Legitimate Research or Biological Threat? Detecting Misuse of the Biological Supply Network and Policy Options to Reduce Risks

John P. Tarangelo, Aurelia Attal-Juncqua, Elika Somani, Derek Roberts, Kyle Webster

Research SummaryPublished Nov 18, 2025

The biotechnology field has grown increasingly accessible in recent years. Advances, from user-friendly laboratory kits to artificial intelligence (AI), have broadened access to biotechnology techniques and knowledge that were once confined to a small number of experts but can now reach a wider audience. Concurrently, expanded access to the biological supply network—the products, services, and equipment essential for biotechnology research, development, and manufacturing—has further lowered barriers. This increased accessibility presents a significant risk: Malicious nonstate actors might exploit the biological supply network to develop a wide variety of biological weapons.

These developments raise a critical question for the U.S. government: How can it detect bad actors that are exploiting this network in order to disrupt their efforts? At the same time, because the expanded supply network might offer greater opportunities for legitimate research, how can the government detect malicious activity without impeding legitimate scientific progress?

RAND researchers recently analyzed methods for detecting misuse within the biological supply network by examining products, services, and systems that malicious nonstate actors might exploit to create a transmissible biological weapon. The researchers offer actionable risk mitigations to support the U.S. agencies with regulatory, research, and intelligence responsibilities in enhancing biosecurity while preserving scientific innovation and competitiveness.

Detecting Malicious Misuse

RAND researchers’ analysis suggests that restricting access to biological materials alone is insufficient to prevent malicious misuse. One key reason is that the materials and services that a nonstate actor would need to create a biological weapon are used regularly in legitimate research. Because many of these materials and services are available from multiple vendors, bad actors might have several potential sources through which to obtain them. A more promising strategy than restricting access involves a multipronged approach focused on detection rather than refusing to complete orders; such an approach would incorporate tracking accessed materials, monitoring acquisition methods and behaviors, and conducting additional customer screenings.

The researchers conducted semistructured interviews with biotechnology and industry experts and analyzed biotechnology materials and services to identify potential red flags that could help agencies detect misuse and the possible intent to develop a biological weapon. Although these red flags do not always indicate malicious intent, they can serve as early warning signs warranting further scrutiny. These signals include the following:

  • Identity obfuscation strategies: Bad actors seeking materials from the biological supply network might attempt to obscure their identities by using fake names, email addresses, physical addresses, or employee information.
  • Use of websites with weak data processes: Businesses in other industries, such as finance, commonly use know-your-customer (KYC) processes to learn and verify customer identities, prevent fraud, and ensure compliance with laws and regulations. The rigor of KYC procedures for websites that sell biological materials or services might vary—and bad actors might deliberately target platforms with known weaker safeguards. Monitoring individuals who disproportionately rely on such sites might give authorities insight into potential malicious activity.
  • Past purchases of suspicious assets: Customers’ order histories of biological materials and services might reveal unusual purchasing patterns. By analyzing and cross-referencing past purchases, authorities might be able to identify possible intentions for developing a biological weapon.

Considerations for Effective Risk Mitigations

To help policymakers as they explore possible measures for detecting malicious actors and curbing biological weapon development, RAND researchers have identified key considerations for crafting effective and feasible policy solutions. These include the following:

  • Separate signals from the noise: Purchasing dual-use biological materials or conducting biotechnology activities does not inherently signal malicious intent. Many products that can enable biological weapon development—such as fetal bovine serum, viral vectors, and plasmid vectors—also play critical roles in legitimate scientific research. Policymakers should consider how to distinguish signals of misuse from the “noise” of legitimate research and craft policies that minimize the negative impact on technological and scientific progress while ensuring meaningful security benefits.
  • Use a multisignal approach: Policymakers should avoid relying on single data points to identify malicious actors and instead adopt approaches that incorporate multiple signals, such as order histories, acquisition methods, behavioral patterns, and other customer information.
  • Safeguard personal and business data: Because many relevant warning signs of misuse might involve customers’ identities and purchasing behaviors, any new measure must also navigate U.S. privacy laws and account for technical information’s commercial sensitivities. Policy options should account for privacy protections and follow clear legal frameworks.

Risk Mitigations and Responsible Parties

The researchers have identified seven promising mitigations to reduce risks of biological supply network misuse, including creating a new oversight authority, incentivizing customer screening by life sciences research service providers, and enhancing public-private collaboration. Recommendations for which stakeholders are best positioned to implement each strategy span executive agencies, Congress, and the private and nonprofit sectors. For each recommendation, the researchers have considered potential risks—such as privacy concerns, funding challenges, and burdens on private partners—to help policymakers anticipate and address them. Table 1 summarizes these strategies, caveats, and proposed responsible parties.

