Welcome to the CAVEAT Weekly Newsletter, where we break down some of the major developments and happenings occurring worldwide when discussing cybersecurity, privacy, digital surveillance, and technology policy.
At 1,750 words, this briefing is about an 8-minute read.
At a Glance.
- Port contracts negotiations intensify over automation concerns.
- Largest US water utility company victim of cyberattack.
Port worker negotiations continue to intensify over automation concerns.
The News.
Over the past weekend, dockworkers and longshoremen from the International Longshoremen’s Association (ILA) have continued their strike negotiations emphasizing their concerns over automation technologies replacing their jobs. The strike, which lasted several days, has been temporarily paused as negotiations have continued to take place regarding worker concerns about preventing emerging technologies from entering their job sector and the need for greater financial compensation. While a preliminary agreement has been reached between the ILA and the United States Maritime Alliance (USMX) to increase worker pay, the two sides are still discussing automation technologies.
In the ILA’s previous contract, the union required any port managers to request the union’s permission for any automation additions. However, with this new contract, ILA President Harold Daggett stated that the union is looking for “airtight language that there will be no automation or semi-automation.” Additionally, the union stated that “the ILA is steadfastly against any form of automation - full or semi - that replaces jobs or historical work functions [and] we will not accept the loss of work and livelihood for our members due to automation.” The USMX stated that while it has offered the ILA greater compensation, it wants to keep the current contractual language related to automation.
The Knowledge.
These contract negotiations center around major concerns related to how automation could impact the livelihoods of port workers. For dock works, this automation could cause manually operated cranes to be replaced with remote-controlled cranes. Aside from automating cranes, the ILA is also concerned that these automation efforts could be used to optimize the loading, unloading, and moving of heavy crates and other cargo. Robert Bruno, a professor of labor and employment relations at the University of Illinois Urbana-Champaign, spoke on this situation and emphasized how these automation efforts “could either make their work redundant…or would dramatically impact their, what they see as their sort of ownership of this work and the integrity of that work.” While pro-labor arguments have stated that these automation efforts would put livelihoods at risk, automation supporters have highlighted how the United States (US) significantly lags in its automation efforts, subsequently leading to vulnerabilities in supply chains, decreased efficiency, and putting workers at greater bodily risk. Margaret Kidd, the program director and associate professor of supply chain logistics at the University of Houston, highlighted how “American exceptionalism does not exist in our port systems…[, and] our use of automation and technology is antiquated.”
While this strike has the potential to significantly impact domestic supply chains in the short term, these worker concerns are not new. Last year, other major industry unions, including the Writers Guild and the United Auto Workers, went on strike over similar concerns regarding how greater use of automation technologies could result in job losses and plant closings. While these previous strikes ended in greater protections for workers, it is unclear if a similar agreement will be reached in this situation, and if the dock worker strike will resume.
The Impact.
While the dock worker strike has been paused temporarily, it is unclear whether or not the two parties will reach a new agreement. If these parties are unable to find a new agreement over the coming weeks, US citizens and businesses residing across the East Coast should be prepared for significant supply chain disruptions. Not only would these strikes cause supply shortages domestically but could also impact businesses that ship products internationally. Citizens and organizations should be prepared for these potential impacts and take steps to minimize any potential risk.
Aside from taking steps to minimize risks, people should also understand that strikes similar to this one are likely to continue occurring over the coming years. While automation can rapidly improve business productivity, these technologies have created significant concerns related to how they can impact jobs. As businesses attempt to harness these technologies, unions will likely take steps to ensure that new contracts explicitly protect workers and their jobs from being replaced or negatively impacted by automation.
American Water faces a substantial cyberattack.
The News.
A cyberattack has continued to affect the largest regulated water and wastewater utility company in the US. American Water, a New Jersey-based company, was forced to pause its billing systems after it announced the cyber attack this Monday. In this announcement, the company stated that it became aware of unauthorized activity last Thursday and immediately responded by shutting down impacted systems. While this attack did impact billing systems, the company did state that the attack had no impact on water safety. For greater context, American Water is a water and wastewater utility company that operates across fourteen states and services over fourteen million people as well as eighteen military installations.
At this moment, further details regarding who was behind the attack, how the attackers gained access, and when this incident will be remediated have not yet been released.
The Knowledge.
