Skip to main content

Ukraine's nuclear regulator confirms Chernobyl's post-invasion radiation spikes had an 'abnormal origin'.


First off I would like to provide some context for those readers who are not familiar with this topic.

In 2023 I presented at BlackHat USA 'Seeing Through the Invisible: Radiation Spikes Detected in Chernobyl During the Russian Invasion Show Possible Evidence of Fabrication'. Kim Zetter also wrote an investigative piece. The research materials are publicly available.

As I casually discovered a few days ago, around the date I received  the acceptance notification from BlackHat, the paper 'Preliminary assessment of the radiological consequences of the hostile military occupation of the Chornobyl Exclusion Zone' was submitted to the 'Journal of Radiological Protection'. This paper would be eventually approved and then published in September. So it seems that both investigations were being performed in parallel, but unfortunately we never crossed our paths.


There is also a significant detail: this investigation doesn't come from a random guy like me, but from official entities. The authors of this paper belong to an international mission led by the "State Nuclear Regulatory Inspectorate of Ukraine" (SNRIU) and its technical support organization, the "Scientific and Technical Centre for Nuclear and Radiation Safety", with funds from Norway's nuclear authority (DSA).

This international group of experts carried out a comprehensive radiation survey over different areas (with a risk for their lives due to the mines left behind by the Russian occupation forces), including the Chernobyl Exclusion Zone, and specifically in those spots where some of the radiation monitoring devices (GammaTRACER) reported radiation spikes during the beginning of the Russian invasion. 

The outcome of the survey is that they didn't find any trace of contamination, the radiation levels were basically the same than those detected before the Russian invasion. These on-site measurements could only be interpreted as the proof that the spikes never actually happened (due to ionizing radiation), as otherwise they would be essentially defying known physics. 

I had already anticipated this scenario in my research:

------------------------------------------------------------

The ‘return to baseline levels’ mystery.

The last, but not least, question the previous model raises is the following: Why did the stations return to their baseline levels just few days after the spikes?  

According to the ‘resuspension of soil’ theory we have that, either the resuspended materials that caused brutal increments of the H*(10) while airborne, stopped being gamma emitters after the regular deposition phase, or there was no deposition phase at all. Both cases would be equally unphysical. This scenario, in turn, leads to the following never-ending circular problem: How is it possible to achieve higher levels of H*(10) just by resuspending the same materials that were already present in the top layer of the soil?

There are two options:

1. An external release from a radioactive source. 
2. A resuspension activity with a massive transport involved. 

It is the consensus that the first option never happened. So, we are left with the second one. However, if there was a significant transport (relocation) of radioactive materials, large enough to achieve the reported H*(10) levels: Why did the stations return to their baseline levels just few days after the spikes?  And so on.

In this context, the ‘Contamination of Surfaces by Resuspended Materials’  paper provides, in a single sentence, a simple and intuitive, but still scientific, refutation to the ‘resuspension of soil’ theory. 

 

        Figure 80 Resuspension/deposition balance


Basically, what has been reported in the Chernobyl Exclusion Zone is an unprecedented case
in nuclear physics: an unbalanced resuspension scenario without a deposition phase. 

------------------------------------------------------------

In view of these solid evidences, the paper published by Yu Balashevska et al. explicitly acknowledges that the official theory is 'barely plausible' and 'cannot explain the increase' detected by the GammaTRACERs.


 

This theory emerged from "SSE Ecocentre" ( the operator of the radiation monitoring network deployed at the Chernobyl Exclusion Zone) and was initially accepted by Ukraine's nuclear regulator (SNRIU). As a result, it was subsequently disseminated to international media and the IAEA, where this narrative was also apparently accepted and enforced by top level personnel during the following weeks.



However, I observed a 'plot twist': at some point after the initial heat, the interest for those radiation spikes promptly decayed (no pun intended) to such a point that the official IAEA reports on Ukraine barely mention them. Obviously, this was a notable anomaly, bearing in mind that according to the reported radiation levels, those spikes represented the worst radiological event after Fukushima. I think that the conclusions drawn in SNRIU's paper are providing a partial explanation for this unexpected 'disinterest', which matches with what I concluded in my paper: "the nuclear safety experts from the IAEA silently concluded that the radiation spikes never actually happened".

So...what caused the radiation spikes?

