccine (which doesn’t require refrigeration) with four intramuscular vaccines (which require refrigeration or freezing). While the Vaxart vaccine is still in clinical trials, the study found that “up to 82.25 million kilograms of CO2 could be averted by using oral vaccines in the U.S. alone.” That is akin to taking 17,700 vehicles out of service for one year.
Although tardigrades’ protective proteins won’t be a component of biologic pharmaceutics for several years, scientists are proving that this approach is viable. They are hopeful that a day will come when vaccines and biologics can be delivered anywhere in the world without needing refrigerators or freezers en route.