Cyberbiosecurity: Protecting the Convergence of Biology and Technology

The Emergence of Cyberbiosecurity

Cyberbiosecurity represents a relatively new discipline that addresses vulnerabilities arising from the increasing digitization of biological research, manufacturing, and public health infrastructure. As biological systems become more dependent on computational tools, networked instruments, and digital data flows, they inherit the cybersecurity vulnerabilities of those digital systems while introducing unique risks specific to the biological domain. The term was formally introduced in academic literature around 2018, though the underlying concerns had been recognized for years prior.

The scope of cyberbiosecurity extends across the entire bioeconomy: from research laboratories where automated instruments are connected to institutional networks, to biomanufacturing facilities where process control systems manage the production of vaccines and therapeutics, to public health surveillance systems that aggregate sensitive health data from millions of individuals. Each of these domains presents distinct threat surfaces that require specialized understanding of both cyber and biological risks.

Threat Landscape: Where Cyber Meets Bio

The cyberbiosecurity threat landscape encompasses several categories of risk. Data integrity attacks target the accuracy of biological data, including genomic sequences, clinical trial results, and surveillance data. If an adversary could subtly alter genomic sequence data in a shared database, the consequences could range from misdirected research efforts to flawed diagnostic assays or inappropriate therapeutic interventions. Unlike data theft, which is detectable when the breach is discovered, data manipulation may go unnoticed for extended periods, propagating errors through downstream analyses and decisions.

Operational technology (OT) attacks target the control systems that manage biological processes. Modern biomanufacturing relies on programmable logic controllers, supervisory control and data acquisition (SCADA) systems, and networked sensors to maintain precise environmental conditions during the production of biologics. Compromise of these systems could disrupt production, contaminate products, or cause safety incidents. The convergence of IT and OT networks in biomanufacturing facilities creates attack surfaces that traditional cybersecurity approaches may not adequately address.

Intellectual property theft remains a persistent concern, particularly for organizations engaged in vaccine development, therapeutic discovery, and advanced biodefense research. The economic value and strategic significance of biological intellectual property make it an attractive target for state-sponsored cyber espionage. The COVID-19 pandemic highlighted this risk, with multiple reports of cyber intrusions targeting vaccine research organizations.

Laboratory Cybersecurity

Modern research laboratories are increasingly populated with networked instruments: sequencers, mass spectrometers, flow cytometers, automated liquid handlers, and environmental monitoring systems. These instruments often run embedded operating systems that may not receive regular security updates, connect to institutional networks for data transfer and remote management, and may be accessible via vendor maintenance portals. The result is an expanding attack surface within environments that handle sensitive biological materials and data.

Biosafety level 3 and 4 (BSL-3/4) laboratories present particular cybersecurity challenges because their physical containment systems, including HVAC controls, airlock interlocks, and decontamination systems, are increasingly managed by networked control systems. A cyber attack that compromised these controls could potentially affect the physical containment of dangerous pathogens, creating a scenario where a cybersecurity breach has direct biosafety consequences.

Addressing laboratory cybersecurity requires approaches that account for the unique operational requirements of research environments. Unlike corporate IT environments, laboratories require flexibility for experimental workflows, may use specialized software with limited security features, and often operate under regulatory frameworks (such as Good Laboratory Practice) that were developed before cybersecurity was a significant concern. Effective laboratory cybersecurity must balance protection with the operational flexibility that research demands.

Genomic Data Security

The proliferation of genomic data creates cyberbiosecurity challenges that span privacy, security, and biosecurity domains. Genomic databases contain information that is inherently identifiable, as an individual's genome is a unique identifier that cannot be changed if compromised. Large-scale genomic datasets also contain population-level information that could, in principle, be exploited for targeted biological attacks, though the practical feasibility of such attacks remains a subject of debate among experts.

Pathogen genomic databases present a different set of concerns. Public repositories of pathogen sequences are essential for surveillance, research, and countermeasure development, but they also provide information that could inform the design of enhanced pathogens. The tension between open data sharing, which accelerates defensive research, and access control, which limits potential misuse, is a central challenge in cyberbiosecurity governance. Current approaches generally favor openness for pathogen sequence data, with restrictions focused on the most sensitive information, such as detailed protocols for enhancing pathogen capabilities.

Supply Chain Vulnerabilities

The biological supply chain, encompassing reagent suppliers, DNA synthesis providers, equipment manufacturers, and contract research organizations, introduces cyberbiosecurity risks at multiple points. DNA synthesis companies, which produce custom genetic sequences to order, represent a particularly important node in this supply chain. Cyber compromise of a synthesis provider's order management system could potentially be used to alter sequences being produced, insert unauthorized orders, or access information about what sequences are being requested by which customers.

Current biosecurity screening of DNA synthesis orders relies on computational comparison of ordered sequences against databases of regulated pathogens and toxins. If the screening databases or algorithms were compromised, dangerous sequences could potentially pass through screening undetected. This highlights the importance of securing not just the synthesis process itself but the entire digital infrastructure that supports biosecurity screening.

Building Cyberbiosecurity Resilience

Building resilience against cyberbiosecurity threats requires a multidisciplinary approach that integrates cybersecurity expertise with biological domain knowledge. This includes developing threat models specific to biological systems, establishing security standards for laboratory instruments and biomanufacturing control systems, implementing data integrity verification mechanisms for biological databases, and training the biological research workforce in cybersecurity awareness.

Institutional and national frameworks for cyberbiosecurity are still in early stages of development. Progress requires collaboration between cybersecurity professionals, biological researchers, public health officials, and national security agencies to develop shared understanding of the threat landscape and coordinated approaches to risk mitigation. The interdisciplinary nature of cyberbiosecurity means that no single community possesses all the expertise needed to address these challenges, making cross-sector collaboration essential.