Cyber criminals have managed to take control of a number of US and UK government PC's, using them in a two million strong botnet, says Finjan.
According to the security firm, machines within six UK government organisations had been taken over by the cyber criminals.
Once a machine has been recruited into a botnet, it is then instructed to download further malicious software which will allow hackers to access email addresses stored on the machine, copy sensitive files and data or even record keystrokes typed on the machine, which ensure bank accounts can be accessed.
Finjan discovered the hackers were selling access to the machines online for between $50 (£34) and $100 (£68) a time. The security company has since turned the details over to the Metropolitan Police, but the cyber criminals still remain at large.
Yuval Ben-Itzhak, chief technology officer for Finjan, told the BBC: "When we looked at the network domain names to see where the [compromised PCs] come from we were surprised to see many government networks, including UK government computers".
A Cabinet Office spokesman would not confirm or deny the attack.
"We constantly monitor new and existing risks and work to minimise their impact by alerting departments and giving them advice and guidance on dealing with the threat," he added.
See also: Hackers activate first Mac OS X botnet