Dobbins, who specialises in service-provider and enterprise security, says people can steal or extort your money or spy on you to get private financial and other data via the network.

"In principle, network security means confidentiality, integrity and availability of data. To be safe, we need common sense and a few simple tools and technology. For instance, we need anti-virus software to prevent other people from taking over our computers. That's just like a thief breaking into your house in the physical world. Your 'house' could be turned into a criminal's house for, say, drug dealing by using your computer for sending out all kinds of spam to other computers," he says.

"There are now many forms of online attacks. Murder may not be possible yet, but there's an unconfirmed report that when the worms cut down the Internet back in 2003, a cyber-racket in South Korea that regularly demanded protection money from Internet cafe operators was extremely upset that they did not get the usual money from an operator. So people were sent out to kill that operator.

"As you may be aware, cyber-cafes' margins are very thin. When the Internet was knocked out, these operators had no business and no money to pay for the cyber-racket's protection. While the story's unconfirmed, it could still possibly be an intersection of physical and digital threats," says Dobbins.

According to Greene, a Cisco security architect, gone are the days when computer hacking was done just for fun. Today, all network threats are driven by the chances of getting money illegally. For chief information officers or CIOs, the point isn't why their network hasn't been attacked yet, it's why the potential hackers have not yet figured out how to get money out of the network.

Hence all kinds of e-commerce sites - banking, stock trading etc - are vulnerable, as professional hackers constantly hone their skills by breaking into other networks.

Dobbins says a new method used by cyber-criminals to steal private financial and other information is to send out emails to the victims with links to what look like the legitimate websites of banks or government agencies but are in fact phoney look-alike sites.

In other words, the sites pretend to be the websites of your regular banks or state agencies so that they can lure unaware netizens into providing private and confidential data, such as bank account or passport numbers, for use in criminal rackets.

Greene says crimes such as theft, fraud, extortion and espionage in the virtual world are just like the crimes that we've been familiar with for thousands of years. The only difference is that they are now carried out through electronic networks.

While it's easy for law enforcement officials to understand these crimes, it's hard to catch the criminals largely because there are many levels of proxies behind the criminal activities and because the activities are easily global. In other words, any cyber-criminal can operate internationally.

So, what's the advice for netizens?

First of all, Dobbins and Greene urge that everyone be aware of the potential threats in the cyber-world.

Then, they should follow the best practice in network security. Their list of preventive tools and technologies include anti-virus, anti-spam and anti-phishing software, web browser protection, hard-drive encryption and regular backup.

Dobbins' laptop computer's hard drive unit is encrypted so that if the computer is stolen, the information on the drive cannot be accessed easily. Recently, the US government has also issued a requirement that the hardware on all state computers be encrypted, he notes.

The security specialist also recommends that copies of all really important data be stored in separate locations.

nop1122@yahoo.com