The AI Bioweapons Risk: We Cannot Afford to Look Away
The risk of AI being used to create a bioweapon is a serious concern for pharma biosecurity after researchers found AI-designed toxins can evade DNA screening. Here’s what you need to know about the AI and bioweapons risk.
AI creating and posing a bioweapons threat has become a documented finding, now on record. As such, health leaders and the wider biotech industry can no longer treat the AI bioweapon risk as someone else's regulatory problem.
A Microsoft-led team investigating biosecurity found that AI-redesigned toxin variants slipped past the genetic screening software that the DNA synthesis industry relies on to block dangerous orders.
The supply chains, the AI design tools, and the same synthetic biology platforms are all widely used across the entirety of pharma.
Posing As a “Bioterrorist”
Researchers at Microsoft, working with academic and industry biosecurity specialists, used generative protein-design tools, including the company's own EvoDiff model, to redesign known deadly toxins such as ricin, botulinum, and Shiga toxin.
The goal was not to create functional bioweapons but to test whether AI-generated variants could be ordered from commercial DNA vendors without triggering the screening software those vendors use.
Across roughly seventy-two toxins and three open-source AI packages, this “red-teaming” exercise generated tens of thousands of protein variants and tested them against widely used screening tools.
A significant share evaded detection, prompting the researchers to treat the result as the biological equivalent of a zero-day vulnerability, alerting the U.S. government and screening-software vendors before publication so that patches could be issued ahead of public disclosure.
Crucially, the exercise was conducted entirely in silico. No toxic proteins were physically synthesised, and the researchers deliberately withheld the specific design techniques that enabled evasion.
The finding that matters for pharma biosecurity is that a safeguard the industry has long treated as a reliable backstop is no longer accurately catching what AI tools can generate.
AI Biosecurity is a Governance Issue: Stop “Made-to-Order” Bioweapons
Pharmaceutical and biotech organisations sit directly inside the affected pipeline and therefore will play a vital role in protecting against the threat AI poses to biosecurity.
Commercial gene-synthesis vendors serve not only drug discovery, but also vaccine development and cell and gene therapy programmes across the industry. The same protein-design and generative biology tools driving therapeutic innovation are structurally identical to those used in the Microsoft study.
Writing in Nature, biosecurity researchers Jaspreet Pannu, Anita Cicero, and Tom Inglesby of the Johns Hopkins Center for Health Security argue that AI-enabled research could cause significant harm if used to design pathogens with concerning new properties.
Closing the gap, they argue, requires regulation imposed on the life sciences sector from outside and a closer collaboration between governments, AI developers, and biosafety experts.
This has teeth for procurement and compliance teams specifically. If screening gaps sit at the DNA-synthesis chokepoint, then vendor due diligence, not just internal research governance, becomes a frontline control.
Biosecurity Modernisation
United States lawmakers introduced the Biosecurity Modernisation and Innovation Act of 2026 (S.3741) in January 2026, sponsored by Senators Tom Cotton and Amy Klobuchar.
The bill would direct the Department of Commerce to mandate nucleic acid synthesis screening industry-wide, replacing the voluntary framework that has governed the sector for more than a decade.
Existing federal guidance already requires screened DNA for federally funded research, following the 2023 Executive Order on AI, but coverage outside that funding stream remains inconsistent.
A meaningful share of the DNA synthesis market does not screen orders at all, underscoring why a voluntary baseline struggles to hold across a fragmented global vendor landscape.
In parallel, the National Academies of Sciences, Engineering, and Medicine published a 2025 consensus study assessing how AI-enabled biological design tools intersect with pandemic-scale biosecurity risk.
They too recommended closer coordination between AI developers and biosecurity authorities alongside continued investment in next-generation screening technology.
Altogether, policy and technical mitigation now have to move together.
AI Can Be Used to Create a Bioterrorism Threat
AI's capacity to accelerate drug discovery and novel protein design is the same capacity that, misused, could lower the barrier to developing biological agents with greater precision and potency.
