The internet and computers have brought many benefits to our lives but these new technologies have brought with them a new breed of criminal

It's becoming impossible these days to open the newspapers and not read about the latest crime to be committed in cyberspace: be it a new virus unleashed, a hacking attack on a prominent organisation, or even entire Internet services being crippled.

It is an unfortunate reality of modern life that for every new invention made to make our lives easier, criminal opportunists are never far behind and sometimes infront.

When car manufacturers fitted new safety systems to their models which inflated airbags and unlocked the doors in the event of a crash, it seemed a good idea enabling the emergency services to gain access to injured people without having to smash their way in.

But opportunist thieves soon realised that a sufficiently hard hit to a car's front bumper was just as good as having a key - the door locks would simply pop open.

A similar battle between innovators and criminals is being played out in the computer industry. And the stakes are high.

E-commerce is changing the way the world does business, an increasing number of companies and organisations are relying on e-mail to keep in contact with their customers and suppliers, government departments are making their services available online and it is now possible to visit your bank, your favourite shops and book a holiday by simply pressing a few keys on your computer keyboard.

But along with technical progress comes a new breed of criminal - the computer hacker.

Technically speaking a hacker is someone who is an adept computer programmer, but the term has been coined - mostly by the media - to describe those cyber terrorists who get their kicks from breaking into computer systems, defacing websites and generally causing chaos in the virtual world. Real hackers call these people 'crackers' and there is a constant battle being waged between those charged with Information Technology innovation and those who seek to undermine it.

Many hackers see it as a challenge to explore computer systems, but are not intent on causing damage. They breach security as a game but often only leave a small calling card, or no trace at all.

"But crackers are malicious hackers who hack for personal gain or to vandalise systems," according to one 'legitimate' hacker. "They're more categorised by their desire to do damage than by their programming skills.

They are not an honourable class, but are often teenage kids with so-so skills who have downloaded one of hundreds of programmes that allow you to enact certain damage without having any particular in-depth computing or programming skills. They're more members of a sub-culture. "The really adept crackers are few in number. These are people who really know how to break into systems. This requires a lot of study, a lot of intelligence, and a certain amount of sociopathy."

David Jensen, a Dubai-based IT marketing specialist uses the analogy of a break-in, which is essentially what hacking is, to explain. "If you consider hacking like a burglary, there are a lot who will gain entry and maybe kick over a flower pot in the lobby. But it's the few that go through the lobby, into the lift and start smashing up the boardroom that you really need to worry about."

But the reasons why hackers attack are wide ranging.

An Information Technology consultant breached the security of British internet service provider Redhotant to expose security lapses. He managed to obtain the names, addresses, passwords and credit card details of more than 24,000 people, including military scientists, government officials, and top company executives just to show it could be done.

He used a proxy, a device normally used for disguising the identity of a user, as an intermediary to search the site for files and soon found the customer database.

The hacker said breaching the site's security was 'child's play' in an anonymous interview with The Times newspaper in June. "It was like rooting around in bins for a key and then finding there was a wide-open side entrance," he said.

Even the might of Microsoft was called into question last September when a group calling itself Hackers Unite claimed it had breached Hotmail's security systems to demonstrate how poor its defences were.

Other 'ethical hackers' who say they are acting in the public interest are groups such as Hackers Against Child Pornography and Condemned.org which launch vigilante attacks to disable websites displaying illegal and indecent material.

But the vast majority of the headline grabbing attacks are not as well meaning.

A gang demanded a US$15 million ransom from Visa in December after claiming to have stolen vital information in a hacking raid. eUniverse was hit by a hacker who claimed to have stolen more than 300,000 credit card numbers. He went public with this information, a move which caused many to question how safe e-commerce transactions really are and it begs the question: How secure is the online business you last gave your credit card details to?

A cheeky teenage hacker from renowned group Global Hell pulled off a stunt of some magnitude by getting into 27 separate different Internet service providers in the US. One of these, Pacific Bell, was even forced to take the unusual step of asking customers to close down their accounts after the incident.

One of Britain's most popular ISPs was forced to take similarly drastic action after it discovered a breach of its online security. Virgin.net not only called in the police but had to issue 170,000 new e-mail passwords and even sent individual letters of apology to customers after e-mail and dial-up access were disrupted.

A 21 year-old British computer network engineer working for a Dubai construction company was arrested on suspicion of being one of the hackers involved and a criminal investigation is ongoing.

The two weeks of disruption meant thousands of Internet users in the UAE were unable to log onto the Internet for long periods and the damage cost millions of dirhams in lost time and left many users frustrated.

