June 2026 in Retrospect

News from HSF Kramer 

Cross examining Cyber: The Director series

Over the next six weeks, we'll be continuing our Cross-Examining Cyber – Director Series, releasing a new episode every fortnight.

We have an exceptional line up, still to come. Look out for our upcoming episodes with Anne Templeman-Jones, David Gonski, John Mullen and Catherine Brenner.

Watch / listen here.

Cyber Risk Survey - 2026

Our Cyber Risk Survey is now underway. We are engaging with the legal leaders in Australia and across the Asia Pacific region to bring you their perspectives. This is a unique survey, now in its fourth year. We can’t wait to bring their observations to you. Stand by…

Forthcoming Guidance: Finding a Path Past the AI Frontier Hype

Frontier AI models are changing the cyber threat landscape, accelerating vulnerability identification and exploitation. To help you understand the fundamentals, we have prepared a quick and easy-to-digest summary of the current frontier AI landscape, which will be published shortly. Keep an eye out for this summary on our website here.

In the meantime, some useful information about the frontier AI landscape and its impact on cyber security can be read here and here.


The HSF Kramer Cyber “Essential Eight”: 

The cyber landscape continues to evolve at pace. It can be challenging to keep up, so we have collated our “Essential Eight” cyber stories from the last month, so you don’t have to. 

SOCI Act Reforms…no surprise!

In news that will surprise absolutely nobody, the Department of Home Affairs is consulting on 21 proposed amendments to the SOCI Act aimed at simplifying and modernising the regime. Stakeholders are invited to provide feedback before the consultation closes at the end of July. This is a critical juncture in the cyber legislative evolution. Read more here

Essential Eight, time to retire?

The ASD Essential Eight has officially started browsing coastal property listings. The ASD has announced plans to retire the framework within two years, replacing it with a broader and more flexible “Essentials” framework. A staged transition will apply, with existing Essential Eight investments expected to remain relevant. Read more here

The Anthropic roller coaster continues.

It's been a month of twists and turns for Anthropic. In early June, the company released its new Fable 5 and Mythos 5 models, only to suspend access days later following the introduction of US export controls. Fortunately, the ride wasn't over for long – restrictions were lifted on 30 June, and access has now been restored. Read more here

ASIO on edge.

ASIO’s Annual Threat Assessment warns that Australia’s security environment is becoming increasingly complex, with terrorism, foreign interference, espionage and cyber threats arising in new ways. Of particular concern, the assessment highlighted ongoing efforts by nation-state cyber actors to target and infiltrate Australia’s critical infrastructure. As ASIO’s Director-General Mike Burgess observed:

“…the hackers were preparing for sabotage. They weren’t planting ‘digital dynamite’ as such; they were mapping out the network and maintaining access so they could cripple it at a time of their choosing.” Read more here.

Cloud's on the Horizon (2)?

There’s always another horizon beyond the horizon, with the release of the Australian Government’s Horizon 2 Action Plan. The 2026-2028 plan responds to Australia’s evolving cyber threat environment with a focus on strengthening the cyber workforce, improving the security of critical infrastructure and government systems, and supporting the secure adoption of emerging tech. Read more here.

Qilin takes a swing.

Apparently, it’s not enough to target hospitals, infrastructure and large corporates…ransomware groups have apparently decided golf clubs are fair game too. One of Sydney’s long-standing private golf clubs has reportedly become one of the latest Australian organisation targeted by Qilin, amid reports of increased activity by the prolific ransomware-as-a-service operation. Weekend golfers…your handicap may well be published on the dark web soon. Read more here and here

No scholars and no gentlemen.

Despite the name, the Gentlemen, another ransomware-as-a-service group, has emerged as one of the most active cybercriminal operations of 2026, reportedly claiming almost 500 victims globally and disrupting Mackay Sugar's operations in Queensland. They are also known for providing dark web publication to extortion gangs without that capability. Read more here and here.

A wolf in sheep's clothing.

It turns out cyber criminals don't always travel in packs. Threat experts are reporting a rise in "lone wolf" hackers. Operators are working independently rather than through organised ransomware groups, making the threat landscape more fragmented and unpredictable. Read more here


Peter Jones photo

Peter Jones

Partner, Head of TMT, Asia, Singapore

Merryn Quayle photo

Merryn Quayle

Managing Partner, Melbourne Office, Melbourne

Kaman Tsoi photo

Kaman Tsoi

Special Counsel, Melbourne

Heather Kelly photo

Heather Kelly

Senior Associate, Melbourne

Key contacts

Peter Jones photo

Peter Jones

Partner, Head of TMT, Asia, Singapore

Merryn Quayle photo

Merryn Quayle

Managing Partner, Melbourne Office, Melbourne

Kaman Tsoi photo

Kaman Tsoi

Special Counsel, Melbourne

Heather Kelly photo

Heather Kelly

Senior Associate, Melbourne

Rebecca Gill photo

Rebecca Gill

Senior Associate, Melbourne

Caitlyn Bellis photo

Caitlyn Bellis

Senior Associate, Sydney

Cameron Whittfield Peter Jones Christine Wong Merryn Quayle Emily Coghlan Magdalena Blanch-de Wilt Kaman Tsoi Heather Kelly Rebecca Gill Caitlyn Bellis Brooke Crenfeldt Annabelle L’Estrange