Table 1. Promising Risk Mitigations and Proposed Responsible Parties for Addressing Biology Supply Network Misuse

Risk Mitigation White House Law Enforcement and Intelligence Other Executive Agency
EOP NSC, OSTP DHS DOJ FBI ODNI DOE IRS, TR HHS NA Congress Private, Nonprofit, NGO
Establish a centralized biosecurity entity
  • Description: Create a new, central agency that unifies oversight and supports sustained innovation and long-term preparedness
  • Caveats: Needs legal authority, funding, and political support
 Yes Yes No No No No No No Yes Yes No No
Build public-private frameworks to monitor high-risk purchases
  • Description: Partner with private platforms and vendors to flag suspicious biotech purchases
  • Caveats: Privacy and false-positive risks; might need safeguards and incentives for private-sector cooperation
 No No Yes No Yes No No No Yes No No Yes
Establish a new dual-layered-behavioral threat detection system
  • Description: Detect threats through two layers: (1) flag suspicious purchasers and (2) assess purchases for misuse; possible application for AI
  • Caveats: AI-associated risks and privacy concerns; might need simulated data, strong safeguards, secure environments, and human oversight
 No No Yes No Yes Yes No No No No No Yes
Incorporate biosecurity-specific signals into existing threat detection programs
  • Description: Expand intelligence and law enforcement’s current frameworks to include signals of biotech misuse
  • Caveats: Legal and privacy concerns; requires compliance with domestic surveillance limits; might need privacy protections and redress channels
 No No Yes Yes Yes Yes No No No No No No
Establish a cross-sector biosecurity signal-sharing platform
  • Description: Build a cross-sector platform to share biosecurity-relevant data securely
  • Caveats: Legal and privacy concerns might need rules and careful design to curb mission creep or data misuse
 Yes Yes No No No No No No No No No Yes
Evaluate the risks, costs, and potential benefits of establishing or expanding biosecurity training in life sciences Ph.D. programs
  • Description: Study benefits and costs of educating life science Ph.D. students on biosecurity risks and reporting channels
  • Caveats: Risks spreading information on conducting high-risk activities; might need careful curriculum design and ongoing oversight
 No No No Yes Yes No No No No No No Yes
Have life sciences research service providers implement customer-screening and reporting protocols
  • Description: Mandate or incentivize providers to adopt standardized protocols and KYC practices
  • Caveats: Possible over-burden on providers; might need flexible implementation and protocols
 Yes No Yes No No No Yes Yes Yes No Yes Yes

NOTE: DHS = U.S. Department of Homeland Security; DOE = U.S. Department of Education; DOJ = U.S. Department of Justice; EOP = Executive Office of the President; FBI = Federal Bureau of Investigation; HHS = U.S. Department of Health and Human Services; IRS = Internal Revenue Service; NA = new agency; NGO = nongovernmental organization; NSC = National Security Council; ODNI = Office of the Director of National Intelligence; OSTP = Office of Science and Technology Policy; TR = U.S. Department of the Treasury.

The promising risk mitigations are as follows:

  • Establish a centralized biosecurity entity: A new centralized agency could address the existing fragmented structure of U.S. biosecurity oversight by enabling cohesive, proactive policies that are coordinated across agencies and are better positioned to support sustained innovation and long-term threat preparedness. Establishing an effective new entity will likely require legal authority, funding, and a sustained commitment to long-term objectives.
  • Build public-private frameworks to monitor high-risk biotechnology purchases: A model that is based on close cooperation between the federal government and biotech vendors and such sales platforms as Amazon and eBay could help identify suspicious actors before they acquire critical materials. Strong privacy safeguards and transparent governance can help build public trust.
  • Integrate behavioral threat detection: A dual-layer behavioral threat detection system could enhance efforts to detect and deter biotechnology misuse: one layer to flag high-risk purchasers and the other to assess purchases for misuse. AI might support detection, but developing any AI-enabled program will require high-quality data and red-teaming. Strong safeguards and clear rules are essential to prevent abuse and protect privacy. Successful implementation will likely depend on close industry cooperation and government funding.
  • Incorporate the collection of biosecurity-specific signals and behavioral indicators into existing threat detection programs: Intelligence and law enforcement agencies could expand existing frameworks to include biosecurity-specific signals, such as abrupt shifts in research focus toward high-risk topics. Implementation will likely require addressing privacy concerns and establishing redress channels.
  • Create a cross-sector biosecurity signal-sharing ecosystem: A new national signal-sharing platform could integrate diverse datasets—such as DNA orders, vendor contracts, and procurement patterns—under strict governance to support threat detection. Effective implementation would require a clear legal framework to ensure safe data-sharing and guard against misuse.
  • Evaluate the risks, costs, and potential benefits of establishing or expanding biosecurity training in life sciences Ph.D. programs: Future research can examine the pros and cons of integrating biosecurity risk awareness into federally funded Ph.D. programs. Although such efforts could help students recognize signs of misuse, radicalization, and recruitment, they might also unintentionally educate students on how to successfully undertake high-risk activities. Research might consider ways to reduce these risks, such as through careful curriculum design and ongoing oversight.
  • Have life sciences research service providers implement customer-screening and reporting protocols: The government can encourage or require life sciences research service providers to leverage third-party entities to screen customers for warning signs. Legislation, executive orders, or economic incentives can encourage these providers to adopt standardized protocols and conduct KYC checks. Implementation should incorporate flexible approaches tailored to the provider’s size and specialization to minimize compliance burdens.

Available for Download

Topics

Document Details

Citation

Chicago Manual of Style

Tarangelo, John P., Aurelia Attal-Juncqua, Elika Somani, Derek Roberts, and Kyle Webster, Legitimate Research or Biological Threat? Detecting Misuse of the Biological Supply Network and Policy Options to Reduce Risks. Santa Monica, CA: RAND Corporation, 2025. https://www.rand.org/pubs/research_briefs/RBA4067-1.html.
BibTeX RIS

Research conducted by

This publication is part of the RAND research brief series. Research briefs present policy-oriented summaries of individual published, peer-reviewed documents or of a body of published work.

This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited; linking directly to this product page is encouraged. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial purposes. For information on reprint and reuse permissions, please visit www.rand.org/pubs/permissions.

RAND is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.