Artificial intelligence is transforming biology and medicine by accelerating the discovery of new drugs and proteins and making it easier to design and manipulate DNA, the building blocks of life. But as with most new technologies, there is a potential downside. The same AI tools could be used to develop dangerous new pathogens and toxins that bypass current security checks. In a new study from Microsoft, scientists employed a hacker-style test to demonstrate that AI-generated sequences could evade security software used by DNA manufacturers.
"We believe that the ongoing advancement of AI-assisted protein design holds great promise for tackling critical challenges in health and the life sciences, with the potential to deliver overwhelmingly positive impacts on people and society," commented the researchers in their paper published in the journal Science. "As with other emerging technologies, however, it is also crucial to proactively identify and mitigate risks arising from novel capabilities."
Testing defenses
When biotech companies make DNA for researchers, they use Biosecurity Screening Software (BSS) to look for similarities between the new sequence and a database of known threats. And that is both a strength and a weakness because it can only screen against what is listed in the database.
To test this biosecurity gap, the Microsoft researchers used publicly available AI programs to create more than 76,000 synthetic variants of known dangerous proteins, including ricin. They didn't actually produce the proteins; they designed the genetic instructions for their synthesis. Then they ran the sequences through four different screening software tools to see if any could slip through. And they did—in big numbers. A significant percentage of these AI-designed sequences breezed through the checks.
After discovering the flaws, the Microsoft team worked with BSS providers to develop patches. These included updating threat databases and fine-tuning the screening software. The result? The beefed-up screening tools caught 97% of the most dangerous sequences in a second test.
The research serves as a clear warning. Even though the patches increased the detection rate, they were not foolproof, as 3% of potentially dangerous sequences were missed. It's also unclear how the resulting proteins would perform in the real world, as the sequences were computer predictions.
Clearly, more work will be needed to build robust defenses against increasingly sophisticated AI techniques, but this effort will be ongoing. A constant evolutionary arms race is inevitable. Just as vaccines must keep pace with new viral mutations, so too will biosecurity screening tools need continuous updates to counter AI-generated threats.
- Adenman
-
1
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.