There is a particular breed of institutional bravado that flourishes in the aftermath of victory, when the terrible thing that was built has already done its work and the scientists who built it find themselves, somewhat unexpectedly, still alive. In the summer of 1946, that bravado was concentrated in a windowless room at Los Alamos, New Mexico, where a physicist named Louis Slotin was demonstrating to colleagues the precise threshold at which a 6.2-kilogram sphere of plutonium-239 would become a self-sustaining chain reaction. The technique, informally known as "tickling the tail of a sleeping dragon" — a phrase attributed to physicist Richard Feynman — involved cradling two beryllium hemispheres around the core, edging them together until the instruments began to chatter, then pulling them apart. Slotin used a flathead screwdriver as his spacer. He did not use a clamp. He had completed the experiment successfully over a dozen times.

Sources: Nerdist Archives — Tickling the Dragon's Tail  |  Nuclear Secrecy Blog — The Blue Flash

This was not, however, the first time the core had asserted itself. The same 14-pound metallic sphere — the Manhattan Project's third weapon, manufactured for use after Hiroshima and Nagasaki but never deployed — had already claimed one life. On the night of August 21st, 1945, a 24-year-old physicist named Harry K. Daghlian Jr. had returned alone, after hours, to his assembly at the Omega Site. He was stacking tungsten-carbide bricks around the core to find the critical geometry. When his measuring device warned him that one final brick would push the assembly supercritical, he began to remove it. Then he dropped it. The core went prompt critical instantly. Daghlian knocked the brick away with his bare right hand, absorbing a fatal dose in seconds. He died twenty-five days later. During those twenty-five days, his colleague Louis Slotin spent hours at his bedside. Nine months later, Slotin would die in the same hospital, of the same cause, as a result of an accident with the same piece of metal.

On the morning of May 21st, 1946, the screwdriver slipped. The beryllium hemispheres closed. For a fraction of a second — less time than it takes to blink — the core went supercritical, bathing the room in a burst of hard radiation and a flash of ionised air that witnesses described as the deep blue of a gas flame. Slotin, by reflex or instinct, tore the upper hemisphere away with his bare hand, cutting short the excursion and almost certainly saving the lives of the seven people standing behind him. He called them all back immediately, not out of panic but out of calculation: by knowing their relative positions, he could estimate how much radiation each had absorbed. His estimated dose exceeded 1,000 rads — for comparison, the neutron radiation measured 1,000 metres from ground zero at Hiroshima was 400 rads. He died nine days later.

What makes the Demon Core's history so instructive is precisely its repetition. Management reviewed procedures after Daghlian's death, issued new guidelines, and permitted the hand-stacking demonstrations to continue. Enrico Fermi had already warned Slotin personally that he would be dead within a year if he kept doing what he was doing. The warning was noted and ignored. Alvin Graves, who stood closest to Slotin during the second accident and survived severe radiation sickness, went on to become a director of US nuclear weapons testing. The institution absorbed the lesson, filed it, and carried on. It nearly always does.

Fifty-three years after Los Alamos, in a conversion building at the JCO uranium fuel facility north of Tokyo, three workers — Hisashi Ouchi, Masato Shinohara, and Yutaka Yokokawa — were preparing a batch of uranium solution for Japan's experimental fast research reactor, JOYO. The fuel was enriched to 18.8 percent — well above the threshold for criticality, and well above the concentration the facility's safety licence permitted. Procedure called for the solution to pass through a dissolution tank and a buffer column specifically designed to prevent the geometry that would allow a chain reaction. That morning, behind schedule and following informal instructions that had evolved quietly over years into routine practice, the men poured the solution directly into a stainless-steel precipitation tank using a stainless-steel bucket.

The seventh bucketful was enough. At 10:35 local time, the solution went critical. A blue flash — the Cherenkov radiation that has become the visual signature of nuclear accidents — filled the room. The reaction sustained itself for approximately twenty hours, held in check only by the intervention of emergency workers who drained water from a cooling jacket surrounding the tank to remove the moderating effect that was keeping the chain reaction alive. Ouchi absorbed a dose estimated at 17 sieverts — roughly seventeen times the lethal threshold — and was kept alive by extraordinary medical intervention for 83 agonising days before dying from multi-organ failure. Shinohara died seven months later. Yokokawa survived but was permanently affected.

