There are critical points within the biological supply network that bad actors might exploit to develop biological weapons. The authors summarize the existing U.S. biosecurity landscape, develop a threat model, and, using insights from expert interviews, identify products and services to monitor for misuse. The authors use their findings to investigate promising risk mitigations for strengthening biosecurity.

Protecting Biological Materials and Services from Misuse

Opportunities for Access Monitoring and Control

John P. Tarangelo, Aurelia Attal-Juncqua, Elika Somani, Derek Roberts, Kyle Webster

ResearchPublished Oct 20, 2025

The widespread accessibility of biotechnological tools, particularly those outside traditional research environments, complicates biosecurity enforcement and increases the risk of malicious actors misusing biological materials. Advances in gene editing and artificial intelligence (AI), the rise of do-it-yourself and biohacking movements, and fragmented oversight mechanisms exacerbate that risk. This evolving landscape necessitates proactive measures to protect health and national security by better securing the biological supply network.

In this report, the authors explore critical points within the biological supply network that bad actors, especially nonstate actors, might exploit to develop biological weapons. The authors provide an overview of the existing biosecurity landscape in the United States and, after developing a threat model, examine tactics that malicious actors could use to exploit security gaps and avoid monitoring and detection.

The authors interviewed subject-matter experts, including biosecurity specialists, biodefense policy experts, synthetic biology experts, and working laboratory scientists, to gather insights on potential chokepoints in the biological supply network and identify areas of intervention. Specifically, the authors and experts assessed the biological supply network products and services that malicious actors would most likely target to build a weapon and, therefore, would be the best to monitor to detect misuse. The authors use their findings and the experts' insights to develop recommendations for enhancing data collection, regulatory oversight, and overall threat mitigation.

Key Findings

  • Reliably detecting nonstate biological weapon projects by monitoring a single product or service is challenging. Monitoring multiple products or services and assessing customer information might be required.
  • Behaviors that obscure a purchaser's identity, affiliation, or location, and the disproportionate use of websites with weak know-your-customer (KYC) processes, warrant increased attention. Identifying these practices and information about acquired products or services likely offers a stronger indication of an actor's intent than any single data source.
  • Malicious actors might purchase resale items (e.g., laboratory equipment) from websites with weak KYC processes to avoid detection, and analyzing data on this behavior could be valuable.
  • Life sciences research service providers (LSRSPs) could be leveraged as a monitoring mechanism, specifically if the LSRSPs were mandated or encouraged to adopt KYC screening. Financial incentives to implement such screening might boost voluntary compliance.
  • Access to customers' order histories for sensitive biological materials and equipment would be valuable for identifying unusual purchasing patterns and possibly malicious intent. Gaining such access would require industry and government agencies sharing data while respecting privacy and legal constraints.
  • Fetal bovine serum, plasmid vectors, and viral vectors were the items that an actor in the authors' threat model would likely need to create a bioweapon. The regular use of biotechnology products in legitimate research means that leveraging their use to detect malicious activity requires careful consideration to distinguish signals from noise.
  • A sophisticated nonstate actor could use or synthesize alternatives of common biological products, thus supporting the need for an in-depth biosecurity strategy.

Recommendations

  • Establish a centralized biosecurity entity to unify oversight and sustain long-term preparedness.
  • Build public-private frameworks to detect suspicious biotechnology purchases.
  • Develop and deploy behavioral threat-detection systems under strong privacy and legal safeguards, which AI could enable.
  • Integrate biosecurity-specific behavioral indicators into national security programs.
  • Create a cross-sector signal-sharing ecosystem for early threat detection.
  • Evaluate the risks, costs, and potential benefits of establishing and expanding biosecurity training in life sciences Ph.D. programs to strengthen awareness among emerging scientists.
  • Require customer-screening protocols for LSRSPs that are modeled after financial-sector KYC frameworks.

Topics

Document Details

Citation

Chicago Manual of Style

Tarangelo, John P., Aurelia Attal-Juncqua, Elika Somani, Derek Roberts, and Kyle Webster, Protecting Biological Materials and Services from Misuse: Opportunities for Access Monitoring and Control. Santa Monica, CA: RAND Corporation, 2025. https://www.rand.org/pubs/research_reports/RRA4067-1.html.
BibTeX RIS

Research conducted by

This research was independently initiated and conducted by the Meselson Center within RAND Global and Emerging Risks.

This publication is part of the RAND research report series. Research reports present research findings and objective analysis that address the challenges facing the public and private sectors. All RAND research reports undergo rigorous peer review to ensure high standards for research quality and objectivity.

This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited; linking directly to this product page is encouraged. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial purposes. For information on reprint and reuse permissions, please visit www.rand.org/pubs/permissions.

RAND is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.