The UK National Cyber Security Centre has warned that more than 100 countries now own technology capable of hacking smartphones, computers and other devices. Officials shared this finding at the CYBERUK 2026 event in Glasgow on Wednesday, where experts gathered to tackle rising digital threats.
At the conference, NCSC leaders stressed that companies must wake up to these dangers or risk falling behind in a world full of sophisticated attacks.
Beyond the spyware surge, speakers at CYBERUK touched on other pressing issues. They noted a sharp rise in state-backed cyberattacks from nations like China, Iran and Russia, with the majority of serious incidents now linked to governments rather than criminal gangs. Officials also highlighted how artificial intelligence speeds up the discovery of software weaknesses while the UK government pledged extra funding to strengthen defences.
In addition, the NCSC urged organisations and users to adopt passkeys as the future of secure logins.
The centre serves as the UK’s national technical authority on cyber security. As part of the Government Communications Headquarters, it delivers guidance, tools and incident support to help businesses, the public sector and individuals protect the online services and devices everyone relies on.
Read more: Hackers steal 7.7 terabytes of sensitive LAPD documents
Spyware tools responsible for widespread surveillance
World governments have been turning to commercial spyware such as Pegasus from Israel’s NSO Group, Graphite from Paragon Solutions and Predator from Intellexa.
These tools often slip into devices through zero-click attacks that need no user action or via fake apps like cloned WhatsApp versions that victims sideload from unofficial sources.
Once inside, the software grabs messages, photos, contacts, location data and call logs. It can even activate microphones and cameras without anyone noticing.
Attackers frequently target journalists, activists, dissidents and now bankers or business executives. The malicious intent stretches far beyond fighting crime or terrorism.
Many states deploy the software for political espionage, to silence critics or to gather intelligence on rivals. Recent warnings show state-backed groups even focus on users of encrypted apps like Signal and WhatsApp by infecting the device itself rather than breaking the encryption.
What can everyday people do to protect themselves?
The average person cannot block every advanced state-level attack, but simple habits cut many risks. The NCSC recommends switching to passkeys wherever available because they resist phishing, cannot be guessed or reused and log you in up to eight times faster than passwords.
When passkeys are unavailable, using a password manager with strong, unique passwords and two-step verification can be beneficial. Keeping phones and apps updated, avoiding clicking suspicious links or scanning unknown QR codes and never installing apps from outside official stores is also recommended.
These steps block most common threats, though experts admit that highly sophisticated spyware remains difficult to defend yourself against.
⚡️🇮🇱JUST IN:
Israeli-linked spyware company Intellexa, founded by former Israeli intelligence officer Tal Dilian, was exposed for deploying Predator spyware that silently hacks smartphones worldwide. This is what Netanyahu means by: “If you have a phone, you’re holding a piece… pic.twitter.com/r1OdXM3YII
— Suppressed News. (@SuppressedNws1) December 6, 2025
Read more: Hackers stole US$20 million through ATM ‘jackpotting’ last year
Follow Rowan Dunne on LinkedIn
rowan@mugglehead.com
