Foreign intelligence agencies are targeting IT workers at big businesses, hoping to recruit them to gain privileged access to sensitive computer systems, MI5 has warned British corporate chiefs.
The growing threat is one of the main cyber concerns the Security Service has warned of in high-level conversations with executives in recent months, which are being held to make companies boost their digital defences, according to Whitehall officials.
The national security risk assessment classes cyber attacks as a tier 1 threat to the country, meaning that they are both likely to occur and to have a significant impact.
While many businesses have focused on improving their protections against external cyber attacks, far fewer have adequate internal protections in place to guard against malicious actions by their own staff.
Grooming a source with access to highly sensitive information used to be a process that Cold War spymasters would spend years orchestrating, but now, even the most junior IT employees can be highly coveted intelligence assets thanks to their often wide-ranging network privileges.
IT department employees have been recruited to help foreign spies gain sensitive personnel information, steal corporate or national secrets and upload malware, security officials believe.
The threat of hostile countries such as Russia, China or Iran recruiting insiders for such aims – often with significant financial inducements – is being taken seriously by other western intelligence powers too. “Insider threats are the growing challenge,” said Paul Stockton, who until last year was US assistant secretary of defence, with responsibility for homeland defence and security. “The threat of espionage did not end with the Cold War.”
The theft by the junior security contractor Edward Snowden last year of a huge trove of state secrets has drawn particular attention to the problem, even though Mr Snowden was not in the employ of a foreign power.
“The highest risk employees, they’re not necessarily those at the highest levels of an organisation,” said Mr Stockton, who is now managing director of risk consultancy Sonecon. “Rather it is systems administrators and others who hold the keys to the IT kingdom that pose such significant potential threats.”