Science 6 March 2009:Vol. 323. no. 5919, pp. 1282 - 1283DOI: 10.1126/science.323.5919.1282
Prev Table of Contents Next
News Focus
Yudhijit Bhattacharjee
Prev Table of Contents Next
News Focus
Yudhijit Bhattacharjee
The suicide of Army researcher Bruce Ivins will inevitably mean changes in biosecurity policy, but government and academic scientists are divided on how stringent the new procedures should be.
Eye of the storm. Reporters flocked to Ivins's home in Frederick, Maryland, after news of his suicide.CREDIT: CHRISTOPHER T. ASSAF/MC
On the morning of 2 August 2008, 3 days after Army researcher Bruce Ivins committed suicide, the Biodefense Policy Coordination Committee assembled in a conference room of the Eisenhower Executive Office Building, a stone's throw from the White House. The mood around the table was somber when Robert Kadlec, committee chair and member of the Homeland Security Council, spelled out the meeting's agenda, according to one of the participants. If Ivins had indeed carried out the 2001 anthrax letter attacks, as the Federal Bureau of Investigation (FBI) claimed, what could be done to prevent another bioterrorist act by an insider at a government or academic lab?
The insider threat has never loomed so large in policy discussions on bioterrorism. The massive expansion of biodefense research after the anthrax mailings in 2001, which killed five people and sickened 17, was largely predicated on the concern that a terrorist group could launch an attack using biological weapons it had developed or stolen from a military facility. The FBI's implication of Ivins in the mailings--although still questioned and untested in a court of law--sparked the unsettling realization among researchers and biosecurity experts that "the insider threat is a lot bigger problem than we ever thought," says a former scientist at the U.S. Army Medical Research Institute of Infectious Diseases in Frederick, Maryland, where Ivins worked.
In recent months, that concern has echoed through the halls of the U.S. government. Soon after the 2 August meeting, the White House asked the National Science Advisory Board for Biosecurity (NSABB)--a panel set up in 2005 to address the potential security risks from life sciences research--to consider how best to ensure that academic and industry researchers working with select agents are trustworthy. It is expected to come up with recommendations next month. Independently, an interagency working group, co-chaired by the secretaries of Defense and Health and Human Services, is looking at ways to strengthen lab biosecurity.
Insider. Bruce Ivins worked at USAMRIID.
CREDIT: REUTERS/LANDOVT/LANDOV
The insider threat has never loomed so large in policy discussions on bioterrorism. The massive expansion of biodefense research after the anthrax mailings in 2001, which killed five people and sickened 17, was largely predicated on the concern that a terrorist group could launch an attack using biological weapons it had developed or stolen from a military facility. The FBI's implication of Ivins in the mailings--although still questioned and untested in a court of law--sparked the unsettling realization among researchers and biosecurity experts that "the insider threat is a lot bigger problem than we ever thought," says a former scientist at the U.S. Army Medical Research Institute of Infectious Diseases in Frederick, Maryland, where Ivins worked.
In recent months, that concern has echoed through the halls of the U.S. government. Soon after the 2 August meeting, the White House asked the National Science Advisory Board for Biosecurity (NSABB)--a panel set up in 2005 to address the potential security risks from life sciences research--to consider how best to ensure that academic and industry researchers working with select agents are trustworthy. It is expected to come up with recommendations next month. Independently, an interagency working group, co-chaired by the secretaries of Defense and Health and Human Services, is looking at ways to strengthen lab biosecurity.
Insider. Bruce Ivins worked at USAMRIID.
CREDIT: REUTERS/LANDOVT/LANDOV
Some change in biosecurity procedures is inevitable post-Ivins, experts agree. But how stringent any new steps should be is being hotly debated. Since NSABB got its charge from the White House, board members have been nervously discussing the costs and benefits of measures such as tougher background investigations, psychological screenings, drug tests, and credit checks. Other possibilities include video surveillance of labs and a two-person rule prohibiting researchers from working alone.
Some of those measures are standard practice at the Department of Defense (DOD), the Department of Energy (DOE), and other agencies where scientists work with nuclear, chemical, or biological agents. But some academics worry that extending such measures to academia would undermine the open culture of life sciences research and impede biodefense research. A better approach, some say, would be to trust lab managers to keep a watchful eye on employees for signs of troubling behavior. But even advocates of self-policing concede that that approach may not allay fears of the insider threat.
