'If you know the enemy and know yourself, you need not fear the result of a hundred battles.'

This classic quote from the 2500 year old Chinese book on military strategy, The Art of War by Sun Tzu, has been more recently applied to many areas of business.

In the IT world, perhaps it is appropriate to the most talked-about issue in the industry today - the fight against cybercrime.

We've all seen the popular Hollywood image of the hacker as a cool freedom fighter, battling the repressive forces of Big Business and Government. For the hassled IT director forced to repel their attacks, ranging from the merely annoying to the seriously malicious, the identity and motivation of this very modern enemy is more threatening.

According to Dr Peter Tippett, chief technologist at security specialist Trusecure, every internet address in the world is attacked in some form by a human being 40 or 50 times every day. But that's not all - every address is also hit five or 10 times every minute by an automated, computer-based attack. On average, 1500 web sites are defaced by hackers every day - half of which originate, for no obvious reason, from Brazil.

Clearly most of these attacks are harmless or easily repelled, but the scale of the problem is disturbing. So who are these people?

'If you think of street gangs in the movies, where they tell the new kid to steal from a corner shop to prove themselves - that notion of belonging and bravado and social acceptance is a major driver for all of this hacking activity,' says Tippett.

There are about one million people that would fit the 'cocktail party' definition of a hacker, he says. But most of these are children simply playing with the latest hacking tools available on the web - so-called 'script kiddies.'

The serious hacker community numbers around 11,000.

'These people are typically late teens or twenties - a notch up from script kiddies who tend to be younger,' says Tippett.

'It's 10 to one male to female. They tend to be the kind of nerdy, non-social people, although there's a lot who aren't. We've met lots who are intelligent, social, the sort of people you'd know at work and not suspect. They typically have an angry mentality, or the structure of their thinking doesn't comply with ours. How can they think what they do is right or justified?'

At the next level there is a hard core of a few hundred very technically adept hackers who create most of the attacks and the tools used for electronic crime. As many as 100 new attack tools are developed every month, and distributed over the web for the 11,000 - and the one million - to use as they choose. Organised crime groups tend to be expert users of these tools rather than creators of their own.

Terrorist groups looking to target cyber attacks at foreign countries are very unlikely to have any greater capability than already exists, says Tippett.

'The threat of cyber terrorism is not very real. If you add five bright guys from some extremist group with the same tools, how does that make it worse? Everybody is getting hit 40 or 50 times a day by all these other people. Adding one or two doesn't change things,' he says.

But these cybercrime tools aren't difficult to track down - a Google search for 'hackers' offers 4,250,000 possible web sites.

The mentality of the perpetrators often reflects the immaturity that Tippett describes.

According to www.hackers.com, hacking is about 'freedom of speech, freedom of information, ethics and satisfying curiosities.'

Its 'beginner's guide' says: 'Hacking is illegal because we demand free access to ALL data, and we get it.'

The site continues: 'There are only two ways to get rid of hackers. One is to get rid of computers and telephones, in which case we would find other means of getting what we want. (Like that is really going to happen). The other way is to give us what we want, which is free access to all information. Until one of those two things happen, we are not going anywhere.'

So, hackers simply liberate information. Rather like bank robbers just liberate cash.

But they can be beaten, and they can be caught.

Trusecure is one of the foremost hacker intelligence agencies, and has worked with the FBI and Scotland Yard to track down the culprits. The company employs a team of specialists who infiltrate the hacker 'underground' and track their activities and inter-relationships. A database, known as 'The Brain,' provides a comprehensive record.

'When you click on the name of a hacker it shows you all the people he tends to talk to and what subjects he tends to talk about, what groups he is in, who else is in those groups, what hacks he claims to have perpetrated. We add about 1,000 successful attacks a day to this database,' says Tippett.

Information discovered by the firm was instrumental in catching the writers of the Love Bug, Melissa and Anna Kournikova viruses.

The capture of the Dutch hacker that wrote Anna Kournikova shows how challenging the chase can be.

'Every message he posted on the internet relating to viruses or worms or hackers was sent anonymously through re-mailing services. But he didn't realise the time stamp he sent on the message was carried through and his clock was incorrect by enough that we could nail him down to 30 or 40 people in the Netherlands. We used linguistics to get it down to one person. He was interested in astronomy and Fisher turntables and those were messages he posted under his real name on the net,' says Tippett.

The volume of potential threats may be enormous, but only a few actually cause any harm.

Some 4,100 software vulnerabilities were discovered last year, but only 22 were used in an attack against any company, says Tippett.

Of the 6,000 vulnerabilities published in the previous 12 years, only 60 or 70 were used for an attack, he says.

And of all the internet worms that have spread, only three flaws were involved in all of them combined.

'If you know that, then you know you need to do things to make sure those are not a problem,' says Tippett.

Sun Tzu may not have anticipated fighting a hundred electronic battles an hour, but the IT community is doing its best to do just that.