3 Minutes
Artificial intelligence is supercharging biology — accelerating drug discovery and making it easier to design proteins and DNA. But a new red-team study shows that the same tools could also be used to create synthetic sequences that slip past current DNA screening systems, exposing a critical gap in biotech security.
How researchers tested the defenses
Scientists at Microsoft ran a hacker-style experiment using publicly available AI models to generate more than 76,000 synthetic variants of dangerous proteins, including toxin-related sequences such as ricin. They didn’t synthesize the proteins themselves; instead, they designed the gene sequences that would encode those proteins and then ran those sequences through four widely used Biosecurity Screening Software (BSS) tools that DNA manufacturers rely on.
The screening software looks for matches between submitted sequences and a curated database of known threats. That approach is effective when threats resemble known entries, but it’s vulnerable to engineered changes that preserve function while altering the sequence just enough to evade detection.
Big gaps, fast fixes — and lingering risks
The result was striking: a substantial number of AI-designed sequences passed through the BSS checks undetected. In response, the Microsoft team collaborated with screening vendors to patch weaknesses by expanding threat databases and refining detection algorithms. In a follow-up test, the updated systems caught roughly 97% of the highest-risk sequences.
That improvement is promising, but it’s not perfect. Around 3% of potentially hazardous designs still slipped through, and these experiments used computational predictions rather than real-world protein production, so functional risk remains uncertain. Still, the study is a clear alarm bell: as AI design tools grow more powerful, defensive systems must evolve more rapidly.
Why this matters to biotech security
- Most commercial DNA screening relies on known-threat databases, so novel or subtly altered sequences can evade detection.
- AI can explore vast sequence space quickly, producing variants that retain harmful function but differ enough to avoid simple pattern matching.
- Patch-and-update cycles will be necessary, creating an ongoing arms race between offensive design techniques and defensive screening.
Think of it like antivirus software for biology: signatures help, but adaptive attackers can morph past static checks. Continuous updates, improved threat modeling, and broader collaboration across industry, academia, and regulators will be essential to keep pace.
Next steps for building resilient defenses
Experts say the solution is multi-layered. Strengthening databases and detection algorithms is a must, but so is embracing proactive risk assessment, red-teaming exercises, and transparency between AI developers and biosecurity teams. Policies and standards that encourage rapid patching, secure data sharing, and oversight will reduce the chance that AI-generated designs are misused.
The Microsoft study published in Science underscores the need for vigilance: AI can unlock extraordinary benefits in medicine and research, but it also shifts the threat landscape. The challenge now is to ensure security tools and governance keep pace with the technology’s accelerating capabilities.
Source: techxplore
Leave a Comment