Trying to foil an insider attackThe U.S. government already vets researchers working with select agents through rules that were put in place a year after the anthrax attacks. Under those rules, institutions and individuals who wish to work with any of 80 biological entities, including the Ebola virus and botulinum toxin, must go through a Security Risk Assessment (SRA).
The SRA process involves a basic FBI background check. Disqualifying factors include a criminal history, a substance-abuse or mental health problem, a dishonorable discharge from the military, or being a citizen of a country that the United States deems a sponsor of terrorism. The FBI runs an applicant's fingerprints through criminal and terrorist databases but generally doesn't investigate whether an applicant has honestly answered questions about substance abuse and mental illness. An SRA can take up to 45 days and is valid for 5 years.
Although many scientists complain that the SRA is onerous and impedes research, experts point out it is a fairly limited form of vetting. "The SRA catches the people who are dirty already," FBI's Kristine Beardsley said at a 12 December 2008 NSABB meeting during which the board discussed personnel reliability. By contrast, a clearance looks at an individual's entire background--not just law enforcement records.
Personnel reliability procedures at federal agencies are already much stricter than those prescribed by the select agent rules. At DOD, employees whose work involves access to select agents and toxins have to undergo a secret-level Personnel Security Investigation that involves, among other things, credit checks and interviews with friends and acquaintances. (Like other defense researchers, Ivins had this clearance.) Once admitted into the lab, employees are monitored through drug tests and periodic medical evaluations. Although there is no formal psychological testing, those who display mentally unstable behavior--such as threatening colleagues--can be removed from the lab. The monitoring measures have been formally in place since 2004.
Since Ivins was implicated, DOD has considered making the system even more stringent. An agency task force has recommended background checks equivalent to those required for a "top secret" clearance. The prospect worries even those used to DOD's security-conscious culture. "They'll hunt down your ex-wife, your landlord, anybody who knows you," Kenneth Cole, a senior Pentagon official, said at the 12 December meeting.
DOE's safeguards could also be a model for NSABB. At DOE's Lawrence Livermore National Laboratory (LLNL), where a security clearance is mandatory for most employees, the dozen or so researchers who work with select agents are further vetted through extensive conversations with past managers. Eric Gard, select agent manager at LLNL, says he has turned down individuals "who have trouble managing their temper, for instance," assigning them instead to work with less hazardous pathogens in a biosafety level 1 lab. Once they are cleared to work with select agents, employees are given a psychological evaluation at least once a year. Occasional credit checks are done "to determine whether somebody might be tempted by their poor financial circumstances to do something desperate," Gard explains.
These measures come at a cost: Academic researchers often suffer a rude shock when they come to work at Livermore, and the intense scrutiny there makes it difficult to attract and retain talent, Gard says.
Peering into the mindAt the 12 December meeting, some NSABB members urged caution before embracing measures such as psychological screenings, which they worry would drive academic scientists away from biodefense projects, slowing vaccine development and other biomedical advances.
Richard Ebright, a chemist at Rutgers University, New Brunswick, doesn't buy the argument. A proponent of stronger regulations, Ebright points out that for all the grumbling, researchers entered the biodefense field in droves after the select-agent rules came into effect.
Some of those measures are standard practice at the Department of Defense (DOD), the Department of Energy (DOE), and other agencies where scientists work with nuclear, chemical, or biological agents. But some academics worry that extending such measures to academia would undermine the open culture of life sciences research and impede biodefense research. A better approach, some say, would be to trust lab managers to keep a watchful eye on employees for signs of troubling behavior. But even advocates of self-policing concede that that approach may not allay fears of the insider threat.
Trying to foil an insider attackThe U.S. government already vets researchers working with select agents through rules that were put in place a year after the anthrax attacks. Under those rules, institutions and individuals who wish to work with any of 80 biological entities, including the Ebola virus and botulinum toxin, must go through a Security Risk Assessment (SRA).
The SRA process involves a basic FBI background check. Disqualifying factors include a criminal history, a substance-abuse or mental health problem, a dishonorable discharge from the military, or being a citizen of a country that the United States deems a sponsor of terrorism. The FBI runs an applicant's fingerprints through criminal and terrorist databases but generally doesn't investigate whether an applicant has honestly answered questions about substance abuse and mental illness. An SRA can take up to 45 days and is valid for 5 years.
