Welcome to the latest edition of ASPI’s Cyber & Tech Digest.
Each week, ASPI curates and contextualises the most important developments in cyber, technology, and geopolitics — highlighting what matters and why.
This edition covers the period: 14 March 2026 to 20 March 2026.
Follow the Australian Strategic Policy Institute on Bluesky, LinkedIn, and X.
A quick note to readers:
We’re working to make the Digest as comprehensive and readable as possible, though this edition is on the longer side.
If you’d prefer shorter updates more frequently (for example, two or three editions across the week), we’d like to hear that. As outlined in our recent format update, we’ll soon introduce a Substack pledge option so readers can signal whether they’d support a more frequent release schedule. If there’s sufficient interest, we would look at moving to up to three editions per week, delivering key developments faster and in shorter bursts.
A note on our process: we use AI tools to assist with research and drafting. Every edition is reviewed, edited and curated by our team, and any analysis or commentary is written by us.
Feedback is always welcome. You can reply directly to this email, leave a comment on the post, or contact us at aspicts@substack.com
— The ASPI Cyber, Technology & Security Program
What happened: Nvidia is restarting production of its H200 AI chips for China after receiving US government approvals and purchase orders from Chinese customers. CEO Jensen Huang confirmed the move at Nvidia‘s GTC conference in San Jose. The restart follows a Reuters report that the US Commerce Department quietly withdrew a draft rule that would have replaced the Biden-era framework governing global AI chip exports — a framework the Trump administration had promised to overhaul.
Why we’re tracking this: The H200 restart is not the story. The withdrawn rule is. The US currently has no coherent replacement policy for controlling AI chip exports. Approvals are being granted case by case, company by company, in a regulatory vacuum. Allies, adversaries, and chipmakers are all trying to read what the rules actually are. That uncertainty is itself a strategic liability.
What people are saying:
Huang framed the restart as Trump policy, not just Nvidia business: “President Trump‘s intention is that the US should have a leadership position... he would also like us to compete worldwide and not concede those markets unnecessarily,” in Financial Times and Axios.
A former US official told Reuters the rule withdrawal “likely reflects differing views within the Trump administration on how to achieve global AI supremacy.”
Beijing has been slow to authorise imports at scale — a signal that China is in no hurry to become dependent on Nvidia while Huawei builds out domestic alternatives, per Financial Times.
My view: Ad hoc approvals with no rule are worse than a bad rule. Allies need to know what the framework is. Companies need to plan. Adversaries need to know where the line is. The Biden-era architecture is effectively dead; what replaces it is still unclear. If H200 shipments into China resume at sustained volume, it will confirm that Trump‘s approach to chip export controls is deals, not doctrine — and that is a fundamentally different kind of US industrial policy than anything that came before it.
— Stephan Robin, CTS
A weekly scan of notable developments we’re tracking across technology, policy, and geopolitics.
⸻
Nvidia CEO Jensen Huang said the company has restarted manufacturing of H20 AI chips for China after receiving new US export approvals and purchase orders from multiple Chinese customers in recent weeks, having paused production while export-licence reviews stalled and Chinese authorities were slow to authorise imports at scale. Beijing must still approve H200 imports before shipments can proceed at scale. Separately, the US Commerce Department withdrew a draft rule intended to replace the Biden-era AI chip export control framework — one that would have tied large export approvals to foreign investment in US data centres or government-to-government security guarantees — and said it is still working on a formal approach modelled on recent chip deals with Saudi Arabia and the UAE.
Hua Hong Group's Huali Microelectronics has developed a 7-nanometre process at its Shanghai plant, making it the second Chinese chipmaker after SMIC with that capability. Huawei has been collaborating on the technology and Biren is using the line for tape-out testing, with initial production capacity of a few thousand wafers per month planned by the end of this year.
Analysts and industry executives warned that the Iran war could disrupt the helium, sulphur and energy supplies that Taiwan and Europe rely on for chipmaking, raising supply risks for AI chips, smartphones, cars and other electronics. Taiwan said it has secured LNG for the near term, has already secured more than half its LNG needs for May and has decided to raise its statutory minimum natural-gas inventory to 14 days starting next year.
Google is in talks with China's Envicool and other Chinese suppliers about liquid-cooling equipment for AI data centres, reflecting tight global supply for systems needed to manage heat from dense compute clusters; Google's Taiwan procurement team travelled to China this month and Envicool has already built a coolant distribution unit to Google's specifications. Micron, meanwhile, said it completed the acquisition of PSMC's Tongluo P5 site in Taiwan and plans to build a second manufacturing facility there to expand supply of leading-edge DRAM and HBM, with construction scheduled to begin by the end of fiscal 2026.