As a result, there has been a strong industry and intelligence call for layered technical safeguards alongside emerging policy frameworks, rather than relying on any single control.
The AI tools relevant to biosecurity can be distinguished into two groups: Large language models, which can broaden access to existing biological knowledge, and biological design tools, which can generate genuinely novel sequences of DNA and structures of proteins.
The convergence of the two, rather than either alone, is what most expands both the capability and the accessibility of biological misuse of AI over time.
None of the available research suggests AI-enabled biological attacks are imminent. It should be cautioned that disproportionate focus on screening software risks distracting from larger structural threats, including state-level biological weapons programmes, and it's confirmed that misuse attempts remain exceptionally rare.
The consistent message about the AI biosecurity risk is that the barrier is lower than it used to be with the advancement of AI capabilities in DNA and protein synthesis.
What Pharma Leaders Should Do Now to Fend Against the AI Biosecurity Threat
Three actions translate directly into pharma board-level governance actions to protect against the AI biothreat risk:
- Audit gene-synthesis vendor relationships. Confirm which suppliers screen orders against current sequence-of-concern databases, and require attestation as a procurement condition, not an assumption.
- Treat AI design tools as dual-use from day one. Internal biosafety committees reviewing AI-assisted discovery programmes should explicitly assess misuse potential alongside therapeutic value, in line with the layered-safeguard approach the academic literature recommends.
- Track S.3741 and its successors closely. Mandatory federal screening would reshape vendor qualification requirements industry-wide. Organisations that prepare compliance pathways ahead of enactment will face a far smoother transition than those that wait.
Generative Protein Design Poses Potential Biosecurity Threat
AI has not really made biological weapons easy to build; however, what research highlights is that it has made one specific safeguard, nucleic acid synthesis screening, measurably less reliable than the industry assumed, and pharmaceutical organisations sit close enough to that chokepoint that the gap deserves board-level attention rather than a footnote in the risk register.
At Pharmatica, we focus on the systems, strategies, and technologies shaping the future of pharmaceutical R&D, regulatory strategy, and manufacturing resilience. Our analysis sits at the intersection of policy, science, and operational reality, where governance decisions translate into measurable protection for patients, programmes, and reputations.
Pharmatica: Insight. Connection. Impact.
Frequently Asked Questions
What is the AI bioweapon risk in the context of pharmaceutical research?
The AI bioweapon risk refers to the possibility that AI-enabled tools used legitimately in drug discovery, such as generative protein design models, could also be used to design biological agents capable of evading existing safety screening, lowering the technical barrier to creating harmful biological materials.
Did the Microsoft study create an actual bioweapon?
No. The researchers conducted the exercise entirely in digital form and never synthesised any toxic proteins.
The study, published in Science, was designed to test whether AI-redesigned sequences could pass existing screening software, not to produce a functional biological agent.
Is DNA synthesis screening currently mandatory for vendors in the United States?
DNA synthesis screening is mandatory only for federally funded research, under guidance that followed the 2023 Executive Order on AI.
The proposed Biosecurity Modernisation and Innovation Act of 2026 (S.3741) would extend mandatory screening across the gene-synthesis industry, but as of mid-2026 this remains under Senate committee review rather than enacted law.
How should pharmaceutical companies respond to the AI biosecurity risk?
To respond to the AI biosecurity risk, leading guidance points to three priorities for pharma companies: Vendor screening verification, dual-use risk review embedded in AI-assisted research governance, and active engagement with emerging policy frameworks rather than waiting for finalised regulation.
Does AI biosecurity risk apply only to large pharmaceutical companies?
No. Academic literature, including the 2025 review in Frontiers in Bioengineering and Biotechnology, notes that the relevant AI design tools and synthesis vendors are widely accessible, meaning the governance burden extends to biotech start-ups, academic spinouts, and contract research organisations, not exclusively large incumbents.
About the author
Did you enjoy the content?
Why not support Nicole Dale by giving this content a like
Comments (0)