IT staff are being targeted by foreign intelligence agencies seeking to steal intellectual property, Edward Snowden-style, and other information.
Alternatively, they might be used to help launch cyber attacks against critical infrastructure in the event of a cyber- or real war.
The warning was made this week by intelligence agency MI5, and follows “high level conversations” between security and defence officials and senior executives.
The government has stepped up efforts to improve cyber security at nationally important organisations, such as banks, utility companies and energy providers, some of which remain particularly vulnerable to damaging attacks, reports the Financial Times.
MI5 is concerned that while these organisations have improved their perimeter and overall security, they still remain vulnerable to classic insider-style attacks. The concern is that even relatively junior IT staff can theoretically access highly sensitive information relatively easily, due to their wide-ranging network privileges, without any checks or even auditing to uncover such activity.
The mass information leak by National Security Agency contractor Snowden highlighted how easily even an intelligence organisation could be compromised.
“The threat of espionage did not end with the cold war,” Paul Stockton, who was US assistant secretary of defence until last year, told the Financial Times.
He continued: “The risk continues to exist in the UK, the United States and all of our security partners that foreign powers will recruit insiders to serve the interests of those powers, either for ideological reasons or for money. There have been repeated incidences of this.”