Digital Conflicts is a bi-weekly briefing on the intersections of digital culture, AI, cybersecurity, digital rights, data privacy, and tech policy with a European focus.
Brought to you with journalistic integrity by Guerre di Rete, in partnership with the University of Bologna's Centre for Digital Ethics.

New to Digital Conflicts? Subscribe for free to receive it by email every two weeks

.
N.10 - 19 June 2024
Authors: Carola Frediani and Andrea Daniele Signorelli

In this issue:

• Hospitals and Healthcare Facilities Under Attack (Again)

• How Many Jobs Will Be Replaced By Artificial Intelligence?

• In brief

CYBERSECURITY
Hospitals and Healthcare Facilities Under Attack (Again)

The healthcare sector continues to suffer from cyber attacks that cause data breaches and disruptions, both in Italy and abroad. Between June 5 and 6, the IT network of Asst Rhodense – which includes the Garbagnate, Rho, and Bollate hospitals in Milan – suffered a cyberattack, Asst Rhodense reported on its Facebook page (the site was still unavailable several days later). Non-urgent surgeries, bookings, scheduled hospital admissions were suspended. Emergency rooms in Garbagnate and Rho remained active, but ambulance service was suspended. For emergencies, Asst Rhodense advised citizens to use other facilities.

According to Corriere.it, the attack also affected the Passirana aids, community houses, other local clinics: "It is estimated that it will take at least two weeks to return to full functionality. (...) Ambulances have been diverted, non-urgent hospitalizations and surgeries have been postponed, and nuclear medicine activities (such as bone density scans), radiology (CT scans, MRIs, X-rays and mammograms) and laboratory tests have been halted".
On June 12, Asst Rhodense provided an update: "Lab analysis services, booking activities and phlebotomy points are still suspended (...). Technicians are working to ensure the resumption of all activities, but it is not yet possible to define the timetable for the full restoration of the IT infrastructure".

Less publicized was an attack on the Marche Regional Health Agency a few days earlier, which affected the booking service. According to Rainews, "for a long time it was impossible to use all the health booking channels: from the physical counters in hospitals and clinics to the pharmacies participating in the project, as well as the call center and the app".

Unfortunately, this is a scenario we have seen many times in recent years. The latest incident was the cyber attack on Synlab Italia, part of a European network providing medical diagnostic services. The attack (a type of ransomware, as explained on their website, and similar to most attacks in the healthcare sector, where data is copied and encrypted and then a ransom is demanded to either decrypt it or prevent its online disclosure) first blocked several services, in particular all laboratory analytical activities, including the logistics service for sample collection. It then led to the online disclosure of company and patient/client data.

"In more than 380 Synlab laboratories – spread across Lombardy, Veneto, Friuli-Venezia Giulia, Emilia-Romagna, Lazio, Liguria, Campania and Tuscany – around 35 million tests are carried out every year," SkyTG24 writes. "At the moment it is not known how many people have been affected by the cyber attack, only that 1.5 terabytes of data have been published."

"The secure downloading of files is in progress and has been entrusted to a highly specialized company", Synlab said on May 23. "SYNLAB has immediately implemented various measures to combat the attack, including different strategies for analyzing the exfiltrated (copied) data. Due to the volumes involved and the operational complexities encountered during the analysis, it is not possible at this time to assess the position of each individual affected".

If you are one of the affected users, the most important thing is to be aware that you may be the target of fraud attempts by entities with various information about you, such as your tax code, address, or other data that can make an SMS, email, or phone call seem more credible. SYNLAB Italia also provides updated information on its website.

But the attacks on healthcare are not over. In early June, a number of London hospitals were forced to suspend many activities due to a cyber attack on their diagnostic service provider, Synnovis. Synnovis is a partnership between SYNLAB UK & Ireland and a network of English hospitals, Guy's and St. Thomas and King's College Hospital, covering southeast London. In a June 3 email sent to staff and seen by Digital Health News, Professor Ian Abbs, CEO of Guy's and St Thomas NHS Foundation Trust (a semi-autonomous unit of the NHS), said that an "ongoing critical incident" was having a significant impact on pathology services. “I can confirm that our pathology partner Synnovis experienced a major IT incident earlier today (...) This is having a major impact on the delivery of our services, with blood transfusions being particularly affected".

"It is an isolated incident to Synnovis with no connection to the cyber-attack on SYNLAB Italy on 18 April 2024", communicated SYNLAB AG. "The rest of the SYNLAB Group including the other SYNLAB facilities in the UK are not impacted".

