The attack by computer hackers on the world's leading anti-hacker unit last week showed that nothing is impregnable in cyberspace. The US government-funded Cert co-ordination centre was paralysed by a flood of bogus email data requests. The attack was the culmination of a dramatic surge in computer onslaughts in the last four weeks. High-profile UK victims included ITN and BT.

Even www.attrition.org, the website that monitors this sinister activity, has confessed that the 'burden of keeping up with all the busy hackers out there has finally become intolerable'.

Attrition has monitored more than 100 website defacements a day, three times the combined total for 1995 and 1996 - statistics that are sobering for any business developing a commercial website.

In 1999, 273 organisations reported $265 million in losses from security breaches, according to the FBI. Most losses were the result of financial fraud and the theft of proprietary information.

In turn, the spread of com puter crime has created a boom for companies offering IT security solutions. Research company IDC predicts that the global market for outsourced security services will grow from $5.5 billion in 1999 to $17.2bn in 2004.

Globalism has created its own digital nervous system. We don't realise that when we connect to the internet from home, someone may be watching our every move.

In California, wireless technology has created the latest fashion in drive-by crimes. All it requires is a Palm Pilot type device with a plug-in wireless network card. An opportunistic hacker can simply park outside any promising corporate target and invisibly log on to any conveniently open and unsecured wireless network gateway. Within minutes the company network and the information it holds will be 'owned' by the hacker, who may simply be carrying out the exercise for personal amusement.

A close encounter of this kind becomes even more serious, if the target happens to be a government agency - or a leading software company: the most recent victim was Microsoft, from whom valuable product information was stolen.

If Microsoft can't defend itself against a determined intruder, who can? Only this month the company's UK website was defaced by the hacker group 'Prime Suspectz' with a simple redirect page and the unremarkable message: 'Thank you for visiting. You are now being redirected to the Microsoft UK website. Please click here if you are not redirected within 5 seconds. ©2000 Microsoft Corporation. All rights reserved.' In the lower left-hand side of the page was the legend 'Prime Suspectz owned Microsoft again!!!'

While the 'old economy' crime of physical theft of IT equipment remains lucrative, the internet is catching up as the preferred environment for the clever criminal. Cybercrime is 'clean' - there is no risk of physical violence and personal danger is low in contrast with other crimes.

Information theft (especially of credit card numbers) by physical or electronic means is increasing. Research suggests that consumer confidence has been shaken by reports of high-profile web crimes and that online fraud schemes are constantly being developed that cannot be tackled by traditional detection.

This has led to a demand for internet-specific screening systems.

A report from CyberSource suggests that vendors and consumers should be educated about security processes, but that there will be a high cost to businesses if they decline all but the safest orders in order to protect themselves from the risk of fraud. The preferred solution is for companies to limit their exposure by using new tools that analyse internet transaction risks.

Even though cybercrime is perhaps the fastest growing industry of the new economy, most businesses are still not taking adequate precautions. In the UK, companies still have a long way to go in grasping that simple anti-virus protection is where a security policy starts, not where it ends.

DK Mattai, managing director of Mi2G, a leading security risk consultancy, believes that many businesses have caught on to the havoc a virus infestation can cause and have responded accordingly with antivirus software.

But he observes that few companies recognise that a continuous cycle of security assessments is needed to monitor and update procedures and software, to best utilise firewalls and intrusion detection systems and thus to protect IT systems from hacks, cracks, viruses or disgruntled employees'.

Last month saw the much-publicised launch of the UK's own national Hi-Tech Crime Unit. With the blessing of the Home Secretary, 80 specialist officers and £25 million, its remit is broad and involves the investigation of two emerging types of criminal activity:

• New crimes, new tools: hacking, cracking and denial-of-service attacks.

• Old crimes, new tools: Crimes against the person using the internet and involving fraud, identity theft and stalking.

Asked whether it were possible, given the resources at his disposal, to both scale and tackle the growing and diverse internet crime danger, Detective Chief Superintendent Len Hynds, head of the Hi-Tech Crime Unit, said: 'The first challenge is, of course, to measure the scale of the threat. Then, and only then, can we begin to benchmark and prioritise activity.

'That said, no single organisation could hope to tackle alone all the crime problems posed by the internet. I'm optimistic that the multi-agency approach the unit represents can act as a catalyst.

But given the international nature of the problem, the concerns of Government and the economic threat that such virtual lawlessness represents, is the arrival of this relatively small and specialist police unit simply an example of trying to use a cork to plug a leaking dam?

Professor Jim Norton, head of eBusiness at of the Institute of Directors, thinks not: 'New tools provide new opportunities for old crimes; e-Business is no exception.'

The police and other agencies need new skills, approaches and tools to respond, but these must be proportionate to the risks involved. They must not impose unreasonable burdens on business or unduly infringe personal privacy.'

And therein lies the dilemma. The functionality of any system is inversely proportional to its security. It has to be a trade-off. Nothing can ever be 100 per cent secure in a wired world.

Promises of action and new legislation, even against the threat of paedophilia, as suggested by Home Secretary Jack Straw last week, can alert us to the scale of the problem, but there is little evidence that an explosion in internet-related crime can be contained, let alone defeated.

Brave words from politicians hold no currency in cyberspace. Its more lawless constituents have little reason for concern while they can operate, at will, from jurisdictions outside of the reach of western government agencies.

The internet has opened the lid on a Pandora's box of personal and commercial threats: its demons have been loosed upon us all .