Although many scientists complain that the SRA is onerous and impedes research, experts point out it is a fairly limited form of vetting. "The SRA catches the people who are dirty already," FBI's Kristine Beardsley said at a 12 December 2008 NSABB meeting during which the board discussed personnel reliability. By contrast, a clearance looks at an individual's entire background--not just law enforcement records.
Personnel reliability procedures at federal agencies are already much stricter than those prescribed by the select agent rules. At DOD, employees whose work involves access to select agents and toxins have to undergo a secret-level Personnel Security Investigation that involves, among other things, credit checks and interviews with friends and acquaintances. (Like other defense researchers, Ivins had this clearance.) Once admitted into the lab, employees are monitored through drug tests and periodic medical evaluations. Although there is no formal psychological testing, those who display mentally unstable behavior--such as threatening colleagues--can be removed from the lab. The monitoring measures have been formally in place since 2004.
Since Ivins was implicated, DOD has considered making the system even more stringent. An agency task force has recommended background checks equivalent to those required for a "top secret" clearance. The prospect worries even those used to DOD's security-conscious culture. "They'll hunt down your ex-wife, your landlord, anybody who knows you," Kenneth Cole, a senior Pentagon official, said at the 12 December meeting.
DOE's safeguards could also be a model for NSABB. At DOE's Lawrence Livermore National Laboratory (LLNL), where a security clearance is mandatory for most employees, the dozen or so researchers who work with select agents are further vetted through extensive conversations with past managers. Eric Gard, select agent manager at LLNL, says he has turned down individuals "who have trouble managing their temper, for instance," assigning them instead to work with less hazardous pathogens in a biosafety level 1 lab. Once they are cleared to work with select agents, employees are given a psychological evaluation at least once a year. Occasional credit checks are done "to determine whether somebody might be tempted by their poor financial circumstances to do something desperate," Gard explains.
These measures come at a cost: Academic researchers often suffer a rude shock when they come to work at Livermore, and the intense scrutiny there makes it difficult to attract and retain talent, Gard says.
Peering into the mindAt the 12 December meeting, some NSABB members urged caution before embracing measures such as psychological screenings, which they worry would drive academic scientists away from biodefense projects, slowing vaccine development and other biomedical advances.
Richard Ebright, a chemist at Rutgers University, New Brunswick, doesn't buy the argument. A proponent of stronger regulations, Ebright points out that for all the grumbling, researchers entered the biodefense field in droves after the select-agent rules came into effect.
Reliable? Researchers at biocontainment labs may now be subject to increased scrutiny and monitoring.CREDIT: AP PHOTO/TIMOTHY JACOBSEN
At the meeting, some board members wondered aloud whether psychological monitoring would yield too many false alarms without adding much security. Many scientists take "pride in their eccentricity," said Stanley Lemon, a microbiologist at the University of Texas Medical Branch at Galveston.
Gerald Epstein, a biosecurity expert at the Center for Strategic and International Studies in Washington, D.C., agrees. He also questions whether the art of "peering inside people's psyches" to predict their future actions has been perfected yet. "If Ivins was the anthrax mailer, what could we have seen ahead of time in his behavior to stop him?" he asks.
In the summer of 2007, the Office of the Director of National Intelligence (ODNI) commissioned an exercise by scientists and security experts to answer a question along those lines. Group members were divided into red teams and blue teams, says ODNI's Lawrence Kerr, who coordinated the study. The red teams came up with three scenarios of bioterrorist attacks, while the blue teams identified points in the scenarios at which the offender could be captured and the attack foiled. "It was like reading a Michael Crichton book, except that the scenarios contained actual recipes for attacks," says Kerr, a former academic microbiologist. (The study is classified.)
In one of the scenarios, a trained biologist plotted an attack from within a sophisticated lab. "The key judgment we arrived at was that if such an individual was truly intent on carrying out an attack, they would succeed," Kerr says. "It scared the crap out of us."