Meanwhile, the effects on English hospitals were visible for days. On June 10, the transplant and transfusion service urged O-positive and O-negative blood donors to book an appointment at one of 25 centers to increase supplies because hospitals affected by the cyberattack could not match patients' blood as quickly as usual.

In a message to trainee doctors at Guy's and St Thomas' Trust, students were asked to volunteer for 10 or 12-hour shifts, the BBC reports. An NHS London spokesperson said staff were working "around the clock" to minimize "the significant disruption to patient care".

In the past days, the aftermath of the attack also affected other hospitals. According to The Independent, "more than 200 emergency and life-saving operations, including those which should be done within 24 hours, had to be cancelled by Guy’s and St Thomas’ Foundation Trust (GSTT) and King’s College University Hospital NHS Foundation Trust. (...) More than a third of procedures and operations have been cancelled, which includes over 3,000 non-surgical appointments and hundreds of patients who have been referred for urgent cancer diagnosis". It will take months to recover from the attack, sources told The Guardian.

According to Ciaran Martin, the former head of the UK's National Cyber Security Centre, the Qilin cybercriminal group is responsible for the attack. These groups, as we've often reported, target healthcare facilities and hospitals because the severity of service interruptions and the theft of sensitive data make them more vulnerable to extortion. These are complex structures, with legacy systems, difficulties in updating some software, a multitude of suppliers, and only in recent years have they started to take cybersecurity seriously. But it is no longer acceptable for them to be so exposed to attacks that have a significant operational impact, even on transfusions, emergency room admissions, or multiple healthcare interventions.

Now is the time for systemic interventions.

AI AND WORK
How Many Jobs Will Be Replaced By Artificial Intelligence?

What will be the impact of AI on jobs? This is one of the recurring questions since the race for generative AI began, and it's also the most difficult (perhaps impossible at this point) to answer. Among those who believe that AI will soon replace many jobs is Geoff Hinton, a pioneer in the development of AI and deep learning. Hinton has begun lobbying for a universal basic income in the UK (there is an unusual convergence between AI gurus and basic income movements. It should be noted that Hinton is unique in this regard, as he has always been openly progressive, even calling himself a "socialist"). In particular, Hinton has an interesting and different point of view compared to figures like Sam Altman or Elon Musk. "He said", writes the BBC, “that while he believes AI will increase productivity and wealth, the money will go to the rich ‘and not to the people whose jobs will be lost, and that's going to be very bad for society’”.

That is one scenario. But there is another one, especially in the short term, that is very close to what we would predict if we had to bet a pizza on it. That is, there could be partial replacement, not because AI can really replace all these jobs, but because it can become an excellent excuse to cut costs, optimize, reduce, and precarize.

Brian Merchant talks about this scenario in a recent post from his newsletter, titled after his book, which we never tire of recommending: Blood in the Machine. The tech journalist and historian of the Luddites writes: “If history is any indicator, there’s no catastrophic, Great Depression-level mass job loss event on the horizon, but that won’t stop bosses from trying to use AI to replace certain jobs, keep pay lower, and demand you and your coworkers produce more work. Your bosses’ measuring stick for AI output isn’t whether it’s so good it can replace you wholesale, but if it’s “good enough” to justify the savings on labor costs. Certain industries are uniquely vulnerable to generative AI output, and are more threatened than others. After workplaces are disrupted by generative AI, employees not laid off or reassigned will have to pick up the pieces, often with more work than before. Whether or not your boss adopts generative AI directly or your industry is threatened, the technology can be used as leverage against you and your colleagues. Generative AI may or may not be a flash in the pan, but it can be a wrecking ball to your job regardless, especially if your boss is looking for an excuse to cut costs or to appear innovative — and you should be ready”.

IN-BRIEF

JOURNALISM
Portrait of Eliot Higgins and Bellingcat

Wired USA writes: "Today, Bellingcat is the world’s foremost open source intelligence agency. From his home in the UK, Higgins oversees a staff of nearly 40 employees who have used an evolving set of online forensic techniques to investigate everything from the 2014 shoot-down of Malaysia Airlines Flight 17 over Ukraine to a 2020 dognapping to the various plots to kill Russian dissident Alexei Navalny. Bellingcat operates as an NGO headquartered in the Netherlands but is in demand everywhere: Its staffers train newsrooms and conduct workshops; they unearth war crimes; their forensic evidence is increasingly part of court trials”.