SNRIU's paper does not provide an answer, instead it recommends the following:


However, it is not clear who should be in charge of performing that research or whether there is a mandate to do so.

Anyway, with my limited resources I comprehensively analyzed this scenario, among others, during my research. This analysis was performed from different perspectives, taking into account not only the physics that governs EM interferences but also  the specific electronics of the GammaTRACER as well as its Geiger-Müller tubes. Under my point of view this scenario should be considered as  'extremely unlikely'.


To sum up, these were my conclusions:

------------------
1. The abnormally high ambient equivalent dose rate (H*(10)) levels, detected during the 24th and 25th of February 2022 by the Automatic Radiation Monitoring System (ASKRS) of the Chernobyl Exclusion Zone, were plausibly fabricated.

2. From a nuclear physics perspective, these radiation spikes cannot be explained as a response of the GammaTRACER radiation monitoring devices to a traffic-induced resuspension of contaminated dust in the Chernobyl Exclusion Zone.

3. Instead of being detected due to ionizing radiation processes, the H*(10) values, corresponding to the allegedly detected radiation spikes, were plausibly injected into the ASKRS network infrastructure at 13 different determined timestamps, following a specific set of software-generated patterns.

4. As a result of this plausible manipulation, the radiation levels (H*(10)) depicted by the real-time maps provided by saveecobot.com and srp.ecocentre.kiev.ua, did not correspond to the actual physical conditions in the area. During the period, these maps were consulted by millions of people, and also consumed as a single source of information by media outlets and official entities.
------------------

There are still many questions that remain unanswered. The whole issue could have been addressed by performing a forensic analysis of the GammaTRACERs in a timely manner; I elaborated the approach and requirements to perform this task.

I'm not aware of any efforts that were focused on extracting the locally stored measurements from the GammaTRACERs. According to the conclusions presented in the SNRIU's paper, I assume it never happened.  This is unfortunate because during their investigation (June-December '22) this approach was still possible but it's too late now, due to how data is stored: GammaTRACERs contain an internal storage (Static RAM) with capacity for up to 12,800 records, which are cyclically overwritten when new readings are generated.

Another logical option to resolve this 'mystery' would have been to analyze the server that received data from the GammaTRACERs, but unfortunately as I mentioned in my paper...

A chain reaction of fear.

In addition to the media coverage, the news about the events at Chernobyl during the beginning of the Russian invasion went viral in social networks, causing a widespread concern, especially in Europe where the word 'Chernobyl' immediately raises profound fears.

In nuclear physics there is a beautiful phenomenon known as "Doppler broadening". Basically, according to their quantum energy levels, nuclei present a series of resonances: if having the proper kinetic energy, an impinging particle (e.g thermal neutron) can be absorbed by the target nucleus, leading to a nuclear reaction known as 'compound nucleus', an excited state of the nucleus which then decays. Otherwise, the particle will escape the nucleus' resonances area. 

If we think of the nucleus as a vibrating element, due to thermal motion, we can see that from its perspective, the more this nucleus is vibrating, the greater the width for the resonance is, so a particle with a specific kinetic energy will have higher probabilities of being absorbed as temperature increases in the target material.


When the target nucleus is a heavy isotope of Uranium and the bombarding particle is a neutron, this effect represents one of the most fundamental inherent safety measures in nuclear fission reactors. As temperature in the nuclear fuel (whose composition is basically heavy isotopes of uranium U-235/U-238) increases, more neutrons will be absorbed, thus preventing a self-sustained chain reaction. In reactor physics this effect dominates the, always negative, fuel temperature coefficient. Precisely, this is one of the reasons why modern reactors cannot experiment a brutal power excursion similar to what caused the core meltdown in Chernobyl.

I'm far from being an expert in Psychological Operations (PSYOP) but I couldn't resist to use the simile: targets are bombarded with certain information based on elements they're familiar with, so they will be more inclined to absorb that information, thus creating an 'excited' state of thinking which will eventually decay. The more 'heat' around that information the greater your chances of success, understanding 'success' as the ability to achieve the expected reaction from the target.

Since the beginning of my research I had the feeling that I was facing a striking example of a PSYOP.  However, I'll leave the task of speculating about it as an optional exercise for the reader.









