This is the introductory piece of a series led by Randall Murch, Visiting Editor for Homeland Security Today, former FBI, and Research Lead and Professor of Practice at Virginia Tech – National Capital Region. The series will look in-depth at biosecurity, its implications at the nexus of biosecurity and cyber, and the realities and policies that may present challenges to the homeland security community. If you are in this area and interested to lend a perspective, please contact us. We welcome both practical and academic perspectives.
For global, national and homeland security, biosecurity represents an important component, one that has many dimensions both traditional and emerging. In this inaugural article on biosecurity, I seek to provide a foundation and a peek at one emerging, new opportunity space.
A Brief Historical Foundation
There have been many articles, chapters and books written on the history of biological weapons and their use. To build our base, we need not revisit or regurgitate these at length. Suffice it to say that the basic knowledge, technology and opportunities to use pathogens and biological toxins as weapons have been known for centuries. Historical episodes include the invading Mongols flinging diseased corpses over the city walls of Caffa (in what is now Crimea) in 1346 to infect, kill and weaken resistance to their siege; the British Army providing smallpox-infested blankets to Native Americans in 1763-64 in order to save Fort Pitt from successful attack; the infamous Japanese Army Unit 731 activities in Manchuria prior to and during World War II, which included the testing of biological weapons and delivery methods on local populations; the extensive Soviet biological weapons program that was publicly revealed through investigations by Western scientists and defectors from the program. This program was active while the world was wrestling with the Biological Weapons Convention, the primary international treaty governing the possession, development and use of dangerous pathogens and toxins as weapons. (The Soviets were participating in these negotiations and signed the agreement.) United Nations Security Council Resolution 1540 is the other key international agreement governing biological weapons, as well as other WMD. The U.S. has and does actively keep to the provisions of these documents and participates with the UN and member states in their enforcement and advancement.
The Emergence of Biosecurity
One could argue that the U.S. as a nation formally entered the biosecurity domain from the homeland security perspective with the issuance of Homeland Security Presidential Decision Directives 9 and 10, although there were programs being stood up or morphed from legacy programs before that time. Many government programs and policies have emerged from these directives, as well as laws and regulations being enacted. The impact of the Anthrax mailing cases of 2001 is well-known.
For the purpose of common terms of reference, biosecurity can be defined as:
- Procedures or measures designed to protect the population against harmful biological or biochemical substances (English Oxford Living Dictionary);
- Security against the inadvertent, inappropriate, or intentional malicious or malevolent use of potentially dangerous biological agents or biotechnology, including the development, production, stockpiling, or use of biological weapons as well as outbreaks of newly emergent and epidemic disease (U.S. National Academies)
Biosecurity has many dimensions and facets and possesses a substantial dynamic range. It is not just worrying about the use of anthrax (Bacillus anthracis) against humans or their environments. Many pathogens that cause disease in humans, animals and plants are available to be considered or used as weapons. Bioterrorism can target one individual, such as a VIP, or a large population with intended specific or broad outcomes. Pathogens can be acquired from nature or a laboratory that studies infectious diseases. An adversary can be unsophisticated and lucky or sophisticated and clever, whether a “lone wolf” with access to open-source information and simple equipment or a team of experts in a well-resourced, sophisticated biocontainment laboratory.
The planning and execution of an attack can avoid detection through simple security measures or highly advanced and layered technical and operational security approaches. Facilities and equipment used can be crude and inexpensive or highly advanced and expensive. Infectious disease outbreaks can appear as natural events while actually nefariously purposed. Humans can be targeted in a multitude of ways but also valuable animals and plants can be as well. Attacks can inflict death and disease on thousands or more, or target agriculture or food and result in massive economic damage and kill no one.
Biosecurity encompasses the scientific and technological, policy, procedure, practice, preparedness and response, communication and education dimensions of legitimate (protect, foster yet monitor, educate and regulate) and illegitimate (protect against, prevent, mitigate and reduce risks) activities related to research, development, test, validation, and materials transfer related to “dual use” science and technology as it pertains to inflicting harm through and on biological systems. “Dual Use”, also expressed as “Dual Use Research of Concern,” refers to science and technology that can be used both for legitimate and beneficial purposes, as well as those that are deemed illegitimate, harmful and malicious.
The “dual use” conundrum is an important ingredient in biosecurity. As it applies to pathogenic microorganisms and biological toxins, virtually all life science knowledge and technology can be used for both beneficial and nefarious purposes. Breakthroughs in understanding the disease-causing properties and mechanisms of pathogens can help to develop new medical countermeasures or therapies. Concomitantly, those breakthroughs can also inform how to circumvent antimicrobial resistance or immunological response. The use of advanced genetic engineering techniques to confer resistance to devastating pathogens of high-value crops can also be used to understand how to circumvent resistance and engineer new generations of pathogens. With the accelerating pace of new technologies that apply to the life sciences, “dual use” is becoming more complex and challenging.
