UK Intelligence Warns 100 Countries Now Possess Spyware Capable of Hacking Phones

British intelligence has issued a stark warning: more than half of the world’s governments now have access to commercial spyware to hack phones and computers, marking a dramatic escalation in global surveillance capabilities. The UK National Cyber Security Centre (NCSC) is set to reveal that the number of countries wielding these invasive tools has jumped from 80 in 2023 to 100 today, according to a report by Politico.

This means that governments across every continent can now deploy sophisticated hacking software to break into devices, steal sensitive data, and monitor individuals without their knowledge. The barrier to entry for such technology has fallen significantly, making it easier for foreign adversaries and cybercriminals to target UK citizens, companies, and critical infrastructure.

The Expanding Threat of Commercial Spyware

Commercial spyware, developed by private firms like NSO Group (maker of Pegasus) and Paragon Solutions (creator of Graphite), typically exploits security vulnerabilities in phone and computer operating systems. Once installed, these tools can extract messages, contacts, passwords, and even record calls or activate microphones remotely.

While governments have historically claimed they only use such spyware against serious criminals or terrorist suspects, security researchers and human rights advocates have repeatedly documented misuse. Journalists, political dissidents, and human rights defenders have been targeted by authoritarian regimes using these very tools. Now, UK intelligence warns that the victim pool has “expanded” to include bankers, wealthy businesspeople, and other high-net-worth individuals.

UK Businesses Underprepared for State-Backed Cyber Attacks

Richard Horne, the head of the NCSC, delivered a sobering speech at the CYBERUK conference in Glasgow. He stated that British companies are “failing to grasp the reality of today’s world,” as the majority of nationally significant cyberattacks against the UK now originate from foreign adversarial governments—not criminal gangs. This shift underscores the need for businesses to bolster their defenses against state-sponsored hacking operations.

Horne’s remarks come amid ongoing intrusions linked to China, aimed at stealing sensitive data, spying on prominent individuals, and laying the groundwork for disruptive hacks that could hinder a Western military response in the event of a conflict over Taiwan. The UK is not alone in facing these threats; allied nations are also grappling with similar espionage campaigns.

The Leak of Powerful Hacking Tools

The danger isn’t limited to government use. Earlier this year, a hacking toolkit called DarkSword leaked online. This toolkit contained multiple exploits capable of breaking into modern iPhones and iPads. It allowed anyone—not just governments—to set up malicious websites that could hack Apple users who hadn’t installed the latest software updates.

This leak demonstrates a troubling reality: even tightly controlled hacking tools developed by or for governments can escape into the wild. Once leaked, they can proliferate uncontrollably, putting millions of people at risk from opportunistic cybercriminals. The DarkSword incident is just the latest example of how phone hacking tools can fall into the wrong hands.

What This Means for National Security

The expansion of commercial spyware access represents a significant shift in the global threat landscape. With 100 countries now possessing the capability to deploy spyware to hack phones, the potential for abuse is enormous. Governments can monitor not only criminals but also political opponents, activists, journalists, and business rivals. For the UK, this means that both state actors and non-state actors pose a credible threat to national security and economic stability.

Building on this, the NCSC is urging organizations to adopt stronger cybersecurity practices, including regular software updates, multi-factor authentication, and employee training on phishing risks. For more insights on protecting your organization, check out our guide on cybersecurity best practices for businesses. Additionally, learn how to identify potential spyware infections by reading our article on common signs your phone may be hacked.

As the line between government surveillance and criminal exploitation blurs, the need for robust digital defenses has never been more urgent. The UK government must also consider stricter regulations on the sale and export of commercial spyware to prevent further proliferation.

In conclusion, the revelation that 100 countries now possess spyware capable of hacking phones should serve as a wake-up call. Whether you’re a corporate executive, a journalist, or an ordinary citizen, the threat is real and growing. Stay informed, stay updated, and stay vigilant.