The UK’s National Cyber Security Centre (NCSC), part of the intelligence agency GCHQ, is warning that around 100 states have acquired commercial spyware capable of breaching critical infrastructure, corporate networks, and private networks across the kingdom. That represents more than half of all countries in the world, and the barrier to accessing such technology is falling rapidly.
The tools in question include the well-known Pegasus and Predator, previously used against dissidents and now increasingly targeting bankers, top executives, and major businesses. Over the past year, the number of serious cyberattacks has doubled, with a significant share directed at government institutions; Russia, Iran, and China lead the list of threats. The NCSC links the rising risks to geopolitical instability and the advancement of AI, which is amplifying the scale of attacks.
Speaking at the CyberUK conference in Glasgow, NCSC Director Richard Horne urged businesses to prepare for large-scale strikes, particularly in the event of the UK becoming involved in international conflicts. Recommendations include strengthening defences and adopting schemes such as Cyber Essentials.