The Focus of Biosecurity is Changing
To this point, biosecurity attention has been largely focused on securing and limiting access to pathogens and the byproducts (i.e., biological toxins). The most prominent pathogens and toxins of concern are captured in various government lists. Over the past 14 years, the emergence of broadening concern is the misuse of science to create more worrisome pathogens or problematic situations that resulted from a lack of governance schema. The National Academies of Science, Engineering and Medicine have issued a number of reports focused on some aspect of biosecurity (search at www.nap.edu, including the landmark report “Biotechnology Research in an Age of Terrorism” published in 2004). The National Science Advisory Board on Biosecurity was stood up to specifically aid in addressing a range of associated biosecurity concerns and risks, such as through policy recommendations, practices and education. Biosecurity and biosafety prescriptions have been enacted and are enforced and will remain important pillars in the U.S. program, as well as elsewhere. International engagement to reduce and redirect the former Soviet Union’s biological weapons programs has evolved to capacity-building programs, such as with the (DoD) Defense Threat Reduction Agency’s Cooperative Biological Engagement Program and the Department of State’s Biological Engagement Program. Both incorporate biosecurity into training and improving public health laboratories across the globe. Yet, even with all of this, biosecurity is rapidly morphing and evolving.
New Emerging Concerns for Biosecurity
The landscape of biosecurity is morphing quite dramatically in the 21st century, largely because of the rapid advent of new life science knowledge, science and technology and the wide availability of such, coupled with the greater ability to understand how these can be accessible, adapted and applied for misuse. Examples of the newest generation of technologies that warrant close attention for possible unauthorized, illicit and nefarious use include genetic engineering technologies like gene editing tools such as CRISPR/Cas9, expanding reliance on “big data,” which is generated from genomics and systems biology analyses from bioinformatics applications and, more recently, artificial intelligence. Most recently, awareness is being raised about life science and medical infrastructure and instrumentation that is cyber-supported. Automated, high throughput and robotic laboratory instrumentation, robotic surgical systems and advanced biomanufacturing facilities, among others of this sort, also provide substantial benefits but may produce concerns as to other vulnerabilities that should be addressed. All of these require new, multidisciplinary and integrated approaches to addressing the expanding pantheon of biosecurity and dual-use issues and concerns.
Cyberbiosecurity: Bringing Biosecurity and Cybersecurity Together
“Cyberbiosecurity” is being proposed as an emerging hybridized discipline at the interface of cybersecurity, cyber-physical security, the life and biomedical sciences and biosecurity. Initially, my colleagues and I define this term as “understanding the vulnerabilities to unwanted surveillance, intrusions, and malicious and harmful activities which can occur within or at the interfaces of comingled life and medical sciences, cyber, cyber-physical, supply chain and infrastructure systems, and developing and instituting measures to prevent, protect against, mitigate, investigate and attribute such threats as it pertains to security, competitiveness and resilience.” This is an initial definition. The definition and the landscape will rapidly evolve, requiring revisions.
Cyberbiosecurity also contributes to a larger strategic objective of “Safeguarding the Bioeconomy,” being advanced by the Federal Bureau of Investigation, which seeks to increase security and resilience of the bioeconomy, including to protect its rapidly changing cyber-life science topology. For the U.S., as the FBI defines it, the bioeconomy accounts for an estimated $4 trillion annually, nearly 25 percent of GDP. That definition and the economic contribution encompasses from pharmaceuticals to renewable energy and new materials, from environmental remediation to public health resilience, and from agriculture to the response to emerging infectious diseases. As part of the U.S. national security architecture, “safeguarding the sciences” is a high priority, as well. In our view, the cyberbiosecurity perspective should be incorporated.
Beginning to understand the facets and boundaries of cyberbiosecurity can be informed by the review of a report on “Big Data” and the implications for national security, short articles on the security implications of connected biolabs, genomics and artificial intelligence, problems with cyberinfrastructure and biotechnology labs and cyberbiosecurity from the biotechnology perspective. Prescriptions and solutions are likely to include science and technology, operational practices, standards or guidelines, regulations and bringing disparate communities and stakeholders together in various ways and means. When cyberbiosecurity is fully developed, it could potentially reach far, wide and deep.
Lean Forward, Embrace the Inevitable
Life science knowledge and technology is accelerating rapidly, will continue to do so for the foreseeable future and touches nearly every aspect of our existence. On one hand, advancements provide great value and benefit for exploration and learning, personal and societal medicine and health, advancements in agriculture and the food supply, new materials and fuels and managing natural resources and environmental protection. With the benefits come the risks; we must be prepared for both.
As part of our evolution, we must anticipate and adapt to new threats that result from the exploitation of new and converging technologies, expertise and threats. The life and biomedical sciences are heavily supported and enabled by information systems and infrastructure in many ways, which will only expand. The security interfaces, overlaps and gaps between life, biomedical sciences and information sciences and cyber technology, with the perspectives of biosecurity and cybersecurity, are just being realized. Cyberbiosecurity could be the next biosecurity frontier, but will take a different form and circumscribe different constituencies than what has existed to date.