The US Army awarded Anduril a contract worth up to $20 billion for software, hardware and services to speed delivery of technology to soldiers and reduce subcontracting costs, covering a five-year base period with a five-year optional ordering period. Gecko Robotics, meanwhile, won a $71 million US Navy deal to use inspection robots and AI to accelerate ship-repair planning and maintenance. Palantir demos, public documents and Pentagon records reviewed by WIRED show how the company's AI assistants could be used to interpret intelligence and generate military courses of action, build routes and assign jammers inside defence systems, with Anthropic's Claude or other third-party models potentially acting as the reasoning layer inside Palantir products used by US and NATO customers.
Reflection AI, backed by Nvidia, is partnering with Shinsegae Group to build one of South Korea's biggest AI data centres and develop models tailored to Korean language and culture, as part of a broader US push to export AI infrastructure to allies. The Commerce Department is developing an AI export programme that officials described as the template this deal is meant to support.
UK officials confirmed plans to buy more anti-drone Lightweight Multirole Missiles for forces in the Middle East after British units there shot down more than 40 drones launched by Iran or its proxies. London also sent additional planners to the Pentagon, put naval assets on standby, and convened British defence firms with Gulf diplomats to discuss faster supplies of defensive equipment. The UK also confirmed plans to buy more anti-drone lightweight multirole missiles for forces in the Middle East after British units shot down more than 40 drones launched by Iran or its proxies, while also sending additional planners to the Pentagon, putting naval assets on standby and convening British defence firms with Gulf diplomats to discuss faster equipment supplies. British officials also signalled to the Trump administration that the UK could provide assistance once hostilities cease.
Australian Defence Minister Richard Marles confirmed that intelligence gathered by an Australian Wedgetail surveillance aircraft deployed to support Gulf states is sent through the Combined Air Operations Centre in Qatar, where the US can access it. Marles argued the information-sharing is necessary for regional air defence, while critics said the arrangement undermines claims the mission is purely defensive.
The ABC found China-based suppliers listing one-way attack drones and Shahed-like systems on Alibaba while describing them publicly as commercial products for mapping or spraying; after being alerted, Alibaba removed the listings and suspended the sellers' accounts. Experts said dual-use drone proliferation is becoming harder to control.
Chinese officials are scrutinising Meta's $2 billion acquisition of Manus, a Singapore AI startup with Chinese roots, and are reportedly attempting to penalise people linked to the deal to discourage Chinese AI executives from moving businesses offshore. Officials are examining whether the transaction violated Chinese export-control and outbound-investment rules.
British officials suspect China is using the UK's freedom of information system to gather unclassified but sensitive defence and national-security data that can be assembled through the "mosaic effect" into sensitive intelligence, with the government concerned that weak identity checks make hostile-state collection difficult to detect. Officials are set to investigate whether further safeguards are needed.
⸻
A free model called Hunter Alpha appeared anonymously on OpenRouter with a claimed 1 trillion parameters and a 1 million-token context window, sparking speculation it could be an early DeepSeek release. Neither DeepSeek nor OpenRouter identified the developer, and engineers remain divided on whether the model matches DeepSeek's expected architecture. Chinese media have reported that DeepSeek's next-generation V4 model could launch as early as April.
OpenClaw has gone viral in China, spawning installation tours, consultants and local clones from Tencent, ByteDance, Alibaba and Moonshot as consumers and investors chase AI agents. Local governments are offering subsidies and vouchers to projects built around the tool, while Chinese regulators have warned about data-breach and permission risks. Tencent launched a nationwide tour this month to help people install OpenClaw in 17 cities, and a Hangzhou district pledged up to Rmb20 million a year to help companies pay for computing power.
An internal Meta agentic AI sparked a security incident by answering another employee’s forum query without being asked and advising an action that temporarily gave some engineers access to systems they should not have seen, according to Engadget citing The Information. Meta said no user data was mishandled and the exposure lasted about two hours.
Jeff Bezos is in early talks to raise $100 billion for a fund that would acquire manufacturing companies in chips, defence and aerospace and use AI to accelerate automation and efficiency. The effort is linked to Project Prometheus, an AI startup Bezos co-leads that is also separately in talks to raise up to $6 billion; it is developing models to simulate the physical world for engineering and design, with an initial focus on selling software tools for engineering simulation.
