New Scientist (pg. 8)
November 12, 2005


Firms that make DNA to order could unwittingly find themselves doing
business with terrorists.

By Peter Aldhous

You might think it would be difficult for a terrorist to obtain genes
from the smallpox virus, or a similarly vicious pathogen. Well, it's
not. Armed with a fake email address, a would-be bioterrorist could
probably order the building blocks of a deadly biological weapon
online, and receive them by post within weeks.

That's the sobering reality uncovered by a New Scientist investigation
into the bioterror risks posed by the booming business of gene
synthesis. Dozens of biotech firms now offer to synthesise complete
genes from the chemical components of DNA (See "A dollar a base
pair"). Yet some are carrying out next to no checks on what they are
being asked to make, or by whom. It raises the frightening prospect of
terrorists mail-ordering genes for key bioweapon agents such as
smallpox, and using them to engineer new and deadly pathogens.

Customers typically submit sequences by email or via a form available
on a company's website. The companies then construct the specified
genes and mail them back a few weeks later, usually spliced into a
bacterium such as Escherichia coli. New Scientist approached 16 such
firms, identified by a Google search, to ask whether they screened
orders for DNA sequences that might pose a bioterror threat. Of the 12
companies that replied, just five said they screen every sequence
received. Four said they screen some sequences, and three admitted not
screening sequences at all (see Table). The risks posed by gene
synthesis first hit the headlines in 2002, when a team from the State
University of New York at Stony Brook made infectious polioviruses
from synthetic DNA. And just last month, researchers with the US
Centers for Disease Control and Prevention in Atlanta, Georgia, said
that they had used similar means to recreate the virus that caused the
1918 flu (New Scientist, 8 October, p 16).

In theory, a terrorist group could try to emulate the latter feat, or
create a virus such as Variola major, which causes smallpox. However,
the Variola genome comprises some 190,000 base pairs of DNA, and while
some companies will make sequences 20,000 or more base pairs long, an
attempt to order all the genes necessary to launch a smallpox attack
would probably arouse suspicion. "That would stand out from a
technological point of view," suggests Drew Endy, a bioengineer at the
Massachusetts Institute of Technology.


Sidebar: A Dollar a Base Pair

Biochemists have long known how to build DNA from its components
"bases" -- the chemical letters of the genetic code. By adding the
bases in a prescribed order and carefully performing a series of
chemical reactions, they can create precisely tailored stretches of

The process became significantly less laborious with the debut of the
automated DNA synthesiser in the 1980s. But a full gene -- a DNA
sequence up to several thousand base pairs long -- involves a
formidable jigsaw puzzle.

Commercial gene synthesis has only really taken off in the past few
years with advances in automating this assembly process. As they main
players jostle for position, the costs of gene synthesis are
plummeting. Prices have dropped about tenfold in five years, and some
firms now supply genes for less than $1.50 per base pair.


A more realistic risk is that terrorists could order genes that confer
virulence to dangerous pathogens such as the Ebola virus, and engineer
them into another virus or bacterium. They could also order genes for
a hazardous bacterial toxin -- although many of these are also
available by isolating the microorganisms from the environment.

Virulence genes are typically no more than a few thousand base-pairs
long. Their sequences are publicly available, so screening gene-
synthesis orders for potential bioweapons shouldn't pose a huge
challenge. Indeed, a company called Craic Computing, based in Seattle,
has written open-source software called Blackwatch that does just
that. It is used by one of the leading gene-synthesis companies, Blue
Heron Biotechnology of Bothell, Washington.

Robert Jones, president of Craic Computing, says that Blackwatch
"casts a wide net", comparing orders against sequences from organisms
identified by the US government as "select agents" that raise
bioterror concerns. But not all of these sequences are dangerous, and
some customers may have the clearance to work with those that are. So
even legitimate orders may be flagged up as suspicious, and that means
companies must employ biologists to carefully examine any matches that
crop up.


Sidebar: Gene Screens

How 12 companies answered when asked if they screen orders for
sequences that bioterrorists could turn into weapons

BaseClear, Leiden, The Netherlands -- Not routinely
Bio Basic, Markham, Canada -- No
Bionexus, Oakland, California -- Not routinely
Bio S&T, Montreal, Canada -- No
Blue Heron Biotechnology, Bothell, Washington -- Yes
DNA 2.0, Menlo Park, California -- Yes
Entelechon, Regensburg, Germany -- Yes
Geneart, Regensburg, Germany -- Yes
Genemed Synthesis, South San Francisco, California -- No
GenScript, Piscataway, New Jersey -- Usually
Integrated DNA Technologies, Coralville, Iowa -- Yes
Picoscript, Houston, Texas -- Not routinely


The need for expert human checks may be one factor deterring some
companies from screening orders. Others like to reassure customers who
may be worried about commercial confidentiality that their sequence
data will remain secret. But whatever the reasons, some firms freely
admit that they run no sequence screens. "That's not our business,"
says Bob Xue, a director of Genemed Synthesis in South San Francisco.

Even if they don't routinely perform sequence checks, some companies
say that they do investigate their customers. But the scope of these
checks varies widely. While some firms say they conduct thorough
probes into customers' affiliations and scientific publications,
others are less exhaustive. For instance, Jennifer Wang, general
manager of Bio Basic, based in Markham, Canada, says that her company
examines email addresses to see if orders come from a legitimate
research organisation.

Such a check would have spotted one suspicious order, sent from a
Hotmail address to BaseClear of Leiden, the Netherlands. This was for
a modified sequence from a hepatitis-like virus. BaseClear itself
rejected the order after the would-be customer failed to respond to
requests for more information, says Gerben Zondag, the firm's
scientific director.

But email addresses are notoriously easy to fake. And even orders from
legitimate institutions may not be what they seem. Alfred Lasher, who
manages Picoscript in Houston, Texas, says that he turned down one
order placed by an individual at a US biotech firm, after Picoscript's
enquiries revealed the gene was being ordered on behalf of a friend in
another country.

Experts are concerned that the checks currently employed by some
companies aren't sufficient to exclude orders placed by terrorists.
"We're taking this very seriously," says Endy. Together with the J.
Craig Venter Institute in Rockville, Maryland, and the Center for
Strategic and International Studies in Washington DC, Endy's research
group at MIT has launched a study into the risks and benefits of
synthetic genomics, and aims to produce a set of policy
recommendations by late 2006. The US National Science Advisory Board
for Biosecurity, setup last year to advise the US government on which
advances in biology could be exploited by terrorists, is also
considering the issue.

Some gene synthesis companies say they would welcome more detailed
rules. John Mulligan, president of Blue Heron, says it would be
helpful to have a list of "select sequences" that are off-limits for
gene synthesis without explicit government permission, rather than
having to make difficult judgments based on the list of select agents.
"Tell us what we can't make," he implores.

But with gene synthesis firms springing up all over the world, and the
underlying technology becoming cheaper and more widely available, it
is unclear whether regulations enacted in any one country will be
enough. "It's going to be virtually impossible to control," predicts
David Magnus, director of the Stanford Center for Biomedical Ethics in
Palo Alto, California.

Endy argues that what's needed is better self-regulation: if
researchers only do business with companies that are diligent in
sequence screening and other security checks, then terrorists would
soon find themselves unable to place orders for dangerous genes.
Otherwise, he fears a crackdown that could close valuable avenues of
research. For instance, gene synthesis can be used to make DNA
vaccines, which may eventually provide a means of responding rapidly
to emerging diseases -- or bioterrorist attacks. "As soon as people
start dying from a bioengineered organism, there will be a huge
security response and research will be clamped down," warns Endy.