Plans to install gas and electricity smart meters in every home by 2020 pose a "national cyber security risk" because the devices could be hacked into, one of the government's own data security consultants has warned.

Experts say the compulsory monitors, designed to reduce energy consumption, could be programmed to cripple the national grid or to steal valuable household data, breaching the privacy of millions.

The government wants every home in Britain to have the devices, which give users information on how to save energy and send real-time data direct to utility companies, eliminating the need for customers to stay at home for meter readings or to receive estimated bills.

They also pave the way for a national 'smart grid', backed by David Cameron's Conservatives, which would use the data to manage national demand more efficiently and advise households when it is cheapest to switch on appliances.

However, smart meters can be infected with a 'worm', similar to the viruses that attack personal computers, which can spread from one smart meter to the whole grid.

Experts say the compulsory monitors, designed to reduce energy consumption, could be programmed to cripple the national grid or to steal valuable household data, breaching the privacy of millions.

The government wants every home in Britain to have the devices, which give users information on how to save energy and send real-time data direct to utility companies, eliminating the need for customers to stay at home for meter readings or to receive estimated bills.

They also pave the way for a national 'smart grid', backed by David Cameron's Conservatives, which would use the data to manage national demand more efficiently and advise households when it is cheapest to switch on appliances.

However, smart meters can be infected with a 'worm', similar to the viruses that attack personal computers, which can spread from one smart meter to the whole grid.

Once hacked, the devices could infect Britain's entire grid or cause individual customers to be cut off.

The government has been warned it must tighten the security of the devices to protect households and small businesses before proceeding with the scheme, which is being trialled in 17,500 homes in the UK.

"There are already around 40 million smart meters in use worldwide and, even at this early stage, we have seen a number of security breaches," said Ian Watts, head of energy and utilities at Detica, the British data security firm. "These have included insecure meters, hacking of customer details, denial of service attacks and suspected infiltration by foreign intelligence services."

He added: "The utilities network has been defined by the Government as a key part of the Critical National Infrastructure. The impact of any large-scale power cut could not only put lives at risk but be potentially paralysing for the economy. Whilst there are many potential benefits of smart meters that justify their introduction, we must be aware it also brings new risks and should therefore 'design in' security from the outset to guard against this."

Detica, which already advises the Ministry of Defence and the Ministry of Justice, has submitted its warnings to a consultation being carried out by the Department for Energy and Climate Change (DECC).

The submission said a smart grid would "provide significant benefits to GB PLC [but] may expose the Critical National Infrastructure to a greater degree of risk through cyber-attack." It added: "The Dutch and German smart metering programmes were disrupted by data protection challenges from customers, civil rights groups and politicians. GB may follow suit as public concerns over the 'surveillance society' grow."

Another security firm, IOActive, proved the weakness of smart meters by developing its own worm, successfully infiltrating a network of the devices in the United States.

"We can switch off hundreds of thousands of homes potentially at the same time," said Mike Davis, a senior consultant at the Seattle-based firm.

Consumer Focus, the watchdog, has also expressed concern about the privacy implications of the meters, which collect data on energy consumption to help households identify which appliances are most expensive to run and at which times of day.

It also says consumers are "at risk of unfair, excessive, inequitable and inefficient charging" because energy companies could use the new data to introduce more complex tariffs to maximise profits at peak times.

The government has yet to decide who will pay for replacing Britain's 47 million meters, which could cost up to £8bn over the next 20 years. Its preferred option is for the cost to be met by energy firms, who stand to gain the most from meters as they remove the need to employ meter readers or calculate estimated bills.

Steve Brain, analyst with metering firm Meter-U, said the security concerns were similar to those with online banking or mobile phones. "It is really no different from any other data communications issue, and we would expect to see similar security measures being taken with the meters," he said.

He added that the amount of data generated by the smart meters, which measure household consumption every 30 minutes, meant it would have to be "carefully managed".

He said: "Currently the data from over 45 million meters is collected twice a year and then processed. With the new meters there will be 48 readings every 24 hours from each meter which is a massive increase in data processing."

The DECC said it was aware of the security concerns, adding that the specification of smart meters and the extent of their application in the home had yet to be decided.