Samsung said it is considering a shift toward multiyear memory-chip contracts lasting three to five years, moving away from the current quarterly or annual norm as AI-memory demand stays high and shortages worsen.
⸻
Researchers at Google, iVerify and Lookout identified a Russian-linked group designated UNC6353 using a new iPhone exploit toolkit called Darksword against people in Ukraine. The web-delivered kit can compromise iPhones running most of iOS 18, stealing passwords, messages, photos and other data, and may also target cryptocurrency wallets. WIRED further reported that the researchers found the full exploit code exposed on compromised sites — making reuse by other actors easier — and that campaigns have targeted victims in Ukraine, Saudi Arabia, Turkey and Malaysia.
The European Union sanctioned China-based Integrity Technology Group and Anxun Information Technology, plus Iran's Emennet Pasargad, over cyberattacks and disinformation campaigns targeting member states, with measures including asset freezes, travel bans and a prohibition on EU funds reaching the sanctioned entities. EU governments additionally sanctioned Emennet Pasargad specifically for hacking Charlie Hebdo subscriber data and advertising the stolen information for sale, alongside Anxun and its co-founders.
ProPublica reported that FedRAMP reviewers found Microsoft‘s GCC High cloud security documentation too weak to assess encryption and overall risk, yet the product still received authorisation because it was already deeply deployed across US government and defence systems. The reporting also describes years of stalled review, pressure from Microsoft and agencies, and later staffing cuts that left FedRAMP with minimal capacity.
Russia‘s Kremlin has overseen mass mobile-internet blackouts in Moscow since early this month, with traffic in central areas down sharply as authorities expand a whitelist model that leaves only approved sites accessible; the Kremlin said the measures will remain in place “as long as necessary.” Iran, meanwhile, sharply tightened already severe internet restrictions in the 48 hours before Chaharshanbe Suri, cutting approved messaging apps and selective-access SIM cards, with activists and network monitors saying the move appeared aimed at preventing unrest during a festival that has previously triggered nationwide protest.
⸻
FBI Director Kash Patel told senators the bureau is buying commercially available information that can be used to track people’s movements and location history — the first confirmation since 2023 that the agency is actively doing so. TechCrunch additionally reported that the admission reignited debate over agencies using data brokers to bypass the warrant requirements that apply to telecom providers. The Government Surveillance Reform Act, introduced last week, would require federal agencies to obtain a court-authorised warrant before buying Americans’ personal information from data brokers.
Intellexa founder Tal Dilian said his company supplied surveillance technology only to authorised governments and law-enforcement agencies, a statement that reignited claims the Greek government was behind the Predator spyware scandal. The remarks came weeks after a Greek court convicted Dilian and three others over surveillance of targets across politics, civil society and the military. The defendants have the right to appeal, and prosecutors argued the trial evidence warrants further investigation into possible espionage charges.
⸻
The New York Times identified more than 110 unique AI-generated images and videos about the Iran war that were viewed millions of times across X, TikTok, Facebook and private messaging apps. A majority of the content pushed pro-Iran narratives and many fakes exaggerated destruction or falsely depicted military strikes. Donald Trump accused Iran of using AI-generated content to exaggerate wartime success, and accused Western media — without evidence — of spreading “fake news” in coordination with Tehran. His comments came amid renewed pressure from the FCC on broadcasters over war coverage, while Reuters said it verified some imagery and found no Western reports matching one of Trump’s cited claims.
A Times of Israel military correspondent said Polymarket bettors bombarded him with emails, doctored screenshots, bribe offers and death threats after he reported that an Iranian missile struck near Beit Shemesh. The threats were tied to a prediction-market contract about whether Iran had struck Israeli soil that day, and he said police are investigating.
⸻
Meta said it will remove end-to-end encryption from Instagram direct messages after May 8, telling affected users to download their chats after saying very few people opted in to the feature. Platformer reported that Meta never fully rolled the feature out and linked the retreat to child-safety pressure and earlier internal objections, even though the company had once described encrypted messaging as a core privacy commitment.
The UK Financial Conduct Authority found that 1,052 unauthorised foreign-exchange and CFD ads appeared on Meta’s platforms in a single November week, including many from advertisers it had already flagged to the company. Ofcom‘s power over paid-for scam ads under the Online Safety Act has been delayed until at least 2027, and Fraud Minister David Hanson said he will keep pressing Meta and other platforms until the provision takes effect.
