- within Technology topic(s)
- in India
- within Technology, Transport, Media, Telecoms, IT and Entertainment topic(s)
- with Inhouse Counsel
- with readers working within the Law Firm industries
The cyber and data security landscape continues to evolve at pace. It can be challenging to keep up, so we have collated our "top 10" cyber stories from the last month, so you don't have to. We are also releasing our latest Cross Examining Cyber podcast – the cross examination of the former head of the UK Cyber Security Centre, Professor Ciaran Martin CB.
News from HSF Kramer
New Podcast: Cross Examining Professor Ciaran Martin
In this episode, we are joined by Professor Ciaran Martin, one of the globe's leading cyber thought leaders. He is often called upon by Governments, Government agencies and the private sector alike. He is also currently taking a leading educational role, demystifying the cyber space. Ciaran was the former head of the National Cyber Security Centre in the UK and played a critical role supporting the Australian Government in the creation of the Cyber Security Strategy.
Our discussion with Ciaran was so interesting that we have broken it into two. In this part 1, we talk about Ciaran's various roles and how he has become such an important voice in the cybersphere. We also talk about the impact of geopolitics on the cyber threat.
We know you are going to enjoy this discussion. Here we go...
Watch this episode
Listen to this episode
Herbert Smith Freehills Kramer Podcasts · Cross Examining Cyber EP22: Cross Examining Ciaran Martin - Part 1
Australia's class action future: Three critical questions every decision maker should ask
Our Regulatory and Class Action Risk Symposium reflected the changing landscape of risk, regulation, and corporate accountability in Australia. Discussed were critical questions for leaders, boards, and legal practitioners navigating these challenges.
In this article, one of the critical questions is: Are we ready for the next generation of cyber and AI risk? It highlights that the cyber security landscape has never been so complex or fraught. AI is supercharging the scale and sophistication of cybercrime; novel cyber-incident and ransomware-payment reporting obligations are now in place; and a spate of high-profile data breaches have given way to class action exposure.
You can read our full article here.
Cyber Top 10
1 |
Healthcare organisations across Australia and New Zealand continue to face sustained cyber threats, with attackers increasingly targeting hospitals, clinics and third‑party platforms that support critical care. Ransomware, outdated systems, data‑privacy gaps and supply‑chain security concerns remain risks as healthcare providers digitise services and adopt more connected devices. The recent Manage My Health breach in New Zealand, which is under inquiry by the New Zealand Privacy Commissioner, underscores how fragmented infrastructure and high‑value data make the sector an attractive target. Read more here and here. |
2 |
Intel shows that new wave of 'vishing' attacks are breaking into SSO accounts in real time. Threat actor groups, including 'ShinyHunters' have increasingly been targeting single sign-on services to gain access to victim networks and steal data. Security experts have noted the attacks don't involve a vulnerability in single sign-on vendors' products or infrastructure, but rather a persistent weak point in identity and access management. Read more here. |
3 |
Law‑enforcement pressure on ransomware groups appears to be intensifying. European and Ukrainian authorities have publicly identified the alleged ringleader of Black Basta and placed him on the EU Most Wanted and INTERPOL Red Notice lists, alongside raids on suspected members in Ukraine. While he has not been arrested and is believed to be in Russia, the co-ordinated action raises the operational risk for affiliates and may disrupt RaaS pipelines through 2026. Read more here. |
4 |
The NSW Government has unveiled its 2026-2028 Cyber Security Strategy, signalling a shift toward stronger whole‑of‑government coordination. The strategy places particular emphasis on protecting critical infrastructure and third‑party supply chains, strengthening incident response and intelligence sharing through Cyber Security NSW, and standardised incident reporting across agencies. Designed around a two‑year cycle, the approach aims to stay flexible as technologies like AI evolve and attacker tactics continue to change, reflecting a move away from "set and forget" security models toward continuous resilience. Read more here. |
5 |
Reporting suggests that schools and universities remain prime targets for cybercriminals in Australia, with campuses becoming more exposed as they digitise operations and deploy large numbers of connected devices. This expanding attack surface has left education providers increasingly vulnerable to both financially motivated and more sophisticated threats. Recent incidents highlight the trend, including the University of Sydney breach late last year and the recent cyberattack on Victorian government schools, where an external third party accessed a database linked to the state's education network, exposing students' personal information. Read more here and here. |
6 |
A recent report argues that Australia is not ready for drone‑related cyber-attacks, despite becoming deeply embedded in critical industries. Compromised drone devices could enable surveillance, data theft, disruption or network access across critical sectors like emergency services, transport and mining. As fleets grow and connect to cloud systems, GPS and automated controls, vulnerabilities in software and communications are becoming more attractive to attackers. Read more here. |
7 |
The Everest ransomware group is becoming a disruptive actor in the cyber landscape, claiming responsibility for both the McDonald's India breach – where it is leaking corporate and customer data after failed ransom negotiations, and a large Under Armour incident involving 72 million customer records. Its aggressive extortion tactics, high‑profile targets and willingness to publish stolen data are drawing significant attention from analysts, who warn that Everest's escalating activity signals a growing threat to major global brands and their customers. Read more here and here. |
8 |
The ACSC has released a new publication to help small businesses manage cyber risks arising from AI adoption. The publication has recommendations for managing risks, real-world case studies, an example of deploying AI chatbots securely and a cyber security checklist. It reflects the ACSC's broader push to ensure that even small organisations can adopt AI technologies without exposing themselves to unnecessary cyber threats. Read more here. |
9 |
Large‑scale data scraping incidents are amplifying the risk of phishing and impersonation, even where no traditional system breach has occurred. The recent addition of a 298‑million‑record SoundCloud dataset to Have I Been Pwned highlights how publicly available information can be aggregated and repurposed by threat actors at scale. While no passwords were exposed, the volume of email addresses, usernames and profile metadata significantly increases the likelihood of targeted social‑engineering attacks, particularly when combined with data from other breaches. Read more here. |
10 |
Australia's eSafety Commissioner has opened a public consultation on the practical implementation of the under‑16 social media ban, inviting input on how platforms should take "reasonable steps" to prevent children from holding accounts. While the ban is already law, eSafety has acknowledged that challenges around age assurance, circumvention and unintended impacts remain, signalling that enforcement will evolve over time rather than being a one‑off regulatory fix. Read more here. |
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
