LAX controls over staff using social media could leave companies open to costly and damaging cyber attacks, according to security group the Scottish Business Resilience Centre (SBRC).

It said that while there was an ever-growing hacking threat from cyber-criminals, firms were now facing a risk from discontented or former staff with access to online accounts.

SBRC has now brought in a team of “ethical hackers” – students on placement from Abertay University’s Ethical Hacking and Countermeasures course – to lead the battle against attacks.

They will primarily target Scotland’s small and medium-sized enterprises (SMEs) and will offer a full assessment of social media use, highlight potential risks and offer suggestions to guard against cyber breaches.

Even with small firms, SBRC said business Twitter and Facebook accounts could be accessed by upwards of 12 people, which resulted in an “alarmingly high” chance of misuse where a company does not have a comprehensive staff policy.

If an individual has access to passwords, SBRC said it could lead to a range of issues, such as fleecing company finances, infiltrating confidential client accounts, or sabotaging operations.

Ethical hacker Greg Hyslop said: “When we go out on site-visits to Scottish businesses we find that there is a notable lack of confidence among heads of organisations when it comes to social media use.

“Much of that comes down to misunderstanding or a lack of control – and we can help solve that by presenting a range of solutions, such as individual portals and the proper use of permissions and protocols.

“Working with hackers can give businesses much greater confidence in the comments that appear under the business name on Twitter, Facebook and other business networking sites.

Director Mandy Haeburn-Little said: “We’d never discourage social media as a marketing channel – but rather want to highlight measures that give the business owner more control and confidence online. We also want the 341,000 SME’s that make up the backbone of the Scottish economy to know that help in the fight against cyber-crime is available.”