Why More Countries Can Now Spy on Your Phone—and What That Means

The UK's cybersecurity agency has raised an alarm about spyware spreading across the globe. One hundred countries now have access to tools that can hack into phones and computers, up from 80 just three years ago. The news came this week from the UK National Cyber Security Centre (NCSC) at a conference in Glasgow.

This matters because it used to take enormous resources—money, technical talent, military-grade technology—to spy on someone's phone. Now, commercial spyware tools make that capability cheap and easy to buy. It's like the difference between needing your own airline to travel versus booking a cheap flight online.

Spyware Is Getting Cheaper and Spreading Fast

Companies sell spyware tools in the open market. Tools like Pegasus (made by an Israeli company called NSO Group) are designed to break into phones without the user knowing. Governments buy them. Some smaller countries that never had the ability to build their own spyware can now buy it and use it.

Worth flagging: Early on, spyware targeted journalists, activists, and political opponents. Now it's being used to watch businesspeople and wealthy individuals too. That tells us the tools are becoming more common and finding their way into more hands.

This is not the first time we have seen this happen with technology. In the 1990s, advanced listening equipment spread the same way. In the 2010s, hacking tools did too. Once something becomes commercial, it's hard to keep it under wraps.

Governments, Not Criminal Gangs, Are Now the Bigger Threat

For years, the biggest cyberattacks on UK targets came from criminal groups—especially ransomware gangs demanding money. That is still a major problem. But the UK cyber agency now says that government-backed hackers are the main threat to the nation overall.

The UK experiences about four major cyberattacks every week, according to NCSC data. These attacks aim at hospitals, power grids, water systems, and other critical infrastructure. The attackers are patient and persistent, staying hidden inside networks for months or years.

What Governments Are Doing About It

The UK has partnerships with over 15 countries—including Ukraine and South Korea—to share information about cyberattacks and coordinate defenses. These partnerships are becoming more important as smaller nations gain access to advanced hacking tools.

The UK government also announced new measures earlier this year to respond faster when attacks happen, and it is training new cybersecurity professionals to protect public services. This speed matters more than ever as attacks become more frequent.

The Bigger Picture

Analysis: The jump from 80 to 100 countries with spyware access in just three years suggests this problem is speeding up. Traditional ways of controlling exports of dangerous technology are not keeping pace.

China is a particular concern, according to UK intelligence. Officials worry that China's size and technological power give it the ability to influence the internet itself. In 2022, spyware was discovered on computers connected to 10 Downing Street (the UK Prime Minister's office), and officials warned it may have come from China.

The UK also ranks as one of the top targets globally for cyberattacks, facing 100 million threats in recent months. This is because the country has valuable businesses, government agencies, and infrastructure.

In this author's view, the world is entering a new phase where advanced hacking tools are no longer just weapons for the richest, most powerful countries. Smaller nations, and potentially non-government groups, can now do things that used to require a superpower. That changes how companies and governments need to think about defense. It is no longer enough to protect only the most critical systems—ordinary organizations face threats that were once reserved for national security.