Popular posts from this blog

What Really Happened in Chernobyl During the Beginning of the Russian Invasion?

This blog post contains the web version of my research paper: " Seeing Through the Invisible: Radiation Spikes Detected in Chernobyl During the Russian Invasion Show Possible Evidence of Fabrication ", which was unveiled at BlackHat USA 2023 . It is intended to ease the indexing and dissemination of the information collected during this research.  In a few days, I'll be in Brussels presenting this research.  The original paper (PDF) can be downloaded here . Additional references: https://www.wired.com/story/chernobyl-radiation-spike-mystery/  (Kim Zetter) https://www.zetter-zeroday.com/p/radiation-spikes-at-chernobyl-a-mystery  (Kim Zetter) https://medium.com/war-notes/chornobyl-3-92216d21b223  (Olegh Bondarenko) INDEX Foreword Executive summary Introduction 1. Physical      1986      Resuspension      Transport      Humidity      Traffic 2. Cyber    ...
Read more

De-Anonymization attacks against Proton services

  In November 2021 YesWeHack invited me to participate in a private bug bounty program organized by  Bug Bounty Switzerland on behalf of Proton AG.  The scope of the program was quite interesting and heterogeneous, as it covered most of the applications and services offered by Proton, such as ProtonMail and ProtonVPN. As a result, multiple technologies and codebases were in scope, ranging from typescript, in the open-source part of Protonmail, to .NET/Swift used by ProtonVPN apps for Windows and macOS respectively. Proton is well-known for its privacy-driven services offer, so they are based on Switzerland where the legislation seems to match Proton's requirements to provide that kind of services: thus maximizing the privacy of their communications, minimizing the amount of data they log from their users while keeping a law-abiding status.  It wouldn't be realistic to think of Proton users as an homogenous group; you may be using Proton because you're genuinely w...
Read more

Finding vulnerabilities in Swiss Post's e-voting system: part 3

Exactly two years ago I brought my blog back to life, after many years of hiatus, with " Finding vulnerabilities in Swiss Post’s future e-voting system - Part 1 ". That was the first of a series of blog posts covering that system. During these two years I've been periodically assessing the security posture of this e-voting solution, as part of their Bug Bounty program , which I personally recommend.   Since the first time I reviewed their codebase a lot of things have changed, for good, as many areas have been dramatically improved. To be honest, from a security perspective the codebase back then was kind of a mess.   When the first Swiss Post e-voting platform was published, back in 2019, it faced some public scrutiny, mostly from the academic community.  As a result, some significant issues were uncovered , so eventually Swiss Post decided to suspend the deployment of the system. That first version had been developed by Scytl , Spanish company specializ...
Read more

Beware of Java's String.getBytes

Sometimes there are subtle bugs whose origin can be found in some quirks from the underlying language used to build the software. This blog post describes one of those cases in order to let both fellow security researchers and developers, who didn't know about it, become aware of this potential vulnerable pattern. In fact, I'm pretty sure that similar bugs to the one herein described likely affect a bunch of products/codebases out there. In previous posts , I've already described some bugs in the Swiss Post's future E-voting system. While reading their  Crypto-Primitives specification , which among other things describes the custom Hashing algorithm Swiss Post implemented, I noticed something potentially interesting. Basically, there are 4 different types that are supported: byte arrays, strings, integers and vectors. Before being hashed, strings are converted to a byte array via the ' StringToByteArray ' algorithm. However, by comparing ' StringToByteArray...
Read more

Losing control over Schneider's EcoStruxure Control Expert

  During Q2 2022, in view of the geopolitical situation that unfolded after the Russian invasion of Ukraine, I decided that it wouldn't do any harm to kill some bugs in some of the main players within the ICS arena. I focused in those software frameworks that are running on the engineering workstations so, if compromised, attackers would be in a privileged position to manipulate controllers logic, thus enabling sophisticated attacks with a potential physical impact (i.e triton). I responsibly reported a bunch a unauthenticated remotely exploitable bugs to the corresponding vendors. In one case, after being ignored for months, I had to resort to the 'twitter, do your magic' approach and tweeted that I would be disclosing the issues if the situation persisted. It took just few hours for the vendor to get back to me. The positive side is that they found the bugs interesting and all that mess ended up in paid work.   This blog post covers a similar scenario in a different ven...
Read more