AI Advances Create “Zero Day” vulnerability in biosecurity, Raising Bioterrorism Fears
Stay informed wiht free updates. Sign up to teh science myFT digest – delivered directly to your inbox.
A newly discovered vulnerability in software designed to prevent the creation of bioweapons represents the first “zero day” of AI and biosecurity, scientists warn. The loophole, identified in systems that screen access to genetic material used to synthesize deadly proteins, underscores the growing urgency of addressing potential threats unleashed by rapidly advancing artificial intelligence and synthetic biology.
Researchers found that AI-powered protein design software could generate altered protein variants – a form of biochemical disguise – that bypassed existing biosecurity measures. While screening tools effectively flagged naturally occurring dangerous proteins, they failed to detect some of these subtly modified versions. Even after software patches were applied by most companies, approximately 3% of the most hazardous variants remained undetected.
The findings,published Thursday in the journal Science,highlight a critical blind spot in current biosecurity protocols. “Like many powerful technologies, these same tools can also be misused,” explained Eric Horvitz, Microsoft’s chief scientific officer and senior author of the research.
The study involved testing biosecurity software used by companies selling synthetic nucleic acids, the building blocks of DNA used to manufacture proteins. Researchers utilized open-source AI software to create over 75,000 variations of dangerous proteins, introducing structural tweaks designed to evade detection. This demonstrated a “striking vulnerability” in the safeguards intended to prevent the creation of harmful biological agents.
The international team collaborated with organizations including the International Gene Synthesis Consortium and US authorities to address the issue. The research has prompted calls for a systematic assessment of biosecurity software and improved global governance of AI-boosted protein synthesis. Some biologists are advocating for an international agreement to prevent the creation of manufactured “mirror” microbes – organisms with altered genetic structures – should the technology to create them become feasible.
Microsoft has already begun incorporating potential misuse scenarios into its product safety reviews and is expanding its “red-teaming” practices – proactively searching for vulnerabilities. According to a senior official, the company has seen an “intensity of reflection, study and methodology” regarding the potential for large language models to be exploited for “malevolent actions with biology.”
Francesco Aprile, associate professor in biological chemistry at Imperial College London, emphasized the meaning of the study. “By introducing targeted improvements to existing software, the authors significantly enhance detection and flagging,” he said. “This work provides a practical, timely safeguard that strengthens current DNA synthesis screening, and establishes a solid foundation for continued optimization.”
However, experts caution that defenses must be continually strengthened to keep pace with the rapid advancements in the field. Natalio Krasnogor, professor of computing science and synthetic biology at Newcastle University, warned that the barriers to creating harmful proteins are likely to diminish. “We do need as a society to take this seriously now,” Krasnogor stated, “before additional advances in AI make the validation and experimental production of viable synthetic toxins much easier and cheaper to deploy than it is today.”
The research serves as a stark reminder that the same technologies driving breakthroughs in medicine and publ
