First, an apology from the Business desk here at Times Online. If you have received an e-mail, apparently from our business@timesonline.co.uk address, this past week, then we hope that you will not have opened it, or any attachment therein.

Thing is, it probably was not from us, and we certainly have not been sending out virus-infected spam mails.

Yet, there has been some traffic from one of our business addresses in "spoofed" e-mails - someone, somewhere, has been passing themselves off as us. It was never like this for Meg Ryan.

Our highly trained, experienced technical experts, who beaver away throughout the day here in Pennington Street, tell us there is nothing we, or they, can do about this sudden splurge of bogus e-mails.

"The thing is," one of our teccies told me yesterday, "anyone can spoof an e-mail address. It's the easiest thing in the world to do."

And so, today, we receive the dire warnings from NISCC, the UK Government's National Infrastructure Security Co-ordination Centre, about the biggest co-ordinated attack the world has seen since Operation Desert Storm. The news smacks of the old wartime "Careless talk costs lives" poster, spreading a sort of online paranoia which could see all in-coming e-mails directed straight to the desktop trash bin.

But unlike previous such end-of-the-world-style warnings - do you remember the Millennium Bug? - this one should be taken entirely seriously.

"NISCC has been on to this sort of attack for months now," Jeremy Beale, the CBI's head of e-business, phones to tell us. "Just the release of their statement suggests that the scale of the attacks is getting massive."

"The attackers have taken this to a new level," Paul King, Cisco System's principle security consultant, says. "They've used social engineering and a lot of research to make sure that they target their attacks. That is the escalation that makes it worrying, because it makes it much more likely that people will click on the attachment which contains the Trojan."

And Steve Withers, the UK Manager for Radware, the technology security group, reiterates the warnings. Like a good techno-psychologist, he suggests that the first step in dealing with a problem is to admit that a problem exists. "Most organisations, especially in sectors such as finance, have historically been reluctant to to admit when they have been attacked," he says. "If we do begin to see companies admit they have been hit, it is likely to be just the tip of the iceburg. We are seeing an exponential rise in attacks." He predicts an 20-fold increase in attacks in the next two years.

Mr Withers explains that the proliferation of hacking attacks from Asia is because of the relatively large bandwidths available. Countries such as Korea are way ahead of the West in terms of internet speeds available to the public, offering 5Mb connections. Hackers need these resources to develop and spread malicious software.

So, without deliberately wanting to sound too much like something off the X-Files, the threat is out there. For new readers, the attacks are launched by an apparently innocent e-mail which, when opened, launches a sophisticated program - or Trojan horse - into the recipient's computer system, where it allows the hacker access.

More than 300 government departments plus businesses in the telecommunications, banking and finance, energy and transport sectors have been targeted by the hackers, who are believed to be based in Asia.

And therein lies the rub. The CBI is getting quite agitated about all this, and believes that Something Must Be Done. The Government, of course, is the organisation which should be doing it.

"The Computer Misuse Act needs updating desperately urgently," Mr Beale says. Until now, such calls have been fended off by the Government on the grounds that it is waiting for Brussels to amend the appropriate EU laws. "We could be in for a long wait in that case," says Mr Beale.

But as he points out, even if the authorities ever manage to catch up with the mystery Asian hackers, they will be virtually powerless to act against them. The law as it stands carries a maximum penalty of just one year in custody. It needs a minimum two-year jail sentence for the offender to be extradicted.

And then even if the offender is brought to this country for trial, in the event of a non-custodial sentence, the maximum fine for such attacks is £5,000. Estimates of the cost of e-crime in the UK is £2.4 billion a year - and rising. "The penalty needs to be proportional to the damage caused," Mr Beale says.

In the meantime, all business can do is continue to be vigilant, and ensure that their anti-virus software and firewalls are properly maintained. Not that this will deter all attacks. "CEOs assume that if they have a firewall in place they are safe, but 'application level' attacks, which include worms and viruses, pass through firewalls as they are embedded in e-mails which are allowed past them," Mr Withers says.

"But while business is right to be worried, it isn't all bad news. There is a massive amount of investment being made into fighting hackers, and as fast as attacks are made, security companies are snuffing them out."

If you have any comments on this latest hacker attack, then please do e-mail us at business@timesonline.co.uk - but please, don't try to include any attachments, because if you do, we won't be opening the e-mail.

Explore Industry Sectors

• Banking & Finance

• Construction & Property

• Consumer Goods

• Engineering

• Health

• Industrials

• Leisure

• Media

• Natural Resources

• Retailing

• Support Services

• Technology

• Telecoms

• Transport

• Utilities

Times Recommends

• BA chief waives bonus after T5 fiasco
• Prospects of cheaper loans hit as Libor soars
• Rice price dives as US and Japan set to unlock grain pact