The UK's cybersecurity chief has warned that businesses and critical infrastructure are underestimating threats from spyware, as more governments gain access to powerful surveillance technology than ever before.
The UK government has raised alarms over the widespread proliferation of spyware capabilities among nation-states. According to the nation's cybersecurity leadership, approximately 100 countries now possess access to advanced surveillance tools capable of infiltrating mobile devices.
The warning comes as UK businesses and critical infrastructure operators are accused of failing to adequately assess the risks posed by such attacks. The cybersecurity chief emphasized that the threat level has intensified due to the increased number of governments holding access to these technologies.
Spyware of this caliber—often referred to as "lawful intercept" tools—can grant attackers comprehensive access to phone data including messages, calls, location data, and sensitive files. The technology has traditionally been associated with authoritarian regimes, but its proliferation across a larger number of states represents a notable shift in the threat landscape.
The warning suggests that organizations have not kept pace with the evolving security challenges. Critical infrastructure sectors, including energy, finance, and communications, are particularly vulnerable if they have not implemented robust defenses against sophisticated surveillance threats.
This disclosure aligns with growing international concern over commercial spyware products, such as NSO Group's Pegasus, which have been documented as being used by multiple governments for surveillance purposes. The UK's assertion that 100 countries possess similar capabilities indicates either wider distribution of existing tools or development of domestic alternatives.
The UK government has not provided specifics on which countries possess the technology or how it plans to address the vulnerability. However, the warning serves as a call for enhanced cybersecurity measures across both private and public sectors.
Organizations are being advised to strengthen their security posture against mobile device compromise, including deployment of advanced threat detection systems and employee security training.
Partnered Health, one of Australia's largest healthcare providers, has disclosed a cyber-attack affecting 21 clinics across Sydney, Melbourne, and Canberra. Personal information and medical records were compromised in the breach.
Security firm Intruder has developed an AI-powered system that automatically identifies previously unknown software vulnerabilities by combining code analysis with large language models. The tool already discovered and exploited a WordPress plugin zero-day.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.