NSA must name a central authority to oversee labs, GAO says

The unchecked growth of US laboratories working with biological agents and a lack of central authority over them since 2001 complicate efforts to make them secure and safe, congressional investigators said Monday.

The number of such facilities, known as high-containment laboratories, grew across the federal government at various agencies and in different budget cycles after the anthrax attacks in 2001, the Government Accountability Office (GAO) disclosed in a report, titled "High Containment Laboratories: National Strategy for Oversight Is Needed."

High-containment labs that handle infectious diseases and other biological pathogens are found throughout federal agencies at the departments of Agriculture (USDA), Commerce, Defense (DoD), Energy, Health and Human Services (HHS), Homeland Security, Interior, Justice, Labor, State, and Veterans Affairs as well as the Environmental Protection Agency. None of these agencies, however, know the total number of biosafety level (BSL) 3 and 4 labs within the United States and none hold responsibility for tracking them, GAO discovered.

To facilitate development of plans for adding high-containment labs and to ensure their security, the National Security Advisor should designate a single authority with responsibility to conduct a strategic evaluation of the facilities, the GAO report recommended.

Expansion of high-containment labs began in order to produce medical countermeasures to deadly pathogens after 2001 due to the anthrax attacks--attacks that came from a scientist at a high-containment lab in Frederick, Md., according to FBI analyses. But the expansion, funded by various agencies for their exclusive missions, occurred without a coordinated strategy, the GAO report said. The decisions to stand up the labs occurred over multiple years by various authorities in different agencies without a central assessment of the need for high-containment labs.

"Even now, after more than seven years, GAO was unable to find any projections based on a governmentwide strategic evaluation of future capacity requirements set in light of existing capacity; the numbers, location, and mission of the laboratories needed to effectively counter biothreats; and national public health goals," the report stated. "Such information is needed to ensure that the United States will have facilities in the right place with the right specifications."

Of even greater interest to a hearing led by Sens. Joseph Lieberman (I-Conn.) and Susan Collins (R-Maine) Tuesday, the lack of central authority over the labs has left no means of determining the level of risk associated with their expansion, GAO warned.

Lieberman and Collins called the hearing to mark up the Weapons of Mass Destruction Preparedness and Prevention Act (S. 1649), which would mandate security levels at high-containment labs--among other provisions.

Were the National Security Advisor to place a central authority in charge of the labs, that organization could then enhance lab security through ensuring that agencies do not expand the number of labs beyond those required, balancing the risks and benefits of expanding the labs, and determining how to oversee them, the report noted.

Oversight programs at USDA and HHS, in particular, require modifications because some of their labs have responsibility for monitoring themselves and reporting any incidents, the report said. The agencies concurred with GAO's recommendation to examine those programs.

Under weak oversight, a malicious actor could easily perpetuate an attack such as the 2001 anthrax attacks--which the FBI concluded originated from a DoD facility at Fort Dietrich in Frederick through the actions of scientist Bruce Ivins, who was employed there.

Would-be terrorists also could target other labs that have no active oversight at all. Such labs have capabilities to work with biological agents but do not currently possess them, leaving the door open to a malicious actor to potentially orchestrate the release of pathogens.

"Consequently, laboratories having capabilities to work with biological agents, even though they do not posses select agents, are not currently subject to oversight. These laboratories also have associated biosecurity risks because of their potential as targets for terrorism or theft by either internal or external perpetrators," the report asserted.