The European Commission said X has submitted remedies to change its blue-check verification system in the EU after being fined €120 million under the Digital Services Act for selling verification badges that Brussels argued misled users into treating paying accounts as trustworthy; the Commission said it will assess the proposed remedies.
Meta, separately, said it will reduce its reliance on third-party content moderators and expand the use of large-language-model-based AI to detect and remove policy-violating posts across its apps, saying the new tools perform better in areas including scams, celebrity impersonation and adult sexual solicitation, while human reviewers remain responsible for nuanced and high-risk decisions.
Apple lowered its standard mainland China App Store commission to 25% from 30% and cut the mini-app rate to 12% from 15% after discussions with Chinese regulators, easing pressure from Beijing and reducing friction with companies including Tencent and ByteDance over payments and app distribution. CEO Tim Cook appeared at an Apple event in Chengdu amid continued antitrust pressure over fees, third-party payment restrictions and platform rules in China.
Whistleblowers told the BBC that Meta and TikTok accepted more harmful or borderline content because outrage drove engagement and competition for user attention, especially after TikTok’s rise. Internal documents and dashboards cited by the BBC showed higher levels of hostile content on Reels and cases where TikTok reportedly prioritised some political complaints above serious youth-safety reports.
⸻
The US Justice Department argued in court filings that Anthropic‘s lawsuit over its Pentagon “supply chain risk” designation should fail, saying the company’s insistence on limits for autonomous weapons and domestic surveillance made it an unacceptable security risk, with agencies already working to replace Anthropic’s tools with systems from Google, OpenAI and xAI. In a separate filing, the Pentagon said Anthropic’s use of foreign workers, including Chinese nationals, creates adversarial risk under China’s National Intelligence Law and constitutes broader national-security concerns beyond policy disagreements alone, though it said it is still relying on Anthropic’s tools and may extend the offboarding deadline; a hearing on Anthropic’s request for temporary relief is scheduled for Monday.
Technology companies including Microsoft, Amazon, Google, OpenAI and Palantir have given varying degrees of behind-the-scenes support to Anthropic, fearing the precedent the designation could set for firms that impose limits on military or surveillance use of AI, while the White House is preparing an executive order that could ban Anthropic across government systems as early as this week. Anthropic’s Jack Clark, separately, held a closed-door briefing with the bipartisan House Homeland Security Committee this week, focusing mainly on model distillation, export controls and national-security issues.
A federal judge said Elon Musk‘s $134 billion damages model in his case against OpenAI and Microsoft appeared unpersuasive and based on “numbers out of the air,” but allowed the testimony to go to a jury. The model underpins Musk’s fraud claims over OpenAI’s shift away from its nonprofit origins, with trial set for late April.
Three Tennessee teenagers sued xAI, alleging Grok tools were used to generate nude child sexual abuse material from their real photos and that the images spread through Discord and Telegram. An Ars Technica report on the same case notes that the plaintiffs are seeking damages and an injunction covering all minors harmed by the alleged conduct, and that police linked one perpetrator to Grok-enabled tools.
Closing arguments finished in a Los Angeles bellwether case where a young woman says Instagram and YouTube addicted her and worsened depression and suicidal thoughts, with the outcome expected to shape how thousands of similar lawsuits against social-media companies may unfold. The jury began deliberations on Friday.
Florida lawmakers failed to pass Governor Ron DeSantis‘s AI Bill of Rights after House Republicans aligned with Donald Trump‘s pro-AI stance blocked the measure, exposing a split in the party over state AI regulation. The legislature did, however, pass a separate bill to limit how data centres can raise electricity and water burdens for consumers.
The UK government abandoned its preferred plan to let AI companies train on copyrighted works unless rights holders opted out, after backlash from artists and creative-industry groups. Ministers said they now have no preferred option and will delay copyright reform until they are confident it will meet economic and public-interest goals.
Encyclopedia Britannica and Merriam-Webster sued OpenAI in Manhattan federal court, alleging it copied nearly 100,000 encyclopedia and dictionary entries to train ChatGPT and then reproduced near-verbatim outputs that diverted traffic. OpenAI said its models are trained on publicly available data and grounded in fair use; Britannica is seeking damages and a court order blocking the alleged infringement.
⸻
Reuters reported that Meta is planning layoffs that could affect 20% or more of its workforce as it tries to offset rising AI infrastructure costs, with no date set and the final scale not yet determined, even as the company plans to invest $600 billion in data centres by 2028.