This most recent cyberattack reflects a growing concern regarding the vulnerabilities found in existing US infrastructure. Jack Danahy, a vice president of strategy and innovation at NuHarbor Security, commented on this dynamic stating that “people haven’t traditionally thought of pieces of infrastructure, such as water and wastewater service as being prone to threats, but incidents like this shows how quickly problems could occur.” These sentiments are also supported by a study conducted by the Environmental Protection Agency (EPA), which found that over seventy percent of utilities inspected by federal officials recently violated standards meant to prevent breaches or other intrusions. Aside from experts and reports finding that these vulnerabilities plague US infrastructure, another study, published by Check Point Research, found that there has been a nearly seventy percent increase in cyberattacks from 2023 to 2024 targeting critical infrastructure.
While no attack has been able to severely cripple any US utility to date, coupling this increased volume of attacks with the notable vulnerabilities in these sectors has created a risky dynamic that could have major repercussions for both consumers and businesses alike. Even if one of these breaches did not offline critical services, these impacts could result in substantial financial loss or result in critical information being compromised. Most notably, with the upcoming election rapidly approaching, hostile actors are likely to increase their attacks on these targets.
The Impact.
While the events of this most recent breach continue to be remediated over the coming days, this most recent attack is reflective of a concerning paradigm that has developed within US infrastructure. Given how many vulnerabilities exist within critical infrastructure and how attacks against the industry have continued to grow, it is only a matter of time before one of these attacks is successfully able to cripple a notable service provider.
While it is unlikely that most people will be able to directly remediate this dynamic, businesses should understand this reality and have robust backup solutions in place to ensure that if an outage were to occur for days or weeks, they can continue to operate effectively. Additionally, people working within critical infrastructure organizations should understand that these industries are becoming increasingly targeted by hostile actors and should remain vigilant against potential threats, especially over the next few weeks as the general election approaches.
Highlighting Key Conversations.
In this week’s Caveat Podcast, our team sat down with Josh Rosenzweig, the Senior Director of AI & Innovation at Morgan Lewis. Throughout this conversation, we discussed generative artificial intelligence (AI), and how to effectively manage the technology to ensure it is securely used and that compliance is being maintained effectively. Additionally, our team discussed Califonia Governor Newsom vetoing SB 1047 and how this move will impact AI regulations over the coming months.
Like what you read and curious about the conversation? Head over to the Caveat Podcast for the full scoop and additional compelling insights. Our Caveat Podcast is a weekly show where we discuss topics related to surveillance, digital privacy, cybersecurity law, and policy. Got a question you'd like us to answer on our show? You can send your audio file to caveat@thecyberwire.com. Hope to hear from you.
Other Noteworthy Stories.
States sue TikTok, alleging platform is addictive, harms kids’ mental health.
What: More than a dozen states and the District of Columbia have sued TikTok alleging that the application is exploiting and harming young users.
Why: On Tuesday, fourteen state attorney generals each filed suits in state courts against TikTok over alleged violations of state consumer protection laws. This effort, led by California Attorney General Rob Bonta and New York Attorney General Letitia James, began in 2022 when a bipartisan coalition launched an investigation into an application. With this lawsuit, Attorney General Bonta wrote that “TikTok intentionally targets children because they know kids do not yet have the defenses or capacity to create health boundaries around addictive content.” Bonta continued by writing that “when we look at the youth mental health crisis and the revenue machine TikTok has created…it’s devastatingly obvious: our children and teens never stood a chance against these social media behemoths.”
A TikTok spokesperson responded to these lawsuits stating that the company “strongly disagrees” with these allegations and that “we’re proud of and remain deeply committed to the work we’ve done to protect teens and we will continue to update and improve our product.”
FTC antitrust case against Amazon moves forward, several state claims dismissed.
What: US District Judge John Chun has dismissed antitrust claims brought by Pennsylvania, New Jersey, Oklahoma, and Maryland but denied Amazon’s motion to dismiss similar claims filed by the Federal Trade Commission (FTC) and several other state claims.
Why: On Monday, District Judge Chun announced that the FTC’s antitrust case against Amazon will move forward. In response to this announcement, FTC spokesperson Douglas Farrar stated “we are pleased with the court’s decision and look forward to moving this case forward.” Farrar continued by stating that “the ways Amazon illegally maintains its monopolies and the harm they cause-including suppressed competition and higher prices for shoppers and sellers-will be on full display at trial.”
This lawsuit originated when the FTC and seventeen other states sued Amazon in 2023 for allegedly engaging in anticompetitive behaviors that resulted in keeping prices higher across the internet and making it more expensive for sellers to offer their products on other platforms.