Anti-capitalism activists also showed they could Just Do It to sportswear company Nike when they took over Nike.com in June demanding 'global justice.'

"Global Justice is coming ? prepare now!" the hijacked site read before directing surfers to the website of an Australian organization called S-11 urging people to protest against the World Economic Forum being held in Melbourne, Australia, in September.

It seems that nobody is fully safe from hack attacks, and insurance companies are starting to start their own version of e-commerce by offering policies protecting companies against the financial damage hackers can cause.

The FBI was one of the first law enforcement authorites to start a special unit dedicated to patrolling cyberspace and was quick to offer its services to the government of the Phillipines as the search began for the author of the ILOVEYOU virus which swept its way through cyberspace like wildfire in May this year.

The worm-like 'Love Bug' was quickly announced as far more damaging than its Melissa predecessor and hit 200,000 mail hubs globally, including the British House of Commons, the White House, Pentagon, Merrill Lynch, Ford Motors, Switzerland's Credit Suisse, US military bases and many multinational companies.

It is estimated to have cost companies hundreds of millions of dollars in software damage and lost commerce and was soon given the tag 'The Killer from Manila.'

The ensuing publicity from such attacks gives hackers their '15 minutes of fame' and sparks others to follow suit. Soon after the declarations of love came a request for a job with the FW:CV virus.

Both came as e-mail messages which seemingly looked harmless when opened but invaded computer hard drives wiping out all MP3 files in seconds and automatically forwarded themselves to every address stored in the Microsoft Outlook programme to spread infection to the next computer, then the next...

But the legal authorities are clamping down and recent high profile cases in the US have included the jailing of 'Global Hell' hacker Chad Davis for six months for hacking into the US Air Force's network, the 'Web-Bandit' was sentenced to 15 months for hacking NATO websites and other hacking cases are pending.

The FBI also recently managed to track down a university student who later admitted in Boston Federal Court in June to breaking into US government computers including Defense Department and NASA systems.

Ikenna Iffih, a student at Northeastern University's College of Computer Science, pleaded guilty to a series of coast-to-coast cyber attacks in the US.

Under a plea deal, he faces up to 20 years in prison with a possible mandatory minimum sentence of six months, a fine of up to US$750,000 and three years of supervised release when he is sentenced on October 25.

The 29-year-old student also admitted hacking into Zebra Marketing Online Services (ZMOS), a Washington-state company that provides Web service to other firms.

Court papers showed the firm lost more than US$30,000 and took about 42 hours to return to minimal operations during the April 1999 attack. FBI agents were able to trace the break-ins to the NASA (National Aeronautics and Space Administration) computer, the Defense Department's Logistics Agency computer, and ZMOS system to the personal computer in Iffih's home in Boston.

"All in all, the defendant used his home computer to leave a trail of cybercrime from coast to coast," US Attorney for Massachusetts Donald Stern said.

Just as the new e-conomy is changing the way the world does business, it has also spurned new crimes and a whole new generation of computer companies offering network security solutions.

The police and telephone companies are arresting people and stopping a lot of cyber crime from happening with new technology making it easier to catch the criminals than before. But the battle between the hackers, legal authorities and online enterprises will continue in a vicious and costly circle - the more security put in place, the greater the challenge will be to the dedicated hacker.

Hacking in the UAE The United Arab Emirates has formed a committee to urgently draft legislation to tackle computer hacking as a result of the disruptions caused to the Internet service in June. Etisalat, which operates Internet services in the UAE through its subsidary company Emirates Internet and Multimedia, blamed the interuptions to the service on an "internationally dispersed group of Internet hackers, who have caused disruption not only to our operations, but to many other systems and networks worldwide." EIM general manager Maroua Naim added: "This is a menace and a threat that everyone on the Internet is continuously facing and fighting." A 21 year-old Briton allegedly traced by Etisalat and arrested by Dubai Police on suspicion of being one of the hackers involved has been charged under a 1991 law relating to the misuse of Etisalat's equipment, services or facilities. But his lawyer Dr Habib Al Mulla has stated in the local press that his client, who denys Etisalat's accusations, cannot have committed a criminal offence as there are currently no laws in the UAE governing cybercrime. He argues that his client has been charged under a 1991 law when the Internet wasn't even introduced to the UAE until 1995. Whether his argument will sway a judge if evidence of hacking is produced remains to be seen. But new laws are needed to classify cybercrime and determine penalties for it, especially at a time when the UAE is introducing e-government, e-commerce is developing and the first phase of the Dubai Internet City is set to open in October.