Ramp customer data cited by Axios shows Anthropic now captures more than 73% of spending by companies buying AI tools for the first time, reversing a split that favoured OpenAI in December. OpenAI said it is on pace to generate $25 billion in revenue this year versus Anthropic’s $19 billion, and is considering a strategy shift toward enterprise customers.
Sydney-based Advanced Navigation raised A$158 million at a valuation above $1 billion, making the AI-assisted navigation company Australia’s newest tech unicorn, with the funding set to back US and UK expansion, acquisitions and growth in defence and industrial contracts. The Wall Street Journal reported the company expects to make more than $100 million in sales this year, with founders expecting either an IPO or a sale within three to five years.
The European Commission unveiled “EU Inc.”, a package intended to let startups incorporate once under a single EU-wide regime, operate across the bloc and use EU-wide employee stock-option plans, with Brussels saying the goal is to cut administrative burdens and help European firms scale against US and Chinese competitors. European businesses, meanwhile, told the Financial Times that a rapid push for tech sovereignty away from US software, cloud infrastructure and AI services would be costly and disruptive, saying Europe lacks mature substitutes for many US offerings; the Commission is due to present a “tech sovereignty package” next month.
Lenders and brokers told the Financial Times that many AI data-centre projects are too large to secure full replacement-value insurance, leaving investors reliant on partial cover or maximum-foreseeable-loss policies, with the mismatch already deterring some debt providers from financing projects.
Hyperliquid‘s 24/7 oil perpetual futures saw heavy activity as traders reacted to the Iran war before conventional commodity markets reopened, with the article framing the growth as an early sign of convergence between tokenised finance and mainstream commodities trading.
⸻
Australia’s eSafety regulator said child sexual exploitation material is more readily accessible on X than on any other mainstream platform and that its efforts to address the problem have been inadequate. Documents obtained under FOI also show eSafety is investigating xAI over Grok being used to generate similar material. X is challenging the relevant online safety standards in the Federal Court, with a hearing set for May. Australia’s eSafety commissioner also said the agency is intensively investigating whether platforms are taking reasonable steps to detect and deactivate under-16 accounts under the social-media age ban, with fines of up to $49.5 million available. eSafety said it will provide an official update on the ban’s performance at the end of March, while an expert panel will follow 4,000 children for more than two years to measure the long-term effects of the legislation.
The World Happiness Report 2026 said heavy social media use appears to be contributing to lower wellbeing among young people, with girls affected disproportionately, linking heavy use to sextortion, cyberbullying, depression and anxiety, while noting that some regions showed positive associations between social media use and wellbeing.
⸻
🇦🇺 Australia
New South Wales began rolling out digital birth certificates through the Service NSW app, becoming the first Australian jurisdiction to offer them. The initial rollout covers people aged 16 to 21 who already hold a NSW driver’s licence or photo card.
🇺🇸 United States
OpenAI signed a new contract with AWS to sell AI services to US government employees for both classified and unclassified work, creating a path to Pentagon and civilian contracts outside the company’s prior Microsoft-only hosting arrangement. To serve civilian agencies with unclassified work on AWS, OpenAI still needs a waiver from Microsoft.
🇬🇧 United Kingdom
The UK announced £1 billion in new quantum-computing funding alongside an already-announced £1 billion for applications, as ministers said Britain should avoid losing talent and companies the way it did in AI. The money is intended to help firms design large-scale machines and support uses in finance, pharmaceuticals and energy, with the government wanting a domestic cutting-edge quantum computer by the beginning of the next decade.
A UK parliamentary committee urged the government to immediately ban crypto donations to political parties until stronger safeguards are in place, warning that foreign-influence risks are rising and current screening is likely incomplete. The report specifically highlighted growing concern about outside attempts to shape British politics, with the committee noting those risks are likely to grow as the next general election approaches.
🇨🇳 China
China approved Borui Kang‘s invasive brain-computer interface system for commercial sale — the first approval of its kind for a BCI medical device globally. The wireless system is designed for some patients with cervical spinal cord injuries to help restore hand-grasping ability, and a leading BCI expert told Reuters that China could see the technology move into practical public use within three to five years.
🇮🇳 India
India’s government privately proposed in January that Apple, Samsung, Google and other phone makers consider pre-installing the Aadhaar biometric ID app on smartphones, according to industry letters reviewed by Reuters. Smartphone companies, through industry body MAIT, opposed the proposal, citing security concerns, added production costs and the need for separate India-specific production lines.
That’s all for this week. For more timely analysis and commentary, check out The Strategist and ASPI’s Stop the World podcast—or our other Substack newsletters:
Share