The exercise led Kerr and his colleagues to devise three categories of indicators that could help detect an insider threat: human, technological, and material. In all three, the study found, the lab's principal investigator, other researchers, and administrators were in the best position to spot red flags such as odd behavior or anomalous purchases of equipment and materials. The take-home message was that researchers need to be sensitized to security concerns. At the same time, institutions need to develop procedures for reporting potentially suspicious activities to higher-ups without fear of embarrassment or recrimination. Kerr is working with scientific societies including the National Academies and AAAS, the publisher of Science, to educate life scientists about indicators to watch for.
Even the idea of keeping an eye on colleagues makes some academics nervous. "The default position should be of mindful trust, not of distrust," NSABB chair Dennis Kasper said at the meeting.
NSABB is likely to emphasize "local judgment" in its recommendations, says the board's Susan Ehrlich. But mere self-governance is likely to be a hard sell, board members admit. "We are in a classic double bind," says Kasper. "If we don't implement a program that is very serious, we are going to get criticized. If we do and research shuts down, we'll get criticized."
Kerr says once all the reviews are complete, the government is likely to prescribe a combination of grassroots vigilance and increased top-down oversight. But no matter what measures are taken, it may be impossible to guarantee that a insider attack won't happen. The reason, Kasper says, is "inherent imperfection in people."
Science. ISSN 0036-8075 (print), 1095-9203 (online)
Gerald Epstein, a biosecurity expert at the Center for Strategic and International Studies in Washington, D.C., agrees. He also questions whether the art of "peering inside people's psyches" to predict their future actions has been perfected yet. "If Ivins was the anthrax mailer, what could we have seen ahead of time in his behavior to stop him?" he asks.
In the summer of 2007, the Office of the Director of National Intelligence (ODNI) commissioned an exercise by scientists and security experts to answer a question along those lines. Group members were divided into red teams and blue teams, says ODNI's Lawrence Kerr, who coordinated the study. The red teams came up with three scenarios of bioterrorist attacks, while the blue teams identified points in the scenarios at which the offender could be captured and the attack foiled. "It was like reading a Michael Crichton book, except that the scenarios contained actual recipes for attacks," says Kerr, a former academic microbiologist. (The study is classified.)
In one of the scenarios, a trained biologist plotted an attack from within a sophisticated lab. "The key judgment we arrived at was that if such an individual was truly intent on carrying out an attack, they would succeed," Kerr says. "It scared the crap out of us."
The exercise led Kerr and his colleagues to devise three categories of indicators that could help detect an insider threat: human, technological, and material. In all three, the study found, the lab's principal investigator, other researchers, and administrators were in the best position to spot red flags such as odd behavior or anomalous purchases of equipment and materials. The take-home message was that researchers need to be sensitized to security concerns. At the same time, institutions need to develop procedures for reporting potentially suspicious activities to higher-ups without fear of embarrassment or recrimination. Kerr is working with scientific societies including the National Academies and AAAS, the publisher of Science, to educate life scientists about indicators to watch for.
Even the idea of keeping an eye on colleagues makes some academics nervous. "The default position should be of mindful trust, not of distrust," NSABB chair Dennis Kasper said at the meeting.
NSABB is likely to emphasize "local judgment" in its recommendations, says the board's Susan Ehrlich. But mere self-governance is likely to be a hard sell, board members admit. "We are in a classic double bind," says Kasper. "If we don't implement a program that is very serious, we are going to get criticized. If we do and research shuts down, we'll get criticized."
Kerr says once all the reviews are complete, the government is likely to prescribe a combination of grassroots vigilance and increased top-down oversight. But no matter what measures are taken, it may be impossible to guarantee that a insider attack won't happen. The reason, Kasper says, is "inherent imperfection in people."
Science. ISSN 0036-8075 (print), 1095-9203 (online)
2 comments:
No one has yet been accountable for allowing Hatfill into the world's most dangerous laboratory. A liar, forger, neo-Nazi, supporter of racist regimes and a certifiable Walter Mitty.......
http://luigiwarren.blogspot.com/2005/12/just-some-asshole-who-has-too-much-to.html
This is what Sandia's Dr. Michaels said.
"I don't think it's enough to say he [Ivins] did it, as well."
In writing up the story, Fox added a "not". (It became a mangled double negative only by the mistranscription).
http://www.foxnews.com/story/0,2933,506727,00.html
Post a Comment