Some 161 people were evacuated from within 350 metres of the facility. Nearly 310,000 residents were advised to remain indoors. The operating company, JCO — a wholly owned subsidiary of Sumitomo Metal Mining — had been producing enriched uranium fuel since the 1970s. The procedure that caused the accident had apparently been in use, off and on, for years. Nobody had written it down. Nobody had officially sanctioned it. Nobody had officially stopped it. The official investigation found that the workers had not been adequately trained on criticality safety. It also found that the procedures in the operations manual did not reflect actual practice. This is the bureaucratic vocabulary for a cover-up so complete it had become invisible even to those perpetuating it.

The Demon Core and Tokaimura are separated by half a century, two continents, and entirely different institutional cultures. They share a single root cause: the normalisation of deviance, the slow accreting process by which a dangerous shortcut is taken once, then again, then becomes the way things are done. In the nuclear domain, the consequences are measured in sieverts. But the process itself is entirely human — and entirely transferable to every domain that follows.

Source: Davis Report — Japan Criticality Accident (National Rep, archived)

On Friday the 13th of July 2001, a worm measuring 4,000 bytes was released onto the internet. It had no conventional payload — no data to steal, no ransom to demand, no political message beyond a crude website defacement. What it had was a buffer overflow exploit targeting a single, unpatched vulnerability in the Indexing Service of Microsoft's IIS web server (vulnerability code MS01-033, published June 18th, 2001), and an appetite for replication that the internet's architects had not thought to defend against. The worm's name was Code Red. Within fourteen hours of its initial release, it had infected more than 359,000 hosts. The entire visible internet had, in effect, been scanned for a specific weakness — and the weakness had been found, at scale, before breakfast.

The mechanism was brutally simple. Code Red scanned random IP addresses, sent a crafted HTTP GET request to port 80, and if the target was running an unpatched version of IIS, took control of the server in seconds via a classic buffer overflow — stuffing so much junk into a URL parameter that it escaped the variable, overwrote a memory address, and handed the attacker full control without physical access. It then defaced the host's website with the message "Welcome to worm.com! Hacked By Chinese!" — a message that researchers would later suspect was a deliberate red herring. Later variants launched a distributed denial-of-service attack against the IP address of the White House, forcing a temporary change to the server's public address.

The infection statistics are almost absurd in retrospect. By July 18th — one week in — over 100,000 machines had been compromised. That number doubled by end of the following day and reached an estimated 360,000 by July 20th, at which point all effectively vulnerable hosts appeared to have been reached. The FBI's National Infrastructure Protection Center eventually estimated 661,000 unique infected IP addresses. Computer Economics estimated the economic impact at $2.4 billion in 2001 dollars — roughly $4.4 billion adjusted for inflation. And yet: a machine that was infected could be entirely cleaned by a simple reboot, because the worm lived purely in system memory and never touched the hard drive. A patch had been available for a full month before the outbreak. Fear of the worm's anticipated second wave on August 1st caused the US Air Force to take bases offline — not the worm itself, but institutional panic. The worm, remarked one researcher, had crippled the Air Force without ever touching it.

What made Code Red a watershed was not its immediate damage but what it demonstrated about the geometry of digital vulnerability. A single unpatched handler in one of the most widely deployed web servers on the planet was sufficient to compromise the better part of the global internet inside a single working day. The gap between the existence of a fix and its universal deployment is, in the architecture of digital security, a wound that has never closed.

In a dim hotel room in Dalian, China, sometime in the days before May 12th, 2017, a North Korean programmer code-named Park sat at a glowing computer working on a problem his superiors had assigned: how to turn a recently leaked cache of American intelligence tools into a deployable weapon. For days he had been stymied, unable to integrate the NSA's stolen exploit, EternalBlue, into functional ransomware. Then, on May 9th, a senior researcher at a cybersecurity firm called RiskSense posted on GitHub a reverse-engineered breakdown of EternalBlue's code. Park found it. Within hours, the missing piece was supplied. He barely had time to sleep before his superiors, apparently unwilling to wait, extracted the code and released it — unfinished — on the morning of May 12th.

The National Security Agency had spent years — and an unacknowledged sum of money — developing EternalBlue, which exploited a flaw in the Windows SMB network protocol. The agency had known about the vulnerability since at least 2012. It did not disclose the vulnerability to Microsoft. In April 2017, a group calling itself the Shadow Brokers — widely attributed to Russian intelligence — published EternalBlue online after stealing it from the NSA. Microsoft had issued a patch weeks earlier, apparently tipped off by the agency once it knew the tool had been compromised. Most users had not applied the patch.

