Anthropic has signed a landmark 20-year, $19 billion lease with TeraWulf for the "Justified Data" campus in Hawesville, Kentucky. The 401-megawatt AI data centre, built on a former aluminium smelting site, is expected to come online in late 2027.
What keeps cyber analysts awake at night is persistent memory in AI agents storing enterprise IP on US servers with no residency or automatic deletion. It bypasses 30-day rules. DTA's AGT.2 requires retention and purge governance but many businesses remain unaware of the privacy and forensic risks.
AWS has increased prices for reserved AI GPU capacity by around 20%, highlighting the growing shortage of high bandwidth memory and advanced chips. As demand outpaces supply, AI development costs are rising, making large scale model training and deployment more expensive.
31st March 2026 Cyber Update: Ransomware Pressure Builds Across Australian Healthcare
Australia’s healthcare sector faces sustained ransomware pressure, with multiple threat groups exploiting weak controls and legacy systems. Recent breaches highlight systemic gaps, where compromised vendors and undetected lateral movement are driving a rising risk of sector-wide disruption.
Australia’s healthcare system is now under sustained ransomware pressure, with multiple threat groups exploiting the same structural weaknesses across the sector.
The update
Over the past 18 months, INC Ransom affiliates have quietly moved through at least 11 Australian organisations, many tied to healthcare and essential professional services. Their approach is methodical rather than flashy, gaining access through compromised credentials, elevating privileges to administrator level, and navigating networks with the patience of insiders. By the time encryption payloads are deployed, often disguised as routine system processes, the impact is already embedded within the environment.
On 24 March, the situation shifted again. DragonForce surfaced with a claimed breach of an Australian healthcare software provider, widening the field of risk beyond a single target. The exposure is not limited to one entity and may extend to hospitals and clinics connected through shared platforms, reflecting the level of interdependence across the sector.
Why this is working
These attacks are not succeeding because they are highly advanced. They are succeeding because they are difficult to distinguish from normal operations.
Threat actors are using native system tools such as PowerShell and remote administration utilities already embedded within healthcare networks. This approach removes the need for traditional malware and allows attackers to operate inside environments for extended periods without detection.
The underlying weaknesses are consistent and unresolved:
Legacy systems that remain exposed and unpatched
Underfunded security capability across clinics and providers
Compliance-driven governance that replaces real monitoring
Third-party dependencies that amplify a single breach into system-wide risk
Government data confirms the outcome. Healthcare remains one of the most successfully compromised sectors in Australia.
What matters now
This is no longer a series of incidents. It is a systemic condition.
Across Asia-Pacific, ransomware activity is accelerating, with the region now among the most targeted globally. Attacks on healthcare carry consequences beyond financial loss. They degrade national resilience, disrupt frontline services, and place direct pressure on public confidence in essential systems.
Australia’s healthcare network is particularly exposed. Interconnected providers and shared software platforms mean a single point of failure can cascade quickly across the system.
The bottom line
The issue is not awareness. It is execution.
Advisories continue to increase. Outcomes do not.
Core controls such as logging, patching, credential management, and continuous monitoring remain inconsistent. Until healthcare boards treat cyber resilience as a core operational obligation, rather than a delegated IT function, threat actors will continue to operate with a high probability of success.
Get the stories that matter to you. Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Sign up for Cyber News Centre
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead.
Apple is accelerating its security updates to outpace AI driven exploit development, releasing early patches for iOS and macOS, while a critical WinRAR vulnerability shows why legacy software remains a prime target for attackers.
Tata Electronics’ confirmed cyber incident underscores a sharper risk for global manufacturers: stolen supplier specifications and production data can expose valuable intellectual property, test customer trust and challenge India’s push to become a trusted alternative to China.
Five Eyes cyber agencies have warned leaders to act now as AI changes cyber risk, while Mackay Sugar’s ransomware disruption shows why Australian operators cannot treat resilience as a back-office issue.
AI agents are no longer side experiments. They are becoming live attack surface, carrying access to data, code and identity. For Australian businesses, the message is clear: adoption must be matched with control.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!