WannaCry combined EternalBlue — which allowed remote code execution on any unpatched Windows machine — with a backdoor tool called DoublePulsar, which established a silent tunnel into infected systems. Through that tunnel it deployed two encryption algorithms that converted every accessible file into gibberish with the .WNCRY extension, then displayed a red ransom screen demanding $300 in Bitcoin. Uniquely among ransomware, WannaCry was self-propagating: it did not require a user to click anything. Once on a network, it scanned both local systems and the wider internet for unpatched machines and spread automatically, with no human assistance. Red screens began appearing in Southeast Asia at 7:44 a.m. Within an hour, Latin America was affected. By 10:00 a.m. UTC, Spain, France, Germany, and the United Kingdom were in chaos. In less than a working day, over three-quarters of the observable internet had been touched.

The United Kingdom's National Health Service bore the most visible damage. WannaCry infected 81 of 236 NHS trusts in England, disrupting approximately 19,000 appointments. Emergency rooms diverted ambulances. MRI scanners went dark. Hospital staff reverted to whiteboards and paper registration for patient tracking. Blood-storage refrigerators lost their monitoring systems. Consultant Tony Bleetman, working an emergency shift in London that day, described arriving to find the ransomware screen appearing simultaneously on every computer in the consultant's office. At one major trauma centre, he heard, all non-emergency surgery was suspended. Regional specialist networks lost the referral systems they depended on.

The kill switch revealed the worm's fatal flaw: its creators had used the same static domain for every infection, rather than a unique per-host address. When Hutchins registered it, every copy of WannaCry worldwide detected a positive result and halted. Had the domain been unique per machine, only Hutchins's computer would have been protected. The infection would have continued spreading indefinitely. Investigators later concluded the malware had almost certainly been released prematurely — earlier than its authors intended, possibly still in a testing phase.

The FBI's subsequent investigation traced WannaCry to the Lazarus Group, North Korea's primary state-sponsored hacking unit — the same group responsible for the 2014 Sony Pictures hack and the 2016 Bangladesh Central Bank heist, in which $100 million was stolen. The crucial link was a shared network of email addresses and IP infrastructure reused across all three attacks, plus overlapping development environments and code signatures. A Google warrant eventually produced a CV sent by a North Korean programmer to a Chinese employer — a document with a real name, photograph, and educational history. That name was Park Jin Hyok. In 2018, the US Department of Justice indicted him. He has never been extradited.

Microsoft's president Brad Smith was blunt in the aftermath: the NSA's decision to hoard rather than disclose EternalBlue was, he wrote, analogous to the US military having its Tomahawk missiles stolen. The NSA's response, when asked whether it bore any responsibility for WannaCry, was: no, not at all. Brad Smith, at least, knew better.

There is a building in Pingfang, in the former Japanese puppet state of Manchukuo, whose foundations enclose the ashes of what its architects called a research programme. What it actually was is among the most comprehensively documented crimes in the history of science — a systematic, state-sanctioned programme of lethal human experimentation that ran for thirteen years, employed over three thousand personnel at its peak, and produced knowledge that its perpetrators were permitted, after Japan's defeat, to sell to the United States government in exchange for immunity from prosecution. The programme's formal designation was the Epidemic Prevention and Water Purification Department of the Kwantung Army. History knows it as Unit 731.

To understand how Unit 731 came to exist, it is necessary to understand the Japan that created it. After decades of Western humiliation of China and the unequal treaty system, Japan had resolved not to suffer the same fate. Through the Meiji era's extraordinary modernisation — from an isolated feudal society in 1853 to a nation that defeated the Russian Empire in 1905 — Japan had become a modern industrial power. But many Japanese military leaders felt their victories had been insufficiently rewarded by Western powers. By the early 1930s, through a process of nationalist consolidation, Japan had become a military dictatorship premised on racial superiority and absolute loyalty to the emperor. The Chinese, historically Japan's cultural forebears, bore the heaviest burden of what followed.

The unit's commanding officer was Lieutenant General Shirō Ishii, a physician and bacteriologist of considerable technical ability and, apparently, no moral imagination whatsoever. He had spent two years on World War One battlefields studying the potential of biological and chemical weapons, and had been recognised as a national expert in weapons of mass destruction before he was ordered to form Unit 731 in 1936. Under his direction, Chinese civilians, Soviet prisoners, Korean labourers, and Allied prisoners of war — the unit's internal records referred to them as maruta, or logs — were infected with plague, cholera, anthrax, typhoid, and dysentery to observe the progression of infection in living bodies. When infection was sufficiently advanced, subjects were vivisected without anaesthesia, organs removed and weighed while the heart still beat, in order to document pathological changes at precise stages of disease. Frostbite experiments were conducted by exposing limbs to sub-zero temperatures until the flesh rotted; the limbs were then amputated and the process repeated on the remaining stump. Children were given food laced with deadly chemicals; their bodies were then dissected. Massive doses of tetanus vaccine were administered to observe the fatal muscle spasms that resulted. Estimates of the total death toll range from three thousand to well over ten thousand.

Beyond the laboratory, Unit 731 conducted field operations across Chinese cities. Plague-infected fleas, cultivated in purpose-built breeding facilities, were dropped from aircraft over Changde, Ningbo, and other population centres, triggering outbreaks that killed tens of thousands of civilians. Wells were poisoned with cholera and typhoid cultures. Infected prisoners were marched through villages. The unit's researchers estimated, with the dispassion of agronomists, the optimal pathogen concentration required to produce the maximum number of secondary infections. Then they field-tested their calculations on living cities.

After Japan's surrender in 1945, Ishii negotiated directly with US Army officials, offering thirteen years of findings — data that no ethical programme could have generated — in exchange for immunity from war crimes prosecution. The agreement was honoured. Ishii died in his own bed in 1959. Several of his senior researchers went on to distinguished careers in Japanese public health and academia. The biological weapons data was absorbed into American Cold War research. Members of Unit 731 openly held reunions in Japan in the years after the war. The lesson this imparts about the relationship between institutional power, scientific knowledge, and impunity is not a comfortable one. It was not intended to be.

Three weeks after the destruction of the World Trade Centre, in the dazed and hypervigilant autumn of 2001, someone mailed at least seven letters to news organisations and two United States senators. The letters contained a fine, pale powder. The powder was Bacillus anthracis — anthrax — milled to a particle size optimised for deep lung penetration. The covering notes, written in block capitals with a studiedly crude hand, declared: DEATH TO AMERICA. DEATH TO ISRAEL. ALLAH IS GREAT. The FBI would eventually conclude that the notes were almost certainly written by an American scientist to suggest the work of an Islamist terrorist.

Five people died. Seventeen more were infected. The Senate Hart Office Building was shut down for three months; decontamination with chlorine dioxide gas cost tens of millions of dollars. The Brentwood postal facility in Washington — whose workers, unlike the senators whose mail they sorted, had not been warned that anthrax letters had passed through their machines — lost two employees to inhalation anthrax before the connection was made. The total cost of the investigation, the decontamination, and the disruption to the postal system exceeded one billion dollars. The attack killed fewer people than a moderately serious traffic accident. Its effects on American governance, public health infrastructure, and biodefence spending were transformative and permanent.

The FBI's seven-year investigation — code-named Amerithrax — traced the specific strain of anthrax (the Ames strain) to a single reference flask, designated RMR-1029, maintained by Dr. Bruce Ivins, a senior microbiologist at the US Army Medical Research Institute of Infectious Diseases at Fort Detrick, Maryland. Ivins had spent his career developing anthrax vaccines. He had worked on treatments that were urgently deployed in the weeks after the attacks he is believed to have perpetrated. He died by suicide in July 2008, as prosecutors were preparing to charge him. The FBI formally closed the case in 2010, naming him the sole perpetrator.

The case remains contested. A number of scientists and former colleagues have argued that the genetic evidence linking RMR-1029 to the mailed anthrax — while suggestive — falls short of the evidentiary standard that a live prosecution would have required. The question of whether Ivins acted alone, or at all, may never be fully resolved. What is not contested is this: the most dangerous bioterrorism attack in American history was conducted, in all probability, by a man with a security clearance, working inside a government biodefence facility, using equipment and materials provided by the government he was attacking. The threat was not from without. It was from within.

The through-line connecting all six incidents in this chronicle is less about the weapons themselves than about the institutions responsible for managing them. At Los Alamos, known risks were acknowledged, procedures updated, and dangerous experiments allowed to continue. At Tokaimura, informal workarounds replaced formal safety procedure so completely that those following them no longer knew they were dangerous. In the case of Code Red and WannaCry, a known vulnerability was left open — once by an unpatched administrator, once by a government intelligence agency — until someone weaponised it. And at Unit 731, an institutional appetite for knowledge overrode every other consideration, then was quietly incorporated into the post-war order by a power that found the data too valuable to refuse. In each case, the weapon was secondary. The